[FFmpeg-devel] [PATCH] Fix invalid reads in VC1 decoder

Reinhard Tartler siretart
Sat Feb 19 12:16:53 CET 2011


From: Reimar D?ffinger <Reimar.Doeffinger at gmx.de>

Patch discussed and taken from https://roundup.ffmpeg.org/issue2584
---
 libavcodec/vc1dec.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c
index 6707cde..7eb9576 100644
--- a/libavcodec/vc1dec.c
+++ b/libavcodec/vc1dec.c
@@ -1376,7 +1376,7 @@ static void vc1_decode_ac_coeff(VC1Context *v, int *last, int *skip, int *value,
     if (index != vc1_ac_sizes[codingset] - 1) {
         run = vc1_index_decode_table[codingset][index][0];
         level = vc1_index_decode_table[codingset][index][1];
-        lst = index >= vc1_last_decode_table[codingset];
+        lst = index >= vc1_last_decode_table[codingset] || get_bits_left(gb) < 0;
         if(get_bits1(gb))
             level = -level;
     } else {
-- 
1.7.0.4




More information about the ffmpeg-devel mailing list