[FFmpeg-cvslog] avcodec/jpeg2000dec: add some sanity checking on newpasses

Michael Niedermayer git at videolan.org
Fri Jun 12 02:44:52 CEST 2015


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Fri Jun 12 02:02:04 2015 +0200| [b395fd3de7dab14841b3c7898aaea04d29c11bc7] | committer: Michael Niedermayer

avcodec/jpeg2000dec: add some sanity checking on newpasses

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b395fd3de7dab14841b3c7898aaea04d29c11bc7
---

 libavcodec/jpeg2000.h    |    2 ++
 libavcodec/jpeg2000dec.c |    5 +++++
 2 files changed, 7 insertions(+)

diff --git a/libavcodec/jpeg2000.h b/libavcodec/jpeg2000.h
index acdba62..46067c8 100644
--- a/libavcodec/jpeg2000.h
+++ b/libavcodec/jpeg2000.h
@@ -71,6 +71,8 @@ enum Jpeg2000Quantsty { // quantization style
 #define JPEG2000_MAX_DECLEVELS 32
 #define JPEG2000_MAX_RESLEVELS (JPEG2000_MAX_DECLEVELS + 1)
 
+#define JPEG2000_MAX_PASSES 100
+
 // T1 flags
 // flags determining significance of neighbor coefficients
 #define JPEG2000_T1_SIG_N  0x0001
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index aa6d8ec..099242d 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -805,6 +805,11 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s,
             }
             if ((newpasses = getnpasses(s)) < 0)
                 return newpasses;
+            av_assert2(newpasses > 0);
+            if (cblk->npasses + newpasses >= JPEG2000_MAX_PASSES) {
+                avpriv_request_sample(s->avctx, "Too many passes\n");
+                return AVERROR_PATCHWELCOME;
+            }
             if ((llen = getlblockinc(s)) < 0)
                 return llen;
             if (cblk->lblock + llen + av_log2(newpasses) > 16) {



More information about the ffmpeg-cvslog mailing list