[FFmpeg-cvslog] libavcodec/exr : fix channel size calculation for uint32 channel
Martin Vignali
git at videolan.org
Fri Nov 18 01:08:43 EET 2016
ffmpeg | branch: release/3.2 | Martin Vignali <martin.vignali at gmail.com> | Wed Nov 16 23:15:27 2016 +0100| [08f26d99b52f05a605247a7b3b6507ae6b541ef0] | committer: Andreas Cadhalpun
libavcodec/exr : fix channel size calculation for uint32 channel
uint32 need 4 bytes not 1.
Fix decoding when there is half/float and uint32 channel.
This fixes crashes due to pointer corruption caused by invalid writes.
The problem was introduced in commit
03152e74dfdc7f438cb4a10402c4de744e807e22.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
(cherry picked from commit 52da3f6f70b1e95589a152aaf224811756fb9665)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=08f26d99b52f05a605247a7b3b6507ae6b541ef0
---
libavcodec/exr.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/libavcodec/exr.c b/libavcodec/exr.c
index 51a8ee6..bc7e721 100644
--- a/libavcodec/exr.c
+++ b/libavcodec/exr.c
@@ -1448,7 +1448,11 @@ static int decode_header(EXRContext *s)
channel->xsub = xsub;
channel->ysub = ysub;
- s->current_channel_offset += 1 << current_pixel_type;
+ if (current_pixel_type == EXR_HALF) {
+ s->current_channel_offset += 2;
+ } else {/* Float or UINT32 */
+ s->current_channel_offset += 4;
+ }
}
/* Check if all channels are set with an offset or if the channels
More information about the ffmpeg-cvslog
mailing list