ffmpeg | branch: master | Michael Niedermayer <[email protected]> | Fri Jun 12 02:02:04 2015 +0200| [b395fd3de7dab14841b3c7898aaea04d29c11bc7] | committer: Michael Niedermayer
avcodec/jpeg2000dec: add some sanity checking on newpasses Signed-off-by: Michael Niedermayer <[email protected]> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b395fd3de7dab14841b3c7898aaea04d29c11bc7 --- libavcodec/jpeg2000.h | 2 ++ libavcodec/jpeg2000dec.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/libavcodec/jpeg2000.h b/libavcodec/jpeg2000.h index acdba62..46067c8 100644 --- a/libavcodec/jpeg2000.h +++ b/libavcodec/jpeg2000.h @@ -71,6 +71,8 @@ enum Jpeg2000Quantsty { // quantization style #define JPEG2000_MAX_DECLEVELS 32 #define JPEG2000_MAX_RESLEVELS (JPEG2000_MAX_DECLEVELS + 1) +#define JPEG2000_MAX_PASSES 100 + // T1 flags // flags determining significance of neighbor coefficients #define JPEG2000_T1_SIG_N 0x0001 diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c index aa6d8ec..099242d 100644 --- a/libavcodec/jpeg2000dec.c +++ b/libavcodec/jpeg2000dec.c @@ -805,6 +805,11 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, } if ((newpasses = getnpasses(s)) < 0) return newpasses; + av_assert2(newpasses > 0); + if (cblk->npasses + newpasses >= JPEG2000_MAX_PASSES) { + avpriv_request_sample(s->avctx, "Too many passes\n"); + return AVERROR_PATCHWELCOME; + } if ((llen = getlblockinc(s)) < 0) return llen; if (cblk->lblock + llen + av_log2(newpasses) > 16) { _______________________________________________ ffmpeg-cvslog mailing list [email protected] http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
