virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Code Issues Releases Activity

avcodec/cook: check that the subpacket sizes fit in block_align

Browse Source 
Fixes out of array read
Fixes: asan_heap-oob_fb5c50_19_018.rmvb
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2014-10-30 16:53:09 +01:00
parent db442c8736
commit 10e32618ac
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/cook.c
View File

@ -1215,8 +1215,8 @@ static av_cold int cook_decode_init(AVCodecContext *avctx)
q->num_subpackets++;
s++;
if (s > MAX_SUBPACKETS) {
avpriv_request_sample(avctx, "subpackets > %d", MAX_SUBPACKETS);
if (s > FFMIN(MAX_SUBPACKETS, avctx->block_align)) {
avpriv_request_sample(avctx, "subpackets > %d", FFMIN(MAX_SUBPACKETS, avctx->block_align));
return AVERROR_PATCHWELCOME;
}
}