On 02/28/2012 09:48 PM, Ronald S. Bultje wrote: > From: "Ronald S. Bultje" <[email protected]> > > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > CC: [email protected] > --- > libavcodec/h264_cabac.c | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/libavcodec/h264_cabac.c b/libavcodec/h264_cabac.c > index 75fb02c..2ee4bc0 100644 > --- a/libavcodec/h264_cabac.c > +++ b/libavcodec/h264_cabac.c > @@ -1996,6 +1996,8 @@ decode_intra_mb: > } > > // The pixels are stored in the same order as levels in h->mb array. > + if ((int) (h->cabac.bytestream_end - ptr) < mb_size) > + return -1; > memcpy(h->mb, ptr, mb_size); ptr+=mb_size; > > ff_init_cabac_decoder(&h->cabac, ptr, h->cabac.bytestream_end - ptr);
LGTM. -Justin _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
