[FFmpeg-cvslog] avcodec/bmp_parser: Ensure remaining_size is not too small in startcode packet crossing corner case

Michael Niedermayer git at videolan.org
Wed Apr 27 05:42:58 CEST 2016


ffmpeg | branch: release/2.8 | Michael Niedermayer <michael at niedermayer.cc> | Thu Apr 14 15:10:31 2016 +0200| [4e174d95f59d307c170ea89229ab3673fee2631c] | committer: Michael Niedermayer

avcodec/bmp_parser: Ensure remaining_size is not too small in startcode packet crossing corner case

Fixes Ticket 5438

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8e26bdd59bf559d00c7e60c53fff292de10139ff)

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e174d95f59d307c170ea89229ab3673fee2631c
---

 libavcodec/bmp_parser.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/bmp_parser.c b/libavcodec/bmp_parser.c
index c9493dc..7ab32a0 100644
--- a/libavcodec/bmp_parser.c
+++ b/libavcodec/bmp_parser.c
@@ -63,7 +63,7 @@ restart:
                     continue;
                 }
                 bpc->pc.frame_start_found++;
-                bpc->remaining_size = bpc->fsize + i - 17;
+                bpc->remaining_size = bpc->fsize + FFMAX(i - 17, 0);
 
                 if (bpc->pc.index + i > 17) {
                     next = i - 17;



More information about the ffmpeg-cvslog mailing list