[FFmpeg-cvslog] avformat/hevc: Check cpb_cnt_minus1

Michael Niedermayer git at videolan.org
Wed Jun 17 22:09:39 CEST 2015


ffmpeg | branch: release/2.2 | Michael Niedermayer <michaelni at gmx.at> | Tue May 12 19:09:06 2015 +0200| [55a9a373590b110e530531c4010fd271be5c93b0] | committer: Michael Niedermayer

avformat/hevc: Check cpb_cnt_minus1

Fixes CID1239014

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 2cddc0b19a20dd061dbf199bf88005b37c540d2f)

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=55a9a373590b110e530531c4010fd271be5c93b0
---

 libavformat/hevc.c |    9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/libavformat/hevc.c b/libavformat/hevc.c
index 41750fc..9d902e7 100644
--- a/libavformat/hevc.c
+++ b/libavformat/hevc.c
@@ -189,7 +189,7 @@ static void skip_sub_layer_hrd_parameters(GetBitContext *gb,
     }
 }
 
-static void skip_hrd_parameters(GetBitContext *gb, uint8_t cprms_present_flag,
+static int skip_hrd_parameters(GetBitContext *gb, uint8_t cprms_present_flag,
                                 unsigned int max_sub_layers_minus1)
 {
     unsigned int i;
@@ -246,8 +246,11 @@ static void skip_hrd_parameters(GetBitContext *gb, uint8_t cprms_present_flag,
         else
             low_delay_hrd_flag = get_bits1(gb);
 
-        if (!low_delay_hrd_flag)
+        if (!low_delay_hrd_flag) {
             cpb_cnt_minus1 = get_ue_golomb_long(gb);
+            if (cpb_cnt_minus1 > 31)
+                return AVERROR_INVALIDDATA;
+        }
 
         if (nal_hrd_parameters_present_flag)
             skip_sub_layer_hrd_parameters(gb, cpb_cnt_minus1,
@@ -257,6 +260,8 @@ static void skip_hrd_parameters(GetBitContext *gb, uint8_t cprms_present_flag,
             skip_sub_layer_hrd_parameters(gb, cpb_cnt_minus1,
                                           sub_pic_hrd_params_present_flag);
     }
+
+    return 0;
 }
 
 static void skip_timing_info(GetBitContext *gb)



More information about the ffmpeg-cvslog mailing list