[FFmpeg-cvslog] r26243 - trunk/libavcodec/tiff.c
cehoyos
subversion
Thu Jan 6 15:44:51 CET 2011
Author: cehoyos
Date: Thu Jan 6 15:44:50 2011
New Revision: 26243
Log:
Fix crash for files with strip size larger than the buffer.
Fixes issue 2498.
Patch by Daniel Kang, daniel.d.kang at gmail
Modified:
trunk/libavcodec/tiff.c
Modified: trunk/libavcodec/tiff.c
==============================================================================
--- trunk/libavcodec/tiff.c Thu Jan 6 14:30:32 2011 (r26242)
+++ trunk/libavcodec/tiff.c Thu Jan 6 15:44:50 2011 (r26243)
@@ -531,6 +531,11 @@ static int decode_frame(AVCodecContext *
else
ssize = s->stripsize;
+ if (ssize > buf_size) {
+ av_log(avctx, AV_LOG_ERROR, "Buffer size is smaller than strip size\n");
+ return -1;
+ }
+
if(s->stripdata){
soff = tget(&s->stripdata, s->sot, s->le);
}else
More information about the ffmpeg-cvslog
mailing list