virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00
Code Issues Releases Activity

Do not overread input buffer.

Browse Source 
Fixes issue 2503.

Patch by Daniel Kang, daniel.d.kang at gmail

Originally committed as revision 26256 to svn://svn.ffmpeg.org/ffmpeg/trunk
This commit is contained in:
Daniel Kang 2011-01-07 19:55:22 +00:00 committed by Carl Eugen Hoyos
parent 10d8eac98d
commit fea714ecd9
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libavcodec/dpx.c
View File

@ -55,6 +55,7 @@ static int decode_frame(AVCodecContext *avctx,
AVPacket *avpkt)
{
const uint8_t *buf = avpkt->data;
const uint8_t *buf_end = avpkt->data + avpkt->size;
int buf_size = avpkt->size;
DPXContext *const s = avctx->priv_data;
AVFrame *picture = data;
@ -172,6 +173,10 @@ static int decode_frame(AVCodecContext *avctx,
case 8:
case 12: // Treat 12-bit as 16-bit
case 16:
if (source_packet_size*avctx->width*avctx->height > buf_end - buf) {
av_log(avctx, AV_LOG_ERROR, "Overread buffer. Invalid header?\n");
return -1;
}
if (source_packet_size == target_packet_size) {
for (x = 0; x < avctx->height; x++) {
memcpy(ptr, buf, target_packet_size*avctx->width);