[Ffmpeg-devel] [PATCH] h264 crashes dues to uninitialized context

[Michael Niedermayer]

Hi

On Tue, Jan 16, 2007 at 02:46:19PM +0100, Reimar Doeffinger wrote:
> Hello,
> testing the "fuzzer" samples I came about these to things that I suppose
> are bugs: On size change, the context is freed, but context_initialized is
> not set to 0 again.

MPV_common_end() should set it to 0

[...]
> @@ -8067,6 +8072,7 @@
>              h->inter_gb_ptr= &h->inter_gb;
>  
>              if(h->redundant_pic_count==0 && h->intra_gb_ptr && s->data_partitioning
> +               && s->context_initialized
>                 && s->hurry_up < 5
>                 && (avctx->skip_frame < AVDISCARD_NONREF || h->nal_ref_idc)
>                 && (avctx->skip_frame < AVDISCARD_BIDIR  || h->slice_type!=B_TYPE)

this part looks ok

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The worst form of inequality is to try to make unequal things equal.
-- Aristotle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070116/46ed35f2/attachment.pgp>