falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/vc1_block: Check for double escapes 

Fixes: out of array read
Fixes: 16331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5672735195267072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6962fd586e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
tags/n2.8.16
Michael Niedermayer 6 years ago
parent
7954bc8f63
commit
720c2deb02
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/vc1_block.c

+ 1
- 1
libavcodec/vc1_block.c View File

@@ -507,7 +507,7 @@ static int vc1_decode_ac_coeff(VC1Context *v, int *last, int *skip,
int escape = decode210(gb);
if (escape != 2) {
index = get_vlc2(gb, ff_vc1_ac_coeff_table[codingset].table, AC_VLC_BITS, 3);
if (index < 0)
if (index >= ff_vc1_ac_sizes[codingset] - 1U)
return AVERROR_INVALIDDATA;
run = vc1_index_decode_table[codingset][index][0];
level = vc1_index_decode_table[codingset][index][1];


Write Preview
Loading…
Cancel
Save