[FFmpeg-cvslog] matroskaenc: fix cue tracknum off by 1 error
Michael Niedermayer
git at videolan.org
Sat Feb 23 23:16:31 CET 2013
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Feb 23 23:05:44 2013 +0100| [285485ac5f896cc450e0183daa41a8ee63d17076] | committer: Michael Niedermayer
matroskaenc: fix cue tracknum off by 1 error
Fixes out of array accesses
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=285485ac5f896cc450e0183daa41a8ee63d17076
---
libavformat/matroskaenc.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libavformat/matroskaenc.c b/libavformat/matroskaenc.c
index 4fbb410..4544f8e 100644
--- a/libavformat/matroskaenc.c
+++ b/libavformat/matroskaenc.c
@@ -407,9 +407,11 @@ static int64_t mkv_write_cues(AVIOContext *pb, mkv_cues *cues, mkv_track *tracks
for (j = 0; j < num_tracks; j++)
tracks[j].has_cue = 0;
for (j = 0; j < cues->num_entries - i && entry[j].pts == pts; j++) {
- if (tracks[entry[j].tracknum].has_cue)
+ int tracknum = entry[j].tracknum - 1;
+ av_assert0(tracknum>=0 && tracknum<num_tracks);
+ if (tracks[tracknum].has_cue)
continue;
- tracks[entry[j].tracknum].has_cue = 1;
+ tracks[tracknum].has_cue = 1;
track_positions = start_ebml_master(pb, MATROSKA_ID_CUETRACKPOSITION, MAX_CUETRACKPOS_SIZE);
put_ebml_uint(pb, MATROSKA_ID_CUETRACK , entry[j].tracknum );
put_ebml_uint(pb, MATROSKA_ID_CUECLUSTERPOSITION, entry[j].cluster_pos);
More information about the ffmpeg-cvslog
mailing list