On 03/08/14 01:54, Vittorio Giovara wrote: > From: Michael Niedermayer <[email protected]> > > Avoid out of array accesses. > > CC: [email protected] > Bug-Id: CVE-2013-0848 > Signed-off-by: Vittorio Giovara <[email protected]> > --- > Maybe the % could be avoided somehow? > Vittorio > > libavcodec/huffyuvdec.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c > index e0d8a06..9d2fbaf 100644 > --- a/libavcodec/huffyuvdec.c > +++ b/libavcodec/huffyuvdec.c > @@ -328,6 +328,14 @@ static av_cold int decode_init(AVCodecContext *avctx) > return AVERROR_INVALIDDATA; > } > > + if (s->predictor == MEDIAN && > + avctx->pix_fmt == AV_PIX_FMT_YUV422P && > + avctx->width % 4) { > + av_log(avctx, AV_LOG_ERROR, "width must be multiple of 4 " > + "for this combination of colorspace and predictor type.\n"); > + return AVERROR_INVALIDDATA; > + }
ffyuv doesn't pad properly? Sounds quite strange. lu _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
