On 18/04/15 18:58, Andreas Cadhalpun wrote: > If begin is smaller than t, the subtraction 'begin -= t' wraps around, > because begin is unsigned. The same applies for end < t. > > This causes segmentation faults.
Actually, the access to raw_buffer seems a bit optimistic all over this code. I'd check that `master` is always between `raw_buffer` and the end of it. (I'm not sure if `div_blocks` is validated before, same for `offset`) lu _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
