[FFmpeg-cvslog] mjpegdec: check SE.
Michael Niedermayer
git at videolan.org
Mon Dec 3 21:14:37 CET 2012
ffmpeg | branch: release/1.0 | Michael Niedermayer <michaelni at gmx.at> | Sun Nov 11 00:01:24 2012 +0100| [12fb647994c89cd6c45da9497ff7589d760c6ec1] | committer: Michael Niedermayer
mjpegdec: check SE.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=12fb647994c89cd6c45da9497ff7589d760c6ec1
---
libavcodec/mjpegdec.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index d829b1b..0fca372 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -1097,6 +1097,11 @@ static int mjpeg_decode_scan_progressive_ac(MJpegDecodeContext *s, int ss,
int last_scan = 0;
int16_t *quant_matrix = s->quant_matrixes[s->quant_index[c]];
+ if (se > 63) {
+ av_log(s->avctx, AV_LOG_ERROR, "SE %d is too large\n", se);
+ return AVERROR_INVALIDDATA;
+ }
+
if (!Al) {
s->coefs_finished[c] |= (1LL << (se + 1)) - (1LL << ss);
last_scan = !~s->coefs_finished[c];
More information about the ffmpeg-cvslog
mailing list