[FFmpeg-devel] [PATCH]Fix overwrite when reading invalid Quickdraw images

Carl Eugen Hoyos cehoyos at ag.or.at
Thu May 14 14:37:21 CEST 2015


Hi!

Attached patch fixes an overwrite in decode_rle() for invalid pict files.

Please comment, Carl Eugen
-------------- next part --------------
diff --git a/libavcodec/qdrw.c b/libavcodec/qdrw.c
index 6c920aa..85aa5f4 100644
--- a/libavcodec/qdrw.c
+++ b/libavcodec/qdrw.c
@@ -95,6 +95,8 @@ static int decode_rle(AVCodecContext *avctx, AVFrame *p, GetByteContext *gbc,
                         pos -= offset;
                         pos++;
                     }
+                    if (pos >= offset)
+                        return AVERROR_INVALIDDATA;
                 }
                 left  -= 2;
             } else { /* copy */


More information about the ffmpeg-devel mailing list