falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/cbs_h265_syntax_template: Limit num_long_term_pics more strictly 

The limit is based on hevcdec.c
Fixes: 20854/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5160442882424832
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 435fa373d1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n4.2.3
Michael Niedermayer 5 years ago
parent
1fc446d7e2
commit
1653a2247f
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/cbs_h265_syntax_template.c

+ 1
- 1
libavcodec/cbs_h265_syntax_template.c View File

@@ -1371,7 +1371,7 @@ static int FUNC(slice_segment_header)(CodedBitstreamContext *ctx, RWContext *rw,
infer(num_long_term_sps, 0);
idx_size = 0;
}
ue(num_long_term_pics, 0, HEVC_MAX_LONG_TERM_REF_PICS);
ue(num_long_term_pics, 0, HEVC_MAX_REFS - current->num_long_term_sps);

for (i = 0; i < current->num_long_term_sps +
current->num_long_term_pics; i++) {


Write Preview
Loading…
Cancel
Save