RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Actually return with an error condition if we're being asked to deal with too 

many reference frames. Also check max num ref frames against our internal
ref buffer sizes.
Part of fix for roundup issue 281

Originally committed as revision 11215 to svn://svn.ffmpeg.org/ffmpeg/trunk
This commit is contained in:
Jeff Downs 2007-12-14 05:48:27 +00:00
parent 33e0073129
commit 41f7e2d11d
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libavcodec/h264.c
View File

@ -7210,8 +7210,9 @@ static inline int decode_seq_parameter_set(H264Context *h){
}
tmp= get_ue_golomb(&s->gb);
if(tmp > MAX_PICTURE_COUNT-2){
if(tmp > MAX_PICTURE_COUNT-2 || tmp >= 32){
av_log(h->s.avctx, AV_LOG_ERROR, "too many reference frames\n");
return -1;
}
sps->ref_frame_count= tmp;
sps->gaps_in_frame_num_allowed_flag= get_bits1(&s->gb);