[FFmpeg-cvslog] avcodec/h264_ps: More completely check the bit depths
Michael Niedermayer
git at videolan.org
Fri Feb 13 20:59:55 CET 2015
ffmpeg | branch: release/2.4 | Michael Niedermayer <michaelni at gmx.at> | Fri Feb 6 04:11:56 2015 +0100| [3e46e3a33c84bf29e366b56fbe80bf58ba204eb7] | committer: Michael Niedermayer
avcodec/h264_ps: More completely check the bit depths
Fixes out of array read
Fixes: asan_static-oob_30328b6_719_cov_3325483287_H264_artifacts_motion.h264
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 69aa79365c1e8e1cb597d33e77bf1062c2ef47d4)
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3e46e3a33c84bf29e366b56fbe80bf58ba204eb7
---
libavcodec/h264_ps.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/h264_ps.c b/libavcodec/h264_ps.c
index 2013670..7c303d6 100644
--- a/libavcodec/h264_ps.c
+++ b/libavcodec/h264_ps.c
@@ -391,7 +391,8 @@ int ff_h264_decode_seq_parameter_set(H264Context *h)
"Different chroma and luma bit depth");
goto fail;
}
- if (sps->bit_depth_luma > 14U || sps->bit_depth_chroma > 14U) {
+ if (sps->bit_depth_luma < 8 || sps->bit_depth_luma > 14 ||
+ sps->bit_depth_chroma < 8 || sps->bit_depth_chroma > 14) {
av_log(h->avctx, AV_LOG_ERROR, "illegal bit depth value (%d, %d)\n",
sps->bit_depth_luma, sps->bit_depth_chroma);
goto fail;
More information about the ffmpeg-cvslog
mailing list