RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-01-07 07:40:16 +00:00
Code Issues Projects Releases Wiki Activity

avcodec/mpegvideo: Fix null pointer dereference of picture array

Browse Source 
Fixes: 0d0a2bace067d09c08f0fa5340496c23_signal_sigsegv_7ffff713351a_342_WobblyWindowsIntro.avi with memlimit of 67108864

Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2015-07-14 00:07:53 +02:00
parent 503ec7139f
commit 4bde1a4a37
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/mpegvideo.c
View File

@ -524,7 +524,7 @@ int ff_mpeg_update_thread_context(AVCodecContext *dst,
if(s->picture) if(s->picture)
for (i = 0; i < MAX_PICTURE_COUNT; i++) { for (i = 0; i < MAX_PICTURE_COUNT; i++) {
ff_mpeg_unref_picture(s->avctx, &s->picture[i]); ff_mpeg_unref_picture(s->avctx, &s->picture[i]);
if (s1->picture[i].f->buf[0] && if (s1->picture && s1->picture[i].f->buf[0] &&
(ret = ff_mpeg_ref_picture(s->avctx, &s->picture[i], &s1->picture[i])) < 0) (ret = ff_mpeg_ref_picture(s->avctx, &s->picture[i], &s1->picture[i])) < 0)
return ret; return ret;
} }