[FFmpeg-cvslog] ivi_common: check that scan pattern is set before using it.
Anton Khirnov
git at videolan.org
Thu Jan 17 01:38:58 CET 2013
ffmpeg | branch: release/0.10 | Anton Khirnov <anton at khirnov.net> | Thu Dec 13 19:38:20 2012 +0100| [3fca5799c6863e8b899fe37ed31f710d3d07e270] | committer: Reinhard Tartler
ivi_common: check that scan pattern is set before using it.
Fixes CVE-2012-2791.
CC: libav-stable at libav.org
(cherry picked from commit deabb52ab4c1fdb3dd319f3980b1489a182011f1)
Signed-off-by: Reinhard Tartler <siretart at tauware.de>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3fca5799c6863e8b899fe37ed31f710d3d07e270
---
libavcodec/ivi_common.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavcodec/ivi_common.c b/libavcodec/ivi_common.c
index db33767..84705c4 100644
--- a/libavcodec/ivi_common.c
+++ b/libavcodec/ivi_common.c
@@ -411,6 +411,11 @@ int ff_ivi_decode_blocks(GetBitContext *gb, IVIBandDesc *band, IVITile *tile)
}
if (cbp & 1) { /* block coded ? */
+ if (!band->scan) {
+ av_log(NULL, AV_LOG_ERROR, "Scan pattern is not set.\n");
+ return AVERROR_INVALIDDATA;
+ }
+
scan_pos = -1;
memset(trvec, 0, num_coeffs*sizeof(trvec[0])); /* zero transform vector */
memset(col_flags, 0, sizeof(col_flags)); /* zero column flags */
More information about the ffmpeg-cvslog
mailing list