[FFmpeg-devel] [PATCH 10/16] qtrle: check for invalid line offset
Michael Niedermayer
michaelni at gmx.at
Sun Oct 9 02:29:03 CEST 2011
On Sun, Oct 09, 2011 at 02:08:08AM +0200, Laurent Aimar wrote:
> On Sun, Oct 09, 2011 at 12:25:38AM +0200, Reimar Döffinger wrote:
> > On Sat, Oct 08, 2011 at 11:40:35PM +0200, fenrir at elivagar.org wrote:
> > > From: Laurent Aimar <fenrir at videolan.org>
> > >
> > > ---
> > > libavcodec/qtrle.c | 4 ++++
> > > 1 files changed, 4 insertions(+), 0 deletions(-)
> > >
> > > diff --git a/libavcodec/qtrle.c b/libavcodec/qtrle.c
> > > index 752bbc1..bd9514a 100644
> > > --- a/libavcodec/qtrle.c
> > > +++ b/libavcodec/qtrle.c
> > > @@ -464,6 +464,10 @@ static int qtrle_decode_frame(AVCodecContext *avctx,
> > > stream_ptr += 4;
> > > height = AV_RB16(&s->buf[stream_ptr]);
> > > stream_ptr += 4;
> > > + if (start_line >= s->avctx->height ||
> > > + start_line + height > s->avctx->height)
> >
> > start_line and height are both only 16 bit, why 2 checks?
> > Might even be more readable as
> > height > s->avctx->height - start_line
> Patch attached.
applied, thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I have often repented speaking, but never of holding my tongue.
-- Xenocrates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20111009/29c78a77/attachment.asc>
More information about the ffmpeg-devel
mailing list