[FFmpeg-cvslog] indeo4: fix out-of-bounds function call.
Ronald S. Bultje
git at videolan.org
Thu May 3 00:26:18 CEST 2012
ffmpeg | branch: release/0.10 | Ronald S. Bultje <rsbultje at gmail.com> | Wed Mar 21 10:39:10 2012 -0700| [3a4949aa50cc6058a7318763af00ece259aa6749] | committer: Reinhard Tartler
indeo4: fix out-of-bounds function call.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable at libav.org
Signed-off-by: Kostya Shishkov <kostya.shishkov at gmail.com>
(cherry picked from commit 68fd077f68bdde864bb7328d72a040849c616261)
Signed-off-by: Reinhard Tartler <siretart at tauware.de>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3a4949aa50cc6058a7318763af00ece259aa6749
---
libavcodec/indeo4.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/libavcodec/indeo4.c b/libavcodec/indeo4.c
index 573718e..3e8a398 100644
--- a/libavcodec/indeo4.c
+++ b/libavcodec/indeo4.c
@@ -372,7 +372,8 @@ static int decode_band_hdr(IVI4DecContext *ctx, IVIBandDesc *band,
if (!get_bits1(&ctx->gb) || ctx->frame_type == FRAMETYPE_INTRA) {
transform_id = get_bits(&ctx->gb, 5);
- if (!transforms[transform_id].inv_trans) {
+ if (transform_id >= FF_ARRAY_ELEMS(transforms) ||
+ !transforms[transform_id].inv_trans) {
av_log_ask_for_sample(avctx, "Unimplemented transform: %d!\n", transform_id);
return AVERROR_PATCHWELCOME;
}
More information about the ffmpeg-cvslog
mailing list