[FFmpeg-cvslog] bink: Prevent NULL dereferences with missing reference frame

Laurent Aimar git at videolan.org
Sat Oct 8 03:47:29 CEST 2011


ffmpeg | branch: master | Laurent Aimar <fenrir at videolan.org> | Tue Sep 27 22:15:31 2011 +0000| [c7e631986b4a326a71a20a1a51000f3fbf6e64e7] | committer: Janne Grunau

bink: Prevent NULL dereferences with missing reference frame

Signed-off-by: Janne Grunau <janne-libav at jannau.net>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c7e631986b4a326a71a20a1a51000f3fbf6e64e7
---

 libavcodec/bink.c |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/libavcodec/bink.c b/libavcodec/bink.c
index 1768373..e4fdf4c 100644
--- a/libavcodec/bink.c
+++ b/libavcodec/bink.c
@@ -950,8 +950,9 @@ static int bink_decode_plane(BinkContext *c, GetBitContext *gb, int plane_idx,
     for (i = 0; i < BINK_NB_SRC; i++)
         read_bundle(gb, c, i);
 
-    ref_start = c->last.data[plane_idx];
-    ref_end   = c->last.data[plane_idx]
+    ref_start = c->last.data[plane_idx] ? c->last.data[plane_idx]
+                                        : c->pic.data[plane_idx];
+    ref_end   = ref_start
                 + (bw - 1 + c->last.linesize[plane_idx] * (bh - 1)) * 8;
 
     for (i = 0; i < 64; i++)
@@ -980,7 +981,8 @@ static int bink_decode_plane(BinkContext *c, GetBitContext *gb, int plane_idx,
         if (by == bh)
             break;
         dst  = c->pic.data[plane_idx]  + 8*by*stride;
-        prev = c->last.data[plane_idx] + 8*by*stride;
+        prev = (c->last.data[plane_idx] ? c->last.data[plane_idx]
+                                        : c->pic.data[plane_idx]) + 8*by*stride;
         for (bx = 0; bx < bw; bx++, dst += 8, prev += 8) {
             blk = get_value(c, BINK_SRC_BLOCK_TYPES);
             // 16x16 block type on odd line means part of the already decoded block, so skip it



More information about the ffmpeg-cvslog mailing list