[FFmpeg-cvslog] bink: check quant_index, fix out of array read
Michael Niedermayer
git at videolan.org
Wed Nov 14 23:54:41 CET 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Wed Nov 14 23:24:05 2012 +0100| [e70144cba13db208877e3b64802fc8835c72e82d] | committer: Michael Niedermayer
bink: check quant_index, fix out of array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e70144cba13db208877e3b64802fc8835c72e82d
---
libavcodec/bink.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libavcodec/bink.c b/libavcodec/bink.c
index 91cd651..bcc6361 100644
--- a/libavcodec/bink.c
+++ b/libavcodec/bink.c
@@ -674,6 +674,10 @@ static int read_dct_coeffs(GetBitContext *gb, int32_t block[64], const uint8_t *
quant_idx = get_bits(gb, 4);
} else {
quant_idx = q;
+ if (quant_idx > 15U) {
+ av_log(0, AV_LOG_ERROR, "quant_index %d out of range\n", quant_idx);
+ return AVERROR_INVALIDDATA;
+ }
}
quant = quant_matrices[quant_idx];
More information about the ffmpeg-cvslog
mailing list