OSDN Git Service
(root)
/
coroid
/
libav_saccubus.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
e69364b
)
fix exploitable buffer overflow
author
Michael Niedermayer
<michaelni@gmx.at>
Fri, 27 Apr 2007 12:41:55 +0000
(12:41 +0000)
committer
Michael Niedermayer
<michaelni@gmx.at>
Fri, 27 Apr 2007 12:41:55 +0000
(12:41 +0000)
Originally committed as revision 8850 to svn://svn.ffmpeg.org/ffmpeg/trunk
libavcodec/dca.c
patch
|
blob
|
history
diff --git
a/libavcodec/dca.c
b/libavcodec/dca.c
index
a547007
..
1c040e2
100644
(file)
--- a/
libavcodec/dca.c
+++ b/
libavcodec/dca.c
@@
-1089,6
+1089,9
@@
static int dca_convert_bitstream(uint8_t * src, int src_size, uint8_t * dst,
uint16_t *ssrc = (uint16_t *) src, *sdst = (uint16_t *) dst;
PutBitContext pb;
+ if((unsigned)src_size > (unsigned)max_size)
+ return -1;
+
mrk = AV_RB32(src);
switch (mrk) {
case DCA_MARKER_RAW_BE: