mirror of
https://git.ffmpeg.org/ffmpeg.git
synced 2024-12-24 16:22:37 +00:00
avcodec/cdgraphics: check buffer size before use
Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
parent
ead590c256
commit
ad002e1a13
@ -289,7 +289,9 @@ static int cdg_decode_frame(AVCodecContext *avctx,
|
|||||||
inst = bytestream_get_byte(&buf);
|
inst = bytestream_get_byte(&buf);
|
||||||
inst &= CDG_MASK;
|
inst &= CDG_MASK;
|
||||||
buf += 2; /// skipping 2 unneeded bytes
|
buf += 2; /// skipping 2 unneeded bytes
|
||||||
bytestream_get_buffer(&buf, cdg_data, buf_size - CDG_HEADER_SIZE);
|
|
||||||
|
if (buf_size > CDG_HEADER_SIZE)
|
||||||
|
bytestream_get_buffer(&buf, cdg_data, buf_size - CDG_HEADER_SIZE);
|
||||||
|
|
||||||
if ((command & CDG_MASK) == CDG_COMMAND) {
|
if ((command & CDG_MASK) == CDG_COMMAND) {
|
||||||
switch (inst) {
|
switch (inst) {
|
||||||
|
Loading…
Reference in New Issue
Block a user