[FFmpeg-cvslog] r11605 - trunk/libavcodec/h264.c
michael
subversion
Thu Jan 24 20:31:59 CET 2008
Author: michael
Date: Thu Jan 24 20:31:59 2008
New Revision: 11605
Log:
Fix crash for CAVLC->CABAC switch caused by writing into NULL tables.
(iam not sure if this might have been exploitable)
fixes issue332 / CVCANLMA2_Sony_C.jsv
Other solutions which waste a few bytes less are welcome ...
Modified:
trunk/libavcodec/h264.c
Modified: trunk/libavcodec/h264.c
==============================================================================
--- trunk/libavcodec/h264.c (original)
+++ trunk/libavcodec/h264.c Thu Jan 24 20:31:59 2008
@@ -2035,12 +2035,10 @@ static int alloc_tables(H264Context *h){
CHECKED_ALLOCZ(h->slice_table_base , (big_mb_num+s->mb_stride) * sizeof(uint8_t))
CHECKED_ALLOCZ(h->cbp_table, big_mb_num * sizeof(uint16_t))
- if( h->pps.cabac ) {
CHECKED_ALLOCZ(h->chroma_pred_mode_table, big_mb_num * sizeof(uint8_t))
CHECKED_ALLOCZ(h->mvd_table[0], 32*big_mb_num * sizeof(uint16_t));
CHECKED_ALLOCZ(h->mvd_table[1], 32*big_mb_num * sizeof(uint16_t));
CHECKED_ALLOCZ(h->direct_table, 32*big_mb_num * sizeof(uint8_t));
- }
memset(h->slice_table_base, -1, (big_mb_num+s->mb_stride) * sizeof(uint8_t));
h->slice_table= h->slice_table_base + s->mb_stride*2 + 1;
More information about the ffmpeg-cvslog
mailing list