Related to CVE-2011-3940.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
---
libavformat/nsvdec.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
index 7da6339..009fcc8 100644
--- a/libavformat/nsvdec.c
+++ b/libavformat/nsvdec.c
@@ -532,11 +532,16 @@ static int nsv_read_header(AVFormatContext *s,
AVFormatParameters *ap)
for (i = 0; i < NSV_MAX_RESYNC_TRIES; i++) {
if (nsv_resync(s) < 0)
return -1;
- if (nsv->state == NSV_FOUND_NSVF)
+ if (nsv->state == NSV_FOUND_NSVF) {
err = nsv_parse_NSVf_header(s, ap);
+ if (err < 0)
+ return err;
+ }
/* we need the first NSVs also... */
if (nsv->state == NSV_FOUND_NSVS) {
err = nsv_parse_NSVs_header(s, ap);
+ if (err < 0)
+ return err;
break; /* we just want the first one */
}
}
--
1.7.7.3
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
