[FFmpeg-devel] [PATCH] targa: prevent integer overflow in bufsize check.
Måns Rullgård
mans
Mon Feb 21 19:46:56 CET 2011
"Ronald S. Bultje" <rsbultje at gmail.com> writes:
> ---
> libavcodec/targa.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/libavcodec/targa.c b/libavcodec/targa.c
> index 0892b6f..3c220f4 100644
> --- a/libavcodec/targa.c
> +++ b/libavcodec/targa.c
> @@ -34,7 +34,7 @@ typedef struct TargaContext {
> } TargaContext;
>
> #define CHECK_BUFFER_SIZE(buf, buf_end, needed, where) \
> - if(buf + needed > buf_end){ \
> + if(needed > buf_end - buf){ \
> av_log(avctx, AV_LOG_ERROR, "Problem: unexpected end of data while reading " where "\n"); \
> return -1; \
> } \
> --
> 1.7.2.1
OK
--
M?ns Rullg?rd
mans at mansr.com
More information about the ffmpeg-devel
mailing list