Module: libav Branch: master Commit: 7374fac80406d6c1a67a0e3265cfe6dfcc51ce61
Author: Ronald S. Bultje <[email protected]> Committer: Ronald S. Bultje <[email protected]> Date: Fri Mar 16 21:56:40 2012 -0700 h264: fix overreads in cabac reader. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: [email protected] --- libavcodec/cabac_functions.h | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/libavcodec/cabac_functions.h b/libavcodec/cabac_functions.h index b150aab..4c74cf7 100644 --- a/libavcodec/cabac_functions.h +++ b/libavcodec/cabac_functions.h @@ -47,7 +47,8 @@ static void refill(CABACContext *c){ c->low+= c->bytestream[0]<<1; #endif c->low -= CABAC_MASK; - c->bytestream+= CABAC_BITS/8; + if (c->bytestream < c->bytestream_end) + c->bytestream += CABAC_BITS / 8; } static inline void renorm_cabac_decoder_once(CABACContext *c){ @@ -74,7 +75,8 @@ static void refill2(CABACContext *c){ #endif c->low += x<<i; - c->bytestream+= CABAC_BITS/8; + if (c->bytestream < c->bytestream_end) + c->bytestream += CABAC_BITS/8; } static av_always_inline int get_cabac_inline(CABACContext *c, uint8_t * const state){ _______________________________________________ libav-commits mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-commits
