[FFmpeg-devel] [PATCH] qtpalette: make the color_* variables unsigned again

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Sun Jan 10 11:56:09 CET 2016


This fixes segmentation faults due to out of bounds writes, when
color_start is interpreted as negative number.

This regression was introduced in commit 57631f.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---

Seriously, changing the code behavior when "factoring out" is a
very bad practice.

---
 libavformat/qtpalette.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/qtpalette.c b/libavformat/qtpalette.c
index a78b6af..666c6b7 100644
--- a/libavformat/qtpalette.c
+++ b/libavformat/qtpalette.c
@@ -48,7 +48,7 @@ int ff_get_qtpalette(int codec_id, AVIOContext *pb, uint32_t *palette)
 
     /* If the depth is 1, 2, 4, or 8 bpp, file is palettized. */
     if ((bit_depth == 1 || bit_depth == 2 || bit_depth == 4 || bit_depth == 8)) {
-        int color_count, color_start, color_end;
+        uint32_t color_count, color_start, color_end;
         uint32_t a, r, g, b;
 
         /* Ignore the greyscale bit for 1-bit video and sample
-- 
2.6.4


More information about the ffmpeg-devel mailing list