On Thu, 13 Dec 2012 19:14:35 +0100, Janne Grunau <[email protected]> wrote: > On 2012-12-13 18:50:47 +0100, Anton Khirnov wrote: > > Fixes CVE-2012-2803. > > > > CC: [email protected] > > --- > > libavcodec/mpeg12.c | 3 ++- > > libavcodec/mpeg12.h | 1 + > > 2 files changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/libavcodec/mpeg12.c b/libavcodec/mpeg12.c > > index df8afec..3366fba 100644 > > --- a/libavcodec/mpeg12.c > > +++ b/libavcodec/mpeg12.c > > @@ -2453,8 +2453,9 @@ static int mpeg_decode_frame(AVCodecContext *avctx, > > > > s->slice_count = 0; > > > > - if (avctx->extradata && !avctx->frame_number) { > > + if (avctx->extradata && !s->extradata_decoded) { > > int ret = decode_chunks(avctx, picture, got_output, > > avctx->extradata, avctx->extradata_size); > > + s->extradata_decoded = 1; > > Is avctx->extradata guaranteed to be static during the whole decoding > process?
There is a packet side data for sending new extradata, currently used only by the aac decoder. Otherwise I think it's safe to assume it won't change. > I'm not sure what mpeg12 extradata is supposed to contain. Just > picture and sequence header? I think so. Костя says it's not mandatory in any case and the commit making the decoder parse it is rather new (2009 or so). -- Anton Khirnov _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
