[FFmpeg-devel] [PATCH] vp9/update_prob: prevent out of bounds table read

Ronald S. Bultje rsbultje at gmail.com
Tue Jun 30 11:59:53 CEST 2015


Hi,

On Tue, Jun 30, 2015 at 2:03 AM, James Zern <jzern at google.com> wrote:

> the max value of the lookup in expanded form is:
> (((1 << 7) - 1) << 1) - 65 + 1 + 64 = 254
>
> add one entry of padding to inv_map_table[] to prevent out of bounds
> access with non-conforming / fuzzed bitstreams
>
> Signed-off-by: James Zern <jzern at google.com>
> ---
>  libavcodec/vp9.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)


OK.

Ronald


More information about the ffmpeg-devel mailing list