[FFmpeg-cvslog] mjpegdec: check SE.
Michael Niedermayer
git at videolan.org
Sun Nov 11 02:29:08 CET 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sun Nov 11 00:01:24 2012 +0100| [1f41cffe1e3e79620f587545bdfcbd7e6e68ed29] | committer: Michael Niedermayer
mjpegdec: check SE.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1f41cffe1e3e79620f587545bdfcbd7e6e68ed29
---
libavcodec/mjpegdec.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index 6b5266d..0a71a6f 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -1095,6 +1095,11 @@ static int mjpeg_decode_scan_progressive_ac(MJpegDecodeContext *s, int ss,
int last_scan = 0;
int16_t *quant_matrix = s->quant_matrixes[s->quant_index[c]];
+ if (se > 63) {
+ av_log(s->avctx, AV_LOG_ERROR, "SE %d is too large\n", se);
+ return AVERROR_INVALIDDATA;
+ }
+
if (!Al) {
s->coefs_finished[c] |= (1LL << (se + 1)) - (1LL << ss);
last_scan = !~s->coefs_finished[c];
More information about the ffmpeg-cvslog
mailing list