[FFmpeg-cvslog] rpza: limit the number of blocks to the total remaining blocks in the frame
Anton Khirnov
git at videolan.org
Fri Mar 7 03:53:37 CET 2014
ffmpeg | branch: release/1.1 | Anton Khirnov <anton at khirnov.net> | Thu Nov 28 10:54:35 2013 +0100| [d2a065437a96b5ab73f15362fe3d5cde3c61f160] | committer: Luca Barbato
rpza: limit the number of blocks to the total remaining blocks in the frame
Fixes invalid writes.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable at libav.org
(cherry picked from commit 77bb0004bbe18f1498cfecdc68db5f10808b6599)
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d2a065437a96b5ab73f15362fe3d5cde3c61f160
---
libavcodec/rpza.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavcodec/rpza.c b/libavcodec/rpza.c
index 59b15c6..63ea706 100644
--- a/libavcodec/rpza.c
+++ b/libavcodec/rpza.c
@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <string.h>
+#include "libavutil/common.h"
#include "libavutil/internal.h"
#include "libavutil/intreadwrite.h"
#include "avcodec.h"
@@ -126,6 +127,8 @@ static void rpza_decode_stream(RpzaContext *s)
}
}
+ n_blocks = FFMIN(n_blocks, total_blocks);
+
switch (opcode & 0xe0) {
/* Skip blocks */
More information about the ffmpeg-cvslog
mailing list