From 9682909babc0a258d9bf30527aca6eae3c32f5f9 Mon Sep 17 00:00:00 2001 From: Daniel Kang Date: Thu, 6 Jan 2011 17:36:54 -0500 Subject: [PATCH] cljr buffer overread fix. --- libavcodec/cljr.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/libavcodec/cljr.c b/libavcodec/cljr.c index 47809c0..f04f4a7 100644 --- a/libavcodec/cljr.c +++ b/libavcodec/cljr.c @@ -54,6 +54,11 @@ static int decode_frame(AVCodecContext *avctx, if(p->data[0]) avctx->release_buffer(avctx, p); + if(buf_size < avctx->height*avctx->width) { + av_log(avctx, AV_LOG_ERROR, "Resolution larger than buffer size. Invalid header?\n"); + return -1; + } + p->reference= 0; if(avctx->get_buffer(avctx, p) < 0){ av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n"); -- 1.7.2.2