[FFmpeg-cvslog] flashsv: reallocate block array independant of frame type.
Michael Niedermayer
git at videolan.org
Thu Nov 15 16:47:16 CET 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Nov 15 16:09:23 2012 +0100| [bc08ca841e66134a3b0d900cf152b4a263fa6545] | committer: Michael Niedermayer
flashsv: reallocate block array independant of frame type.
Fixes NULL pointer dereference
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bc08ca841e66134a3b0d900cf152b4a263fa6545
---
libavcodec/flashsv.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libavcodec/flashsv.c b/libavcodec/flashsv.c
index 14c514c..27f5dce 100644
--- a/libavcodec/flashsv.c
+++ b/libavcodec/flashsv.c
@@ -321,10 +321,10 @@ static int flashsv_decode_frame(AVCodecContext *avctx, void *data,
if (s->is_keyframe) {
s->keyframedata = av_realloc(s->keyframedata, avpkt->size);
memcpy(s->keyframedata, avpkt->data, avpkt->size);
- s->blocks = av_realloc(s->blocks,
- (v_blocks + !!v_part) * (h_blocks + !!h_part)
- * sizeof(s->blocks[0]));
}
+ s->blocks = av_realloc(s->blocks,
+ (v_blocks + !!v_part) * (h_blocks + !!h_part)
+ * sizeof(s->blocks[0]));
av_dlog(avctx, "image: %dx%d block: %dx%d num: %dx%d part: %dx%d\n",
s->image_width, s->image_height, s->block_width, s->block_height,
More information about the ffmpeg-cvslog
mailing list