[FFmpeg-devel] [PATCH 6/7] Prevent out of bound accesses in the xan decoder.

Michael Niedermayer michaelni at gmx.at
Wed Sep 28 01:04:15 CEST 2011


On Tue, Sep 27, 2011 at 11:53:47PM +0200, Laurent Aimar wrote:
> Hi,
> 
> On Tue, Sep 27, 2011 at 11:43:56PM +0200, fenrir at elivagar.org wrote:
> > -    if (imagedata_segment[0] == 2)
> > +    if (imagedata_segment[0] == 2) {
> >          xan_unpack(s->buffer2, &imagedata_segment[1], s->buffer2_size);
> > -    else
> > +        imagedata_size = s->buffer2_size;
> > +    } else {
> > +        imagedata_size = s->size - imagedata_offset;
> >          imagedata_buffer = &imagedata_segment[1];
> > +    }
>  I didn't take the &[1] into account. The attached patch fix that.
> 
> -- 
> fenrir

>  xan.c |   25 ++++++++++++++++++++-----
>  1 file changed, 20 insertions(+), 5 deletions(-)
> 457495df76362c02a0a704a2293d1a044a604cdb  0001-Prevent-out-of-bound-accesses-in-the-xan-decoder.patch
> From 78072f6e6cb02dff1a1c1e77ee2166076e6b87db Mon Sep 17 00:00:00 2001
> From: Laurent Aimar <fenrir at videolan.org>
> Date: Tue, 27 Sep 2011 23:27:16 +0200
> Subject: [PATCH] Prevent out of bound accesses in the xan decoder.

applied, thanks

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Concerning the gods, I have no means of knowing whether they exist or not
or of what sort they may be, because of the obscurity of the subject, and
the brevity of human life -- Protagoras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20110928/10ccd49c/attachment.asc>


More information about the ffmpeg-devel mailing list