[FFmpeg-cvslog] tiffdec: Prevent illegal memory access caused by recycled pointers.
Alex Converse
git at videolan.org
Fri Mar 9 01:49:25 CET 2012
ffmpeg | branch: master | Alex Converse <alex.converse at gmail.com> | Tue Mar 6 17:00:29 2012 -0800| [fd0be63049ed46660993d0550a4f0847a0b942ea] | committer: Alex Converse
tiffdec: Prevent illegal memory access caused by recycled pointers.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable at libav.org
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fd0be63049ed46660993d0550a4f0847a0b942ea
---
libavcodec/tiff.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
index 0ff6ceb..9ca9163 100644
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -535,6 +535,8 @@ static int decode_frame(AVCodecContext *avctx,
av_log(avctx, AV_LOG_ERROR, "The answer to life, universe and everything is not correct!\n");
return -1;
}
+ // Reset these pointers so we can tell if they were set this frame
+ s->stripsizes = s->stripdata = NULL;
/* parse image file directory */
off = tget_long(&buf, le);
if (off >= UINT_MAX - 14 || end_buf - orig_buf < off + 14) {
More information about the ffmpeg-cvslog
mailing list