virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00
Code Issues Releases Activity

pcx: check that the packet is large enough before reading the header

Browse Source 
Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
This commit is contained in:
Anton Khirnov 2016-08-14 10:18:39 +02:00
parent 15ee419b7a
commit 221402c1c8
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libavcodec/pcx.c
View File

@ -28,6 +28,8 @@
#include "get_bits.h"
#include "internal.h"
#define PCX_HEADER_SIZE 128
/**
* @return advanced src pointer
*/
@ -85,6 +87,11 @@ static int pcx_decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
uint8_t *scanline;
int ret = -1;
if (buf_size < PCX_HEADER_SIZE) {
av_log(avctx, AV_LOG_ERROR, "Packet too small\n");
return AVERROR_INVALIDDATA;
}
if (buf[0] != 0x0a || buf[1] > 5) {
av_log(avctx, AV_LOG_ERROR, "this is not PCX encoded data\n");
return AVERROR_INVALIDDATA;