[FFmpeg-cvslog] r21712 - in branches/0.5: . libavcodec/ffv1.c
siretart
subversion
Tue Feb 9 19:55:41 CET 2010
Author: siretart
Date: Tue Feb 9 19:55:41 2010
New Revision: 21712
Log:
Fix a possibly exploitable buffer overflow.
backported r18640 by michael
Modified:
branches/0.5/ (props changed)
branches/0.5/libavcodec/ffv1.c
Modified: branches/0.5/libavcodec/ffv1.c
==============================================================================
--- branches/0.5/libavcodec/ffv1.c Tue Feb 9 19:51:11 2010 (r21711)
+++ branches/0.5/libavcodec/ffv1.c Tue Feb 9 19:55:41 2010 (r21712)
@@ -248,10 +248,9 @@ static inline int get_symbol(RangeCoder
else{
int i, e, a;
e= 0;
- while(get_rac(c, state+1 + e)){ //1..10
+ while(get_rac(c, state+1 + e) && e<9){ //1..10
e++;
}
- assert(e<=9);
a= 1;
for(i=e-1; i>=0; i--){
More information about the ffmpeg-cvslog
mailing list