The mpeg4 video, H264 and VC-1 parser hold a directly or indirectly
a MpegEncContext in their private context. Since they do not call the
common mpegvideo init function slice_context_count has explicitly set
to 1.
Prevents a null pointer dereference in the h264 parser and fixes
buf 193.
---
libavcodec/h264_parser.c | 1 +
libavcodec/mpeg4video_parser.c | 1 +
libavcodec/vc1_parser.c | 8 ++++++++
3 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/libavcodec/h264_parser.c b/libavcodec/h264_parser.c
index 826c17a..bcaa04a 100644
--- a/libavcodec/h264_parser.c
+++ b/libavcodec/h264_parser.c
@@ -330,6 +330,7 @@ static int init(AVCodecParserContext *s)
{
H264Context *h = s->priv_data;
h->thread_context[0] = h;
+ h->s.slice_context_count = 1;
return 0;
}
diff --git a/libavcodec/mpeg4video_parser.c b/libavcodec/mpeg4video_parser.c
index 162bc1d..89bbf34 100644
--- a/libavcodec/mpeg4video_parser.c
+++ b/libavcodec/mpeg4video_parser.c
@@ -99,6 +99,7 @@ static av_cold int mpeg4video_parse_init(AVCodecParserContext
*s)
if (!pc->enc)
return -1;
pc->first_picture = 1;
+ pc->enc->slice_context_count = 1;
return 0;
}
diff --git a/libavcodec/vc1_parser.c b/libavcodec/vc1_parser.c
index e6243d9..0cc5ea0 100644
--- a/libavcodec/vc1_parser.c
+++ b/libavcodec/vc1_parser.c
@@ -184,9 +184,17 @@ static int vc1_split(AVCodecContext *avctx,
return 0;
}
+static int vc1_parse_init(AVCodecParserContext *s)
+{
+ VC1ParseContext *vpc = s->priv_data;
+ vpc->v.s.slice_context_count = 1;
+ return 0;
+}
+
AVCodecParser ff_vc1_parser = {
.codec_ids = { CODEC_ID_VC1 },
.priv_data_size = sizeof(VC1ParseContext),
+ .parser_init = vc1_parse_init,
.parser_parse = vc1_parse,
.parser_close = ff_parse1_close,
.split = vc1_split,
--
1.7.8.2
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
