[FFmpeg-cvslog] ffv1: fix crash caused by version becoming inconsistent
Michael Niedermayer
git at videolan.org
Sat Jun 2 02:56:45 CEST 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Jun 2 02:21:30 2012 +0200| [97c281d5b7d1c4850a8ba7d9921137634224b2f3] | committer: Michael Niedermayer
ffv1: fix crash caused by version becoming inconsistent
Fixes part of Ticket1372
Found-by: Piotr Bandurski <ami_stuff at o2.pl>
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=97c281d5b7d1c4850a8ba7d9921137634224b2f3
---
libavcodec/ffv1.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libavcodec/ffv1.c b/libavcodec/ffv1.c
index bffd744..79409e2 100644
--- a/libavcodec/ffv1.c
+++ b/libavcodec/ffv1.c
@@ -1769,7 +1769,12 @@ static int read_header(FFV1Context *f){
memset(state, 128, sizeof(state));
if(f->version < 2){
- f->version= get_symbol(c, state, 0);
+ unsigned v= get_symbol(c, state, 0);
+ if(v >= 2){
+ av_log(f->avctx, AV_LOG_ERROR, "invalid version %d in ver01 header\n", v);
+ return AVERROR_INVALIDDATA;
+ }
+ f->version = v;
f->ac= f->avctx->coder_type= get_symbol(c, state, 0);
if(f->ac>1){
for(i=1; i<256; i++){
More information about the ffmpeg-cvslog
mailing list