1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00

avcodec/scpr: Fix multiple runtime error: index 256 out of bounds for type 'unsigned int [256]'

Fixes: 1519/clusterfuzz-testcase-minimized-5286680976162816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2017-05-13 15:39:32 +02:00
parent 54e1b62ee2
commit 2171dfae8c

View File

@ -261,6 +261,9 @@ static int decode_unit(SCPRContext *s, PixelModel *pixel, unsigned step, unsigne
break;
c++;
}
if (x >= 16 || c >= 256) {
return AVERROR_INVALIDDATA;
}
if ((ret = s->decode(gb, rc, cumfr, cnt_c, totfr)) < 0)
return ret;