[FFmpeg-cvslog] avcodec/cinepak: fix integer underflow
Michael Niedermayer
git at videolan.org
Fri Nov 28 20:02:27 CET 2014
ffmpeg | branch: release/2.1 | Michael Niedermayer <michaelni at gmx.at> | Fri Oct 3 19:33:01 2014 +0200| [96357894ff9ac019edced85d51cf4a509c12116c] | committer: Michael Niedermayer
avcodec/cinepak: fix integer underflow
Fixes out of array access
Fixes: asan_heap-oob_4da0ba_6_asan_heap-oob_4da0ba_241_cvid_crash.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit e7e5114c506957f40aafd794e06de1a7e341e9d5)
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=96357894ff9ac019edced85d51cf4a509c12116c
---
libavcodec/cinepak.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/cinepak.c b/libavcodec/cinepak.c
index 082d0b2..d0d07bc 100644
--- a/libavcodec/cinepak.c
+++ b/libavcodec/cinepak.c
@@ -135,7 +135,7 @@ static int cinepak_decode_vectors (CinepakContext *s, cvid_strip *strip,
const uint8_t *eod = (data + size);
uint32_t flag, mask;
uint8_t *cb0, *cb1, *cb2, *cb3;
- unsigned int x, y;
+ int x, y;
char *ip0, *ip1, *ip2, *ip3;
flag = 0;
More information about the ffmpeg-cvslog
mailing list