RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-01-14 11:21:29 +00:00
Code Issues Projects Releases Wiki Activity

escape124: fix integer overflow leading to excessive memory allocation

Browse Source 
Fixes Ticket1629

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2012-08-16 22:28:29 +02:00
parent 4b529edff8
commit 3d7817048c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/escape124.c
View File

@ -48,7 +48,7 @@ typedef struct Escape124Context {
CodeBook codebooks[3]; CodeBook codebooks[3];
} Escape124Context; } Escape124Context;
static int can_safely_read(GetBitContext* gb, int bits) { static int can_safely_read(GetBitContext* gb, uint64_t bits) {
return get_bits_left(gb) >= bits; return get_bits_left(gb) >= bits;
} }
@ -90,7 +90,7 @@ static CodeBook unpack_codebook(GetBitContext* gb, unsigned depth,
unsigned i, j; unsigned i, j;
CodeBook cb = { 0 }; CodeBook cb = { 0 };
if (!can_safely_read(gb, size * 34)) if (!can_safely_read(gb, size * 34L))
return cb; return cb;
if (size >= INT_MAX / sizeof(MacroBlock)) if (size >= INT_MAX / sizeof(MacroBlock))