virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Code Issues Releases Activity

ape_decode_value_3900: check tmpk

Browse Source 
Fixes division by 0

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2013-05-02 16:45:06 +02:00
parent 49ec4c7e49
commit 8937230719
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libavcodec/apedec.c
View File

@ -518,9 +518,13 @@ static inline int ape_decode_value_3900(APEContext *ctx, APERice *rice)
} else
tmpk = (rice->k < 1) ? 0 : rice->k - 1;
if (tmpk <= 16 || ctx->fileversion < 3910)
if (tmpk <= 16 || ctx->fileversion < 3910) {
if (tmpk > 23) {
av_log(ctx->avctx, AV_LOG_ERROR, "Too many bits: %d\n", tmpk);
return AVERROR_INVALIDDATA;
}
x = range_decode_bits(ctx, tmpk);
else if (tmpk <= 32) {
} else if (tmpk <= 32) {
x = range_decode_bits(ctx, 16);
x |= (range_decode_bits(ctx, tmpk - 16) << 16);
} else {