[FFmpeg-cvslog] escape124: fix integer overflow leading to excessive memory allocation
Michael Niedermayer
git at videolan.org
Wed Sep 19 02:32:43 CEST 2012
ffmpeg | branch: release/0.10 | Michael Niedermayer <michaelni at gmx.at> | Thu Aug 16 22:28:29 2012 +0200| [fcb8bbf26411d9abc71a9a6d74e44c81b6699983] | committer: Michael Niedermayer
escape124: fix integer overflow leading to excessive memory allocation
Fixes Ticket1629
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 3d7817048cb387de87600f2152075f78b37b60a6)
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 9f1e01c9915fe0c86ad2b8f50e11fee9e1b00c62)
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fcb8bbf26411d9abc71a9a6d74e44c81b6699983
---
libavcodec/escape124.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/escape124.c b/libavcodec/escape124.c
index d28d55d..f77edaf 100644
--- a/libavcodec/escape124.c
+++ b/libavcodec/escape124.c
@@ -48,7 +48,7 @@ typedef struct Escape124Context {
CodeBook codebooks[3];
} Escape124Context;
-static int can_safely_read(GetBitContext* gb, int bits) {
+static int can_safely_read(GetBitContext* gb, uint64_t bits) {
return get_bits_left(gb) >= bits;
}
@@ -90,7 +90,7 @@ static CodeBook unpack_codebook(GetBitContext* gb, unsigned depth,
unsigned i, j;
CodeBook cb = { 0 };
- if (!can_safely_read(gb, size * 34))
+ if (!can_safely_read(gb, size * 34L))
return cb;
if (size >= INT_MAX / sizeof(MacroBlock))
More information about the ffmpeg-cvslog
mailing list