From 2bf09826c170b0f474f1cd92a138acd8109eef8b Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 24 Nov 2011 15:39:41 +0100 Subject: [PATCH] loco: Fix error handling. Fixes null pointer dereference / http://www.google-melange.com/gci/task/view/google/gci2011/7120335 Signed-off-by: Michael Niedermayer --- libavcodec/loco.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libavcodec/loco.c b/libavcodec/loco.c index 505f566ba6..75701e970b 100644 --- a/libavcodec/loco.c +++ b/libavcodec/loco.c @@ -123,6 +123,9 @@ static int loco_decode_plane(LOCOContext *l, uint8_t *data, int width, int heigh int val; int i, j; + if(buf_size<=0) + return -1; + init_get_bits(&rc.gb, buf, buf_size*8); rc.save = 0; rc.run = 0; @@ -225,7 +228,7 @@ static int decode_frame(AVCodecContext *avctx, *data_size = sizeof(AVFrame); *(AVFrame*)data = l->pic; - return buf_size; + return buf_size < 0 ? -1 : buf_size; } static av_cold int decode_init(AVCodecContext *avctx){