[FFmpeg-devel] potential segfault in rle.c
Michael Niedermayer
michaelni
Thu Jul 31 16:41:11 CEST 2008
On Thu, Jul 31, 2008 at 02:15:01PM +0200, Mathieu Malaterre wrote:
> On Thu, Jul 31, 2008 at 1:01 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
> > On Wed, Jul 30, 2008 at 06:42:09PM +0200, Mathieu Malaterre wrote:
> >> [resent from ffmpeg-users]
> >>
> >> I believe there is a potential segfault in rle.c. See attached patch.
> >
> > [...]
> >> count = count_pixels(ptr, w-x, bpp, 0);
> >> + /* are we allowed to write 1 byte + count*bpp bytes ? */
> >> + if(out + bpp*count + 1 > outbuf + out_size) return -1;
> >
> > if(out + bpp*count >= outbuf + out_size)
> >
> > is simpler
>
> done.
ok
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Frequently ignored awnser#1 FFmpeg bugs should be sent to our bugtracker. User
questions about the command line tools should be sent to the ffmpeg-user ML.
And questions about how to use libav* should be sent to the libav-user ML.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20080731/a2afdc45/attachment.pgp>
More information about the ffmpeg-devel
mailing list