Re: [libav-devel] [PATCH 3/3] ivi_common: check that scan pattern is set before using it.

Kostya Shishkov Thu, 13 Dec 2012 11:06:58 -0800

On Thu, Dec 13, 2012 at 07:46:01PM +0100, Anton Khirnov wrote:
> Fixes CVE-2012-2791.
> 
> CC: [email protected]
> ---
>  libavcodec/ivi_common.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/libavcodec/ivi_common.c b/libavcodec/ivi_common.c
> index 9b81094..76782e5 100644
> --- a/libavcodec/ivi_common.c
> +++ b/libavcodec/ivi_common.c
> @@ -460,6 +460,11 @@ static int ivi_decode_blocks(GetBitContext *gb, 
> IVIBandDesc *band, IVITile *tile
>              }
>  
>              if (cbp & 1) { /* block coded ? */
> +                if (!band->scan) {
> +                    av_log(avctx, AV_LOG_ERROR, "Scan pattern is not 
> set.\n");
> +                    return AVERROR_INVALIDDATA;
> +                }
> +
>                  scan_pos = -1;
>                  memset(trvec, 0, num_coeffs*sizeof(trvec[0])); /* zero 
> transform vector */
>                  memset(col_flags, 0, sizeof(col_flags));      /* zero column 
> flags */
> --


LGTM
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel

Re: [libav-devel] [PATCH 3/3] ivi_common: check that scan pattern is set before using it.

Reply via email to