falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

dpcm: ignore extra unpaired bytes in stereo streams. 

Fixes: CVE-2011-3951

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
tags/n0.11
Alex Converse 13 years ago
parent
3e13005cac
commit
ce7aee9b73
1 changed files with 6 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +6
    -1
      libavcodec/dpcm.c

+ 6
- 1
libavcodec/dpcm.c View File

@@ -183,6 +183,11 @@ static int dpcm_decode_frame(AVCodecContext *avctx, void *data,
int stereo = s->channels - 1;
int16_t *output_samples;

if (stereo && (buf_size & 1)) {
buf_size--;
buf_end--;
}

/* calculate output size */
switch(avctx->codec->id) {
case CODEC_ID_ROQ_DPCM:
@@ -317,7 +322,7 @@ static int dpcm_decode_frame(AVCodecContext *avctx, void *data,
*got_frame_ptr = 1;
*(AVFrame *)data = s->frame;

return buf_size;
return avpkt->size;
}

#define DPCM_DECODER(id_, name_, long_name_) \


Write Preview
Loading…
Cancel
Save