virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Code Issues Releases Activity

avcodec/rawdec: Check the return code of avpicture_get_size()

Browse Source 
Fixes out of array access
Fixes: asan_heap-oob_22388d0_3435_cov_3297128910_small_roll5_FlashCine1.cine
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2014-11-26 18:56:39 +01:00
parent 1b5d112406
commit 1d3a3b9f89
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libavcodec/rawdec.c
View File

@ -172,6 +172,9 @@ static int raw_decode(AVCodecContext *avctx, void *data, int *got_frame,
context->frame_size = avpicture_get_size(avctx->pix_fmt, avctx->width,
avctx->height);
}
if (context->frame_size < 0)
return context->frame_size;
need_copy = !avpkt->buf || context->is_2_4_bpp || context->is_yuv2 || context->is_lt_16bpp;
frame->pict_type = AV_PICTURE_TYPE_I;