On 22 December 2015 at 19:04, Andreas Cadhalpun
<andreas.cadhal...@googlemail.com> wrote:
> This fixes an out-of-bounds read introduced in commit 0379603.
>
> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
> ---
> libavcodec/dirac.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/libavcodec/dirac.c b/libavcodec/dirac.c
> index 33cc960..faf5534 100644
> --- a/libavcodec/dirac.c
> +++ b/libavcodec/dirac.c
> @@ -262,6 +262,9 @@ static int parse_source_parameters(AVDiracSeqHeader *dsh,
> GetBitContext *gb,
>
> dsh->bit_depth = luma_depth;
>
> + if (dsh->pixel_range_index < 2U)
> + return AVERROR_INVALIDDATA;
> +
> dsh->pix_fmt =
> dirac_pix_fmt[dsh->chroma_format][dsh->pixel_range_index-2];
> avcodec_get_chroma_sub_sample(dsh->pix_fmt, &chroma_x_shift,
> &chroma_y_shift);
> if ((dsh->width % (1<<chroma_x_shift)) || (dsh->height %
> (1<<chroma_y_shift))) {
Ok
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
