[FFmpeg-devel] [PATCH] avcodec/gifdec: truncate too big width/height for invalid gif files
Tomas Härdin
tjoppen at acc.umu.se
Wed Dec 12 14:47:24 EET 2018
mån 2018-12-10 klockan 13:34 +0100 skrev Paul B Mahol:
> Fixes #6874.
>
> > Signed-off-by: Paul B Mahol <onemda at gmail.com>
> ---
> libavcodec/gifdec.c | 16 ++++++++++++----
> 1 file changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/libavcodec/gifdec.c b/libavcodec/gifdec.c
> index 54f1d4c0ba..0eb1c21d99 100644
> --- a/libavcodec/gifdec.c
> +++ b/libavcodec/gifdec.c
> @@ -179,12 +179,20 @@ static int gif_read_image(GifState *s, AVFrame *frame)
> }
>
> /* verify that all the image is inside the screen dimensions */
> - if (!width || width > s->screen_width || left >= s->screen_width) {
> - av_log(s->avctx, AV_LOG_ERROR, "Invalid image width.\n");
> + if (!width || width > s->screen_width) {
> + av_log(s->avctx, AV_LOG_WARNING, "Invalid image width: %d, truncating.\n", width);
> + width = s->screen_width;
> + }
> + if (left >= s->screen_width) {
> + av_log(s->avctx, AV_LOG_ERROR, "Invalid left position: %d.\n", left);
> return AVERROR_INVALIDDATA;
> }
> - if (!height || height > s->screen_height || top >= s->screen_height) {
> - av_log(s->avctx, AV_LOG_ERROR, "Invalid image height.\n");
> + if (!height || height > s->screen_height) {
> + av_log(s->avctx, AV_LOG_WARNING, "Invalid image height, truncating: %d.\n", height);
> + height = s->screen_height;
> + }
> + if (top >= s->screen_height) {
> + av_log(s->avctx, AV_LOG_ERROR, "Invalid top position: %d.\n", top);
> return AVERROR_INVALIDDATA;
> }
> if (left + width > s->screen_width) {
Looks OK. Out of curiosity: do the files decode to something sensible,
or mostly glitchy goodness?
/Tomas
More information about the ffmpeg-devel
mailing list