On Tue, Sep 04, 2012 at 02:32:18PM -0400, Justin Ruggles wrote: > From: Michael Niedermayer <[email protected]> > > Values that fail this check will cause failure of decode_rice() > > Signed-off-by: Michael Niedermayer <[email protected]> > Signed-off-by: Justin Ruggles <[email protected]> > --- > libavcodec/alsdec.c | 5 +++++ > 1 files changed, 5 insertions(+), 0 deletions(-) > > diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c > index 56d7f2f..ef12253 100644 > --- a/libavcodec/alsdec.c > +++ b/libavcodec/alsdec.c > @@ -651,6 +651,11 @@ static int read_var_block_data(ALSDecContext *ctx, > ALSBlockData *bd) > for (k = 1; k < sub_blocks; k++) > s[k] = s[k - 1] + decode_rice(gb, 0); > } > + for (k = 1; k < sub_blocks; k++) > + if (s[k] > 32) { > + av_log(avctx, AV_LOG_ERROR, "k invalid for rice code.\n"); > + return AVERROR_INVALIDDATA; > + } > > if (get_bits1(gb)) > *bd->shift_lsbs = get_bits(gb, 4) + 1; > --
LGTM _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
