[FFmpeg-cvslog] j2kdec: Check for interger overflow in tile array allocation

Michael Niedermayer git at videolan.org
Sat Dec 24 18:53:09 CET 2011


ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Sat Dec 24 05:03:04 2011 +0100| [3132999fdb57d8d3ba5e08a4dc1b3661e885c04d] | committer: Michael Niedermayer

j2kdec: Check for interger overflow in tile array allocation

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3132999fdb57d8d3ba5e08a4dc1b3661e885c04d
---

 libavcodec/j2kdec.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/libavcodec/j2kdec.c b/libavcodec/j2kdec.c
index a8c0c52..c8dabc0 100644
--- a/libavcodec/j2kdec.c
+++ b/libavcodec/j2kdec.c
@@ -238,6 +238,9 @@ static int get_siz(J2kDecoderContext *s)
     s->numXtiles = ff_j2k_ceildiv(s->width - s->tile_offset_x, s->tile_width);
     s->numYtiles = ff_j2k_ceildiv(s->height - s->tile_offset_y, s->tile_height);
 
+    if(s->numXtiles * (uint64_t)s->numYtiles > INT_MAX/sizeof(J2kTile))
+        return AVERROR(EINVAL);
+
     s->tile = av_mallocz(s->numXtiles * s->numYtiles * sizeof(J2kTile));
     if (!s->tile)
         return AVERROR(ENOMEM);



More information about the ffmpeg-cvslog mailing list