[FFmpeg-devel] [PATCH] Fix invalid reads in VC1 decoder
Reinhard Tartler
siretart
Sat Feb 19 13:28:52 CET 2011
On Sat, Feb 19, 2011 at 12:33:17 (CET), Kostya wrote:
> On Sat, Feb 19, 2011 at 12:16:53PM +0100, Reinhard Tartler wrote:
>> From: Reimar D?ffinger <Reimar.Doeffinger at gmx.de>
>>
>> Patch discussed and taken from https://roundup.ffmpeg.org/issue2584
>> ---
>> libavcodec/vc1dec.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c
>> index 6707cde..7eb9576 100644
>> --- a/libavcodec/vc1dec.c
>> +++ b/libavcodec/vc1dec.c
>> @@ -1376,7 +1376,7 @@ static void vc1_decode_ac_coeff(VC1Context *v, int *last, int *skip, int *value,
>> if (index != vc1_ac_sizes[codingset] - 1) {
>> run = vc1_index_decode_table[codingset][index][0];
>> level = vc1_index_decode_table[codingset][index][1];
>> - lst = index >= vc1_last_decode_table[codingset];
>> + lst = index >= vc1_last_decode_table[codingset] || get_bits_left(gb) < 0;
>> if(get_bits1(gb))
>> level = -level;
>> } else {
>> --
>> 1.7.0.4
>
> fine
committed as
http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=2bbec1eda46d907605772a8b6e8263caa4bc4c82
btw, difference in valgrind output:
https://roundup.ffmpeg.org/msg13729
--
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
More information about the ffmpeg-devel
mailing list