virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-03-17 20:17:55 +02:00
Code Issues Releases Activity

avcodec/scpr: mask bits to prevent out of array read

Browse Source 
Fixes: 1615/clusterfuzz-testcase-minimized-6625214647500800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5666b95c9f27efa6f9b1e1bb6c592b9a8d78bca5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2017-05-16 02:22:37 +02:00
parent 72e5ccfe37
commit 21d50c185d
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/scpr.c
View File

@ -488,7 +488,7 @@ static int decompress_i(AVCodecContext *avctx, uint32_t *dst, int linesize)
if (avctx->bits_per_coded_sample == 16) {
cx1 = (clr & 0x3F00) >> 2;
cx = (clr & 0xFFFFFF) >> 16;
cx = (clr & 0x3FFFFF) >> 16;
} else {
cx1 = (clr & 0xFC00) >> 4;
cx = (clr & 0xFFFFFF) >> 18;
@ -726,7 +726,7 @@ static int decompress_p(AVCodecContext *avctx,
if (avctx->bits_per_coded_sample == 16) {
cx1 = (clr & 0x3F00) >> 2;
cx = (clr & 0xFFFFFF) >> 16;
cx = (clr & 0x3FFFFF) >> 16;
} else {
cx1 = (clr & 0xFC00) >> 4;
cx = (clr & 0xFFFFFF) >> 18;