[FFmpeg-cvslog] r19973 - trunk/libavcodec/utils.c

michael subversion
Wed Sep 23 00:44:56 CEST 2009


Author: michael
Date: Wed Sep 23 00:44:56 2009
New Revision: 19973

Log:
Check codec_id and codec_type in avcodec_open(), based on 43_codec_type_mismatch.patch from chrome
This is said to be able to lead to a stack based buffer overflow.

Modified:
   trunk/libavcodec/utils.c

Modified: trunk/libavcodec/utils.c
==============================================================================
--- trunk/libavcodec/utils.c	Tue Sep 22 22:38:03 2009	(r19972)
+++ trunk/libavcodec/utils.c	Wed Sep 23 00:44:56 2009	(r19973)
@@ -481,7 +481,10 @@ int attribute_align_arg avcodec_open(AVC
     }
 
     avctx->codec = codec;
-    avctx->codec_id = codec->id;
+    if(avctx->codec_id != codec->id || avctx->codec_type != codec->type){
+        av_log(avctx, AV_LOG_ERROR, "codec type or id mismatches\n");
+        goto end;
+    }
     avctx->frame_number = 0;
     if(avctx->codec->init){
         ret = avctx->codec->init(avctx);



More information about the ffmpeg-cvslog mailing list