falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

oggparsedaala: check number of planes in pixel format map 

This fixes crashes caused by out-of-bounds writes.

Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
tags/n3.0
Andreas Cadhalpun 9 years ago
parent
4a44bc5588
commit
b4466c9c1a
1 changed files with 6 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +6
    -0
      libavformat/oggparsedaala.c

+ 6
- 0
libavformat/oggparsedaala.c View File

@@ -130,6 +130,12 @@ static int daala_header(AVFormatContext *s, int idx)
hdr->fpr = bytestream2_get_byte(&gb); hdr->fpr = bytestream2_get_byte(&gb);


hdr->format.planes = bytestream2_get_byte(&gb); hdr->format.planes = bytestream2_get_byte(&gb);
if (hdr->format.planes > 4) {
av_log(s, AV_LOG_ERROR,
"Invalid number of planes %d in daala pixel format map.\n",
hdr->format.planes);
return AVERROR_INVALIDDATA;
}
for (i = 0; i < hdr->format.planes; i++) { for (i = 0; i < hdr->format.planes; i++) {
hdr->format.xdec[i] = bytestream2_get_byte(&gb); hdr->format.xdec[i] = bytestream2_get_byte(&gb);
hdr->format.ydec[i] = bytestream2_get_byte(&gb); hdr->format.ydec[i] = bytestream2_get_byte(&gb);


Write Preview
Loading…
Cancel
Save