RepoMirrors
/
ffmpeg
mirror of https://git.ffmpeg.org/ffmpeg.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/vp7: Fix null pointer dereference in vp7_decode_frame_header() 

This simply copies the "interframe without a prior keyframe" check
thats done later into vp7_decode_frame_header()

Found-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2014-03-27 04:40:48 +01:00
parent d5c9843cd2
commit 57e939d963
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libavcodec/vp8.c
View File

@ -521,6 +521,13 @@ static int vp7_decode_frame_header(VP8Context *s, const uint8_t *buf, int buf_si
int alpha = (int8_t)vp8_rac_get_uint(c, 8);
int beta = (int8_t)vp8_rac_get_uint(c, 8);
if (!s->keyframe && (alpha || beta)) {
if (!s->framep[VP56_FRAME_PREVIOUS] ||
!s->framep[VP56_FRAME_GOLDEN]) {
av_log(s->avctx, AV_LOG_WARNING, "Discarding interframe without a prior keyframe!\n");
return AVERROR_INVALIDDATA;
}
/* preserve the golden frame */
if (s->framep[VP56_FRAME_GOLDEN] == s->framep[VP56_FRAME_PREVIOUS]) {
AVFrame *gold = s->framep[VP56_FRAME_GOLDEN]->tf.f;