[FFmpeg-devel] [PATCH] fix for cljr buffer overread (issue 2501)

Michael Niedermayer michaelni
Fri Jan 7 16:12:42 CET 2011


On Thu, Jan 06, 2011 at 06:03:33PM -0500, Daniel Kang wrote:
> The cljr decoder does not check to see if the resolution is larger than
> the buffer. For invalid headers, this causes ffmpeg to crash. The patch
> attached adds this check.
> 
> The roundup issue is 2501.

>  cljr.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 587a8b6e2ad44f687fb9b21fd06fb77fc7c678d9  cljr_buffer_check.diff
> From 9682909babc0a258d9bf30527aca6eae3c32f5f9 Mon Sep 17 00:00:00 2001
> From: Daniel Kang <daniel.d.kang at gmail.com>
> Date: Thu, 6 Jan 2011 17:36:54 -0500
> Subject: [PATCH] cljr buffer overread fix.
> 
> ---
>  libavcodec/cljr.c |    5 +++++
>  1 files changed, 5 insertions(+), 0 deletions(-)

lgtm if tested

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

He who knows, does not speak. He who speaks, does not know. -- Lao Tsu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20110107/36f881cf/attachment.pgp>



More information about the ffmpeg-devel mailing list