[FFmpeg-cvslog] 4xmdec: test version for cfrms, fix out of array accesses
Michael Niedermayer
git at videolan.org
Mon Nov 12 15:12:06 CET 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Mon Nov 12 14:56:07 2012 +0100| [c433823750bf096187e70c22822431a7c0bb4202] | committer: Michael Niedermayer
4xmdec: test version for cfrms, fix out of array accesses
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c433823750bf096187e70c22822431a7c0bb4202
---
libavcodec/4xm.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavcodec/4xm.c b/libavcodec/4xm.c
index bbf6d90..bd70692 100644
--- a/libavcodec/4xm.c
+++ b/libavcodec/4xm.c
@@ -811,6 +811,11 @@ static int decode_frame(AVCodecContext *avctx, void *data,
return AVERROR_INVALIDDATA;
}
+ if (f->version <= 1) {
+ av_log(f->avctx, AV_LOG_ERROR, "cfrm in version %d\n", f->version);
+ return AVERROR_INVALIDDATA;
+ }
+
for (i = 0; i < CFRAME_BUFFER_COUNT; i++)
if (f->cfrm[i].id && f->cfrm[i].id < avctx->frame_number)
av_log(f->avctx, AV_LOG_ERROR, "lost c frame %d\n",
More information about the ffmpeg-cvslog
mailing list