From: Michael Niedermayer <[email protected]> Avoid out of array accesses.
CC: [email protected] Bug-Id: CVE-2013-0848 Signed-off-by: Vittorio Giovara <[email protected]> --- Maybe the % could be avoided somehow? Vittorio libavcodec/huffyuvdec.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c index e0d8a06..9d2fbaf 100644 --- a/libavcodec/huffyuvdec.c +++ b/libavcodec/huffyuvdec.c @@ -328,6 +328,14 @@ static av_cold int decode_init(AVCodecContext *avctx) return AVERROR_INVALIDDATA; } + if (s->predictor == MEDIAN && + avctx->pix_fmt == AV_PIX_FMT_YUV422P && + avctx->width % 4) { + av_log(avctx, AV_LOG_ERROR, "width must be multiple of 4 " + "for this combination of colorspace and predictor type.\n"); + return AVERROR_INVALIDDATA; + } + ff_huffyuv_alloc_temp(s); return 0; -- 1.8.5.2 (Apple Git-48) _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
