[FFmpeg-cvslog] apedec: check bits <= 32
Michael Niedermayer
git at videolan.org
Wed Mar 28 08:51:26 CEST 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Wed Mar 28 08:22:39 2012 +0200| [7a5e5872493ac91af65357680cf03456d0a4f1ff] | committer: Michael Niedermayer
apedec: check bits <= 32
Fixes FPE
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7a5e5872493ac91af65357680cf03456d0a4f1ff
---
libavcodec/apedec.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/libavcodec/apedec.c b/libavcodec/apedec.c
index 4a69571..907f45f 100644
--- a/libavcodec/apedec.c
+++ b/libavcodec/apedec.c
@@ -421,9 +421,12 @@ static inline int ape_decode_value(APEContext *ctx, APERice *rice)
if (tmpk <= 16)
x = range_decode_bits(ctx, tmpk);
- else {
+ else if (tmpk <= 32) {
x = range_decode_bits(ctx, 16);
x |= (range_decode_bits(ctx, tmpk - 16) << 16);
+ } else {
+ av_log(ctx->avctx, AV_LOG_ERROR, "too many bits\n");
+ return -1;
}
x += overflow << tmpk;
} else {
More information about the ffmpeg-cvslog
mailing list