virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-15 14:13:16 +02:00
Code Issues Releases Activity

dsicinav: Bound-check the source buffer when needed

Browse Source 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
This commit is contained in:
Luca Barbato
2013-07-19 21:09:40 +02:00
parent fcae3ff124
commit dd0bfc3a6a
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/dsicinav.c
View File

@@ -195,11 +195,13 @@ static void cin_decode_rle(const unsigned char *src, int src_size,
while (src < src_end && dst < dst_end) { while (src < src_end && dst < dst_end) {
code = *src++; code = *src++;
if (code & 0x80) { if (code & 0x80) {
if (src >= src_end)
break;
len = code - 0x7F; len = code - 0x7F;
memset(dst, *src++, FFMIN(len, dst_end - dst)); memset(dst, *src++, FFMIN(len, dst_end - dst));
} else { } else {
len = code + 1; len = code + 1;
memcpy(dst, src, FFMIN(len, dst_end - dst)); memcpy(dst, src, FFMIN3(len, dst_end - dst, src_end - src));
src += len; src += len;
} }
dst += len; dst += len;