[FFmpeg-devel] [PATCH] [ISSUE 798] VP3/Theora: prevent stack corruption
Michael Niedermayer
michaelni
Fri Jan 30 17:37:14 CET 2009
On Thu, Jan 29, 2009 at 08:00:45PM -0500, Alex Converse wrote:
> Hi,
>
> The attached patch fixes the crash associated with issue 798. (Though the
> real issue appears to be with the demuxer).
>
> Basically a custom coding method doesn't get get set for one index value, so
> when that index occurs a garbage value is used. This garbage value
> propagates into current_frame_type through the compatible compatible_frame
> table. current_frame_type is then used to index a write into last_dc causing
> stack corruption.
>
> The behavior for an unset custom coding method is not specified by the
> theora specification, so I chose to copy libtheora's behavior and assign it
> to MODE_INTER_NO_MV.
patch ok
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090130/d2b3e6f2/attachment.pgp>
More information about the ffmpeg-devel
mailing list