falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

Check unp_size for possible overflows too 

Originally committed as revision 10490 to svn://svn.ffmpeg.org/ffmpeg/trunk
tags/v0.5
Kostya Shishkov 17 years ago
parent
208506e2a6
commit
f0dd9d4505
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      libavcodec/smacker.c

+ 1
- 1
libavcodec/smacker.c View File

@@ -590,7 +590,7 @@ static int smka_decode_frame(AVCodecContext *avctx, void *data, int *data_size,
}
stereo = get_bits1(&gb);
bits = get_bits1(&gb);
if ((unp_size << !bits) > *data_size) {
if (unp_size & 0xC0000000 || (unp_size << !bits) > *data_size) {
av_log(avctx, AV_LOG_ERROR, "Frame is too large to fit in buffer\n");
return -1;
}


Write Preview
Loading…
Cancel
Save