[FFmpeg-cvslog] diracdec: add missing check for pixel_range_index

[Andreas Cadhalpun]

ffmpeg | branch: master | Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com> | Tue Dec 22 19:44:00 2015 +0100| [b648b246f07a4b041dcefd7309af407c1b74862a] | committer: Andreas Cadhalpun

diracdec: add missing check for pixel_range_index

This fixes an out-of-bounds read introduced in commit 0379603.

Reviewed-by: Kieran Kunhya <kierank at obe.tv>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b648b246f07a4b041dcefd7309af407c1b74862a
---

 libavcodec/dirac.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/libavcodec/dirac.c b/libavcodec/dirac.c
index 33cc960..faf5534 100644
--- a/libavcodec/dirac.c
+++ b/libavcodec/dirac.c
@@ -262,6 +262,9 @@ static int parse_source_parameters(AVDiracSeqHeader *dsh, GetBitContext *gb,
 
     dsh->bit_depth = luma_depth;
 
+    if (dsh->pixel_range_index < 2U)
+        return AVERROR_INVALIDDATA;
+
     dsh->pix_fmt = dirac_pix_fmt[dsh->chroma_format][dsh->pixel_range_index-2];
     avcodec_get_chroma_sub_sample(dsh->pix_fmt, &chroma_x_shift, &chroma_y_shift);
     if ((dsh->width % (1<<chroma_x_shift)) || (dsh->height % (1<<chroma_y_shift))) {