[FFmpeg-cvslog] motionpixels: Check that the vlc table has been fully inited

Michael Niedermayer git at videolan.org
Sat Feb 9 19:29:39 CET 2013


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Feb  9 18:40:12 2013 +0100| [b5fc95e77f9e154978d914548b86a8bc9fd1d0f2] | committer: Michael Niedermayer

motionpixels: Check that the vlc table has been fully inited

Fixes out of array reads

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b5fc95e77f9e154978d914548b86a8bc9fd1d0f2
---

 libavcodec/motionpixels.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/motionpixels.c b/libavcodec/motionpixels.c
index f69cd56..4fa45e9 100644
--- a/libavcodec/motionpixels.c
+++ b/libavcodec/motionpixels.c
@@ -137,6 +137,10 @@ static int mp_read_codes_table(MotionPixelsContext *mp, GetBitContext *gb)
         mp->current_codes_count = 0;
         if ((ret = mp_get_code(mp, gb, 0, 0)) < 0)
             return ret;
+        if (mp->current_codes_count < mp->codes_count) {
+            av_log(mp->avctx, AV_LOG_ERROR, "too few codes\n");
+            return AVERROR_INVALIDDATA;
+        }
    }
    return 0;
 }



More information about the ffmpeg-cvslog mailing list