Re: [libav-devel] [PATCH] tiff: check that there is no aliasing in pixel format selection

Luca Barbato Sat, 07 Mar 2015 13:14:14 -0800

On 07/03/15 22:06, Anton Khirnov wrote:

Fixes possible issues with unexpected bpp/bppcount values.


CC:[email protected]
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
---
  libavcodec/tiff.c | 8 ++++++++
  1 file changed, 8 insertions(+)

diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c
index 08e8a87..b071c3b 100644
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -252,6 +252,14 @@ static int init_image(TiffContext *s, AVFrame *frame)
  {
      int ret;

+    // make sure there is no aliasing in the following switch
+    if (s->bpp >= 100 || s->bppcount >= 10) {
+        av_log(s->avctx, AV_LOG_ERROR,
+               "Unsupported image parameters: bpp=%d, bppcount=%d\n",
+               s->bpp, s->bppcount);
+        return AVERROR_INVALIDDATA;
+    }
+
      switch (s->planar * 1000 + s->bpp * 10 + s->bppcount) {
      case 11:
          s->avctx->pix_fmt = AV_PIX_FMT_MONOBLACK;

Sure. Does it also solve the tiff-related CVE? Might be worthy to add areference to it.


lu
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel

Re: [libav-devel] [PATCH] tiff: check that there is no aliasing in pixel format selection

Reply via email to