[FFmpeg-cvslog] avidec: Make sure a packet is large enough before reading its data
Martin Storsjö
git at videolan.org
Thu Jan 16 22:29:49 CET 2014
ffmpeg | branch: release/0.10 | Martin Storsjö <martin at martin.st> | Sat Sep 28 00:41:31 2013 +0300| [889bdc47f6bbf3fc30c73173349db82828cdd0e1] | committer: Luca Barbato
avidec: Make sure a packet is large enough before reading its data
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable at libav.org
Signed-off-by: Martin Storsjö <martin at martin.st>
(cherry picked from commit 8d07258bb6063d0780ce2d39443d6dc6d8eedc5a)
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>
Conflicts:
libavformat/avidec.c
(cherry picked from commit 2e4c649b3e62fdd158b5a9a0f973d3b186a23e94)
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=889bdc47f6bbf3fc30c73173349db82828cdd0e1
---
libavformat/avidec.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index ac6e85f..11d086c 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -749,8 +749,10 @@ static int avi_read_header(AVFormatContext *s, AVFormatParameters *ap)
return 0;
}
-static int read_gab2_sub(AVStream *st, AVPacket *pkt) {
- if (!strcmp(pkt->data, "GAB2") && AV_RL16(pkt->data+5) == 2) {
+static int read_gab2_sub(AVStream *st, AVPacket *pkt)
+{
+ if (pkt->size >= 7 &&
+ !strcmp(pkt->data, "GAB2") && AV_RL16(pkt->data + 5) == 2) {
uint8_t desc[256];
int score = AVPROBE_SCORE_MAX / 2, ret;
AVIStream *ast = st->priv_data;
More information about the ffmpeg-cvslog
mailing list