virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-02 03:06:28 +02:00
Code Issues Releases Activity

avcodec/rka: fix array overflow

Browse Source
This commit is contained in:
Paul B Mahol 2023-02-15 13:54:11 +01:00
parent 4113445e9d
commit cb35036766
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libavcodec/rka.c
View File

@ -77,8 +77,8 @@ typedef struct ChContext {
Model64 mdl64[4][11];
int32_t buf0[12001];
int32_t buf1[12001];
int32_t buf0[131072+2560];
int32_t buf1[131072+2560];
} ChContext;
typedef struct RKAContext {
@ -701,6 +701,9 @@ static int decode_filter(RKAContext *s, ChContext *ctx, ACoder *ac, int off, uns
for (int y = 0; y < FFMIN(split, size - x); y++, off++) {
int midx, shift = idx, *src, sum = 16;
if (off >= FF_ARRAY_ELEMS(ctx->buf0))
return -1;
midx = FFABS(last_val) >> shift;
if (midx >= 15) {
mdl64 = &ctx->mdl64[3][idx];