falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

wmalosslessdec: Fix reading too many bits in decode_channel_residues() 

Fixes a part of CVE-2012-2795

CC:libav-stable@libav.org

Based on a patch by Michael Niedermayer <michaelni@gmx.at>

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
tags/n1.1
Anton Khirnov 13 years ago
parent
f48fbf2eb5
commit
6a99310fce
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/wmalosslessdec.c

+ 1
- 1
libavcodec/wmalosslessdec.c View File

@@ -520,7 +520,7 @@ static int decode_channel_residues(WmallDecodeCtx *s, int ch, int tile_size)
residue = quo;
else {
rem_bits = av_ceil_log2(ave_mean);
rem = rem_bits ? get_bits(&s->gb, rem_bits) : 0;
rem = rem_bits ? get_bits_long(&s->gb, rem_bits) : 0;
residue = (quo << rem_bits) + rem;
}



Write Preview
Loading…
Cancel
Save