[FFmpeg-cvslog] indeo5: prevent null pointer dereference on broken files

[Janne Grunau]

ffmpeg | branch: release/0.10 | Janne Grunau <janne-libav at jannau.net> | Mon Jan 23 21:33:34 2012 +0100| [3efe6becc79b8087ea517b12380f34b702db1cc5] | committer: Reinhard Tartler

indeo5: prevent null pointer dereference on broken files

Found by John Villamil <johnv at matasano.com>
(cherry picked from commit 366ac22ea5a8bab63c7f46cdad2ddb2ff22cdbed)

Signed-off-by: Reinhard Tartler <siretart at tauware.de>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3efe6becc79b8087ea517b12380f34b702db1cc5
---

 libavcodec/indeo5.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/indeo5.c b/libavcodec/indeo5.c
index 60f0eee..a8ff228 100644
--- a/libavcodec/indeo5.c
+++ b/libavcodec/indeo5.c
@@ -426,6 +426,10 @@ static int decode_mb_info(IVI45DecContext *ctx, IVIBandDesc *band,
     ref_mb = tile->ref_mbs;
     offs   = tile->ypos * band->pitch + tile->xpos;
 
+    if (!ref_mb &&
+        ((band->qdelta_present && band->inherit_qdelta) || band->inherit_mv))
+        return AVERROR_INVALIDDATA;
+
     /* scale factor for motion vectors */
     mv_scale = (ctx->planes[0].bands[0].mb_size >> 3) - (band->mb_size >> 3);
     mv_x = mv_y = 0;