[FFmpeg-cvslog] ape_decode_value_3860: check k before using it in get_bits()

Michael Niedermayer git at videolan.org
Thu May 2 17:32:39 CEST 2013


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu May  2 17:24:02 2013 +0200| [60ab4480423769ac3db487aba5232b187036c7ea] | committer: Michael Niedermayer

ape_decode_value_3860: check k before using it in get_bits()

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=60ab4480423769ac3db487aba5232b187036c7ea
---

 libavcodec/apedec.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libavcodec/apedec.c b/libavcodec/apedec.c
index be6edd2..1f55dab 100644
--- a/libavcodec/apedec.c
+++ b/libavcodec/apedec.c
@@ -489,9 +489,12 @@ static inline int ape_decode_value_3860(APEContext *ctx, GetBitContext *gb,
 
     if (!rice->k)
         x = overflow;
-    else
+    else if(rice->k <= MIN_CACHE_BITS) {
         x = (overflow << rice->k) + get_bits(gb, rice->k);
-
+    } else {
+        av_log(ctx->avctx, AV_LOG_ERROR, "Too many bits: %d\n", rice->k);
+        return AVERROR_INVALIDDATA;
+    }
     rice->ksum += x - (rice->ksum + 8 >> 4);
     if (rice->ksum < (rice->k ? 1 << (rice->k + 4) : 0))
         rice->k--;



More information about the ffmpeg-cvslog mailing list