falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/svq3: Dont memcpy AVFrame 

This avoids out of array accesses

Fixes: asan_heap-uaf_21f42e4_9_asan_heap-uaf_21f42e4_278_gl2.mov

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 075a165d27)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
tags/n2.3.5
Michael Niedermayer 11 years ago
parent
1ac4ae2a32
commit
603f4ecd14
1 changed files with 1 additions and 1 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/svq3.c

+ 1
- 1
libavcodec/svq3.c View File

@@ -1176,7 +1176,7 @@ static int svq3_decode_frame(AVCodecContext *avctx, void *data,


h->cur_pic_ptr = s->cur_pic; h->cur_pic_ptr = s->cur_pic;
av_frame_unref(&h->cur_pic.f); av_frame_unref(&h->cur_pic.f);
h->cur_pic = *s->cur_pic;
memcpy(&h->cur_pic.tf, &s->cur_pic->tf, sizeof(h->cur_pic) - offsetof(H264Picture, tf));
ret = av_frame_ref(&h->cur_pic.f, &s->cur_pic->f); ret = av_frame_ref(&h->cur_pic.f, &s->cur_pic->f);
if (ret < 0) if (ret < 0)
return ret; return ret;


Write Preview
Loading…
Cancel
Save