On Sat, 16 Feb 2013, Anton Khirnov wrote:
CC:[email protected] --- libavcodec/flicvideo.c | 5 +++++ 1 file changed, 5 insertions(+)diff --git a/libavcodec/flicvideo.c b/libavcodec/flicvideo.c index 139952d..3d43e5e 100644 --- a/libavcodec/flicvideo.c +++ b/libavcodec/flicvideo.c @@ -347,6 +347,11 @@ static int flic_decode_frame_8BPP(AVCodecContext *avctx, pixel_countdown = s->avctx->width; while (pixel_countdown > 0) { byte_run = sign_extend(bytestream2_get_byte(&g2), 8); + if (!byte_run) { + av_log(avctx, AV_LOG_ERROR, "Invalid byte run value.\n"); + return AVERROR_INVALIDDATA; + } + if (byte_run > 0) { palette_idx1 = bytestream2_get_byte(&g2); CHECK_PIXEL_PTR(byte_run); -- 1.7.10.4
Does sound sensible I think, but an explanation of how this can happen might be good.
// Martin _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
