mirror of
https://git.ffmpeg.org/ffmpeg.git
synced 2024-12-26 09:12:33 +00:00
avcodec/mlz: Check offset before writing
Fixes: 0cee183a09bff5aa5108429717c35a4d/asan_heap-oob_1d99eca_3702_9ef60e80de79082a778d3d9ce8ef3b64.mp4 Affects no release Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
parent
2f7a12fab5
commit
c0fc83ed41
@ -81,6 +81,10 @@ static int decode_string(MLZ* mlz, unsigned char *buff, int string_code, int *fi
|
||||
} else {
|
||||
offset = dict[current_code].match_len - 1;
|
||||
tmp_code = dict[current_code].char_code;
|
||||
if (offset >= bufsize) {
|
||||
av_log(mlz->context, AV_LOG_ERROR, "MLZ offset error.\n");
|
||||
return count;
|
||||
}
|
||||
buff[offset] = tmp_code;
|
||||
count++;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user