ffmpeg | branch: release/0.10 | Michael Niedermayer <michae...@gmx.at> | Wed Aug 6 18:19:57 2014 +0100| [c79cf0129edafc388ba1c47cd7b6a620557e48de] | committer: Anton Khirnov
error_concealment: avoid using the picture if not fully setup Fixes state becoming inconsistent and a null pointer dereference. CC: libav-sta...@libav.org Bug-Id: CVE-2013-0860 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Vittorio Giovara <vittorio.giov...@gmail.com> Signed-off-by: Anton Khirnov <an...@khirnov.net> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c79cf0129edafc388ba1c47cd7b6a620557e48de --- libavcodec/error_resilience.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libavcodec/error_resilience.c b/libavcodec/error_resilience.c index 96f49c8..2735c66 100644 --- a/libavcodec/error_resilience.c +++ b/libavcodec/error_resilience.c @@ -900,6 +900,12 @@ void ff_er_frame_end(MpegEncContext *s) return; }; + if (s->picture_structure == PICT_FRAME && + s->current_picture.f.linesize[0] != s->current_picture_ptr->f.linesize[0]) { + av_log(s->avctx, AV_LOG_ERROR, "Error concealment not possible, frame not fully initialized\n"); + return; + } + if (s->current_picture.f.motion_val[0] == NULL) { av_log(s->avctx, AV_LOG_ERROR, "Warning MVs not available\n"); _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
