virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Code Issues Releases Activity

dirac_parser: check prev_pu_offset before using it

Browse Source 
Fixes out of array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2012-12-15 16:03:19 +01:00
parent fef75ef200
commit 2b643855e0
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/dirac_parser.c
View File

@ -161,7 +161,9 @@ static int dirac_combine_frame(AVCodecParserContext *s, AVCodecContext *avctx,
* we can be pretty sure that we have a valid parse unit */
if (!unpack_parse_unit(&pu1, pc, pc->index - 13) ||
!unpack_parse_unit(&pu, pc, pc->index - 13 - pu1.prev_pu_offset) ||
pu.next_pu_offset != pu1.prev_pu_offset) {
pu.next_pu_offset != pu1.prev_pu_offset ||
pc->index < pc->dirac_unit_size + 13LL + pu1.prev_pu_offset
) {
pc->index -= 9;
*buf_size = next-9;
pc->header_bytes_needed = 9;