[FFmpeg-cvslog] iff: avoid out of array reads, due to too many planes.
Michael Niedermayer
git at videolan.org
Fri Nov 9 18:53:01 CET 2012
ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Fri Nov 9 17:47:51 2012 +0100| [fb6a72cde52580bc92c92c8f02bb3eb7afb3fd71] | committer: Michael Niedermayer
iff: avoid out of array reads, due to too many planes.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fb6a72cde52580bc92c92c8f02bb3eb7afb3fd71
---
libavcodec/iff.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libavcodec/iff.c b/libavcodec/iff.c
index bc88a8e..d5c1457 100644
--- a/libavcodec/iff.c
+++ b/libavcodec/iff.c
@@ -371,6 +371,10 @@ static av_cold int decode_init(AVCodecContext *avctx)
static void decodeplane8(uint8_t *dst, const uint8_t *buf, int buf_size, int plane)
{
const uint64_t *lut = plane8_lut[plane];
+ if (plane >= 8) {
+ av_log(0, AV_LOG_WARNING, "Ignoring extra planes beyond 8\n");
+ return;
+ }
do {
uint64_t v = AV_RN64A(dst) | lut[*buf++];
AV_WN64A(dst, v);
More information about the ffmpeg-cvslog
mailing list