[FFmpeg-cvslog] j2kdec: Check for interger overflow in tile array allocation
Michael Niedermayer
git at videolan.org
Sat Dec 24 18:53:09 CET 2011
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Dec 24 05:03:04 2011 +0100| [3132999fdb57d8d3ba5e08a4dc1b3661e885c04d] | committer: Michael Niedermayer
j2kdec: Check for interger overflow in tile array allocation
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3132999fdb57d8d3ba5e08a4dc1b3661e885c04d
---
libavcodec/j2kdec.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libavcodec/j2kdec.c b/libavcodec/j2kdec.c
index a8c0c52..c8dabc0 100644
--- a/libavcodec/j2kdec.c
+++ b/libavcodec/j2kdec.c
@@ -238,6 +238,9 @@ static int get_siz(J2kDecoderContext *s)
s->numXtiles = ff_j2k_ceildiv(s->width - s->tile_offset_x, s->tile_width);
s->numYtiles = ff_j2k_ceildiv(s->height - s->tile_offset_y, s->tile_height);
+ if(s->numXtiles * (uint64_t)s->numYtiles > INT_MAX/sizeof(J2kTile))
+ return AVERROR(EINVAL);
+
s->tile = av_mallocz(s->numXtiles * s->numYtiles * sizeof(J2kTile));
if (!s->tile)
return AVERROR(ENOMEM);
More information about the ffmpeg-cvslog
mailing list