[FFmpeg-cvslog] lavfi/lut3d: add sanity checks.

Clément Bœsch git at videolan.org
Fri Jun 7 01:48:52 CEST 2013


ffmpeg | branch: master | Clément Bœsch <ubitux at gmail.com> | Fri Jun  7 01:42:18 2013 +0200| [f97e28ebe5233f6520b161ab8dbbe937dda46dc3] | committer: Clément Bœsch

lavfi/lut3d: add sanity checks.

Should fix CID1026775 and CID1026774.

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f97e28ebe5233f6520b161ab8dbbe937dda46dc3
---

 libavfilter/vf_lut3d.c |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/libavfilter/vf_lut3d.c b/libavfilter/vf_lut3d.c
index 7fc5ec1..ef1365d 100644
--- a/libavfilter/vf_lut3d.c
+++ b/libavfilter/vf_lut3d.c
@@ -265,8 +265,8 @@ static int parse_cube(AVFilterContext *ctx, FILE *f)
             int i, j, k;
             const int size = strtol(line + 12, NULL, 0);
 
-            if (size > MAX_LEVEL) {
-                av_log(ctx, AV_LOG_ERROR, "Too large 3D LUT\n");
+            if (size < 2 || size > MAX_LEVEL) {
+                av_log(ctx, AV_LOG_ERROR, "Too large or invalid 3D LUT size\n");
                 return AVERROR(EINVAL);
             }
             lut3d->lutsize = size;
@@ -370,6 +370,12 @@ static int parse_m3d(AVFilterContext *ctx, FILE *f)
         av_log(ctx, AV_LOG_ERROR, "in and out must be defined\n");
         return AVERROR_INVALIDDATA;
     }
+    if (in < 2 || out < 2 ||
+        in  > MAX_LEVEL*MAX_LEVEL*MAX_LEVEL ||
+        out > MAX_LEVEL*MAX_LEVEL*MAX_LEVEL) {
+        av_log(ctx, AV_LOG_ERROR, "invalid in (%d) or out (%d)\n", in, out);
+        return AVERROR_INVALIDDATA;
+    }
     for (size = 1; size*size*size < in; size++);
     lut3d->lutsize = size;
     scale = 1. / (out - 1);



More information about the ffmpeg-cvslog mailing list