virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-28 20:53:54 +02:00
Code Issues Releases Activity

Fix possibly exploitable out of buffer writes in msrle_decode_pal4().

Browse Source 
This fix is minimalistic, that function should be cleaned up by someone.

Originally committed as revision 25633 to svn://svn.ffmpeg.org/ffmpeg/trunk
This commit is contained in:
Michael Niedermayer 2010-11-02 01:19:15 +00:00
parent 7429783101
commit 7d78a96441
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/msrledec.c
View File

@ -45,7 +45,7 @@ static int msrle_decode_pal4(AVCodecContext *avctx, AVPicture *pic,
unsigned char rle_code;
unsigned char extra_byte, odd_pixel;
unsigned char stream_byte;
int pixel_ptr = 0;
unsigned int pixel_ptr = 0;
int row_dec = pic->linesize[0];
int row_ptr = (avctx->height - 1) * row_dec;
int frame_size = row_dec * avctx->height;