[FFmpeg-cvslog] pngdec: check if previous frame exists instead of trusting sequence_number
Andreas Cadhalpun
git at videolan.org
Mon Nov 28 00:47:33 EET 2016
ffmpeg | branch: master | Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com> | Fri Nov 25 22:09:51 2016 +0100| [801b5c18c7beefbb894ad4de20d1b591ddb22198] | committer: Andreas Cadhalpun
pngdec: check if previous frame exists instead of trusting sequence_number
This fixes a segmentation fault caused by calling memcpy with NULL as
second argument in handle_p_frame_apng.
Reviewed-by: Michael Niedermayer <michael at niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=801b5c18c7beefbb894ad4de20d1b591ddb22198
---
libavcodec/pngdec.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
index 36275ae..2f8d266 100644
--- a/libavcodec/pngdec.c
+++ b/libavcodec/pngdec.c
@@ -922,7 +922,8 @@ static int decode_fctl_chunk(AVCodecContext *avctx, PNGDecContext *s,
return AVERROR_INVALIDDATA;
}
- if (sequence_number == 0 && dispose_op == APNG_DISPOSE_OP_PREVIOUS) {
+ if ((sequence_number == 0 || !s->previous_picture.f->data[0]) &&
+ dispose_op == APNG_DISPOSE_OP_PREVIOUS) {
// No previous frame to revert to for the first frame
// Spec says to just treat it as a APNG_DISPOSE_OP_BACKGROUND
dispose_op = APNG_DISPOSE_OP_BACKGROUND;
More information about the ffmpeg-cvslog
mailing list