mirror of https://git.ffmpeg.org/ffmpeg.git
Fixed invalid read access on extra data in cinepak decoder.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dc255275f6
)
This commit is contained in:
parent
8511c141e0
commit
c9316b7c6d
|
@ -336,7 +336,8 @@ static int cinepak_decode (CinepakContext *s)
|
||||||
* If the frame header is followed by the bytes FE 00 00 06 00 00 then
|
* If the frame header is followed by the bytes FE 00 00 06 00 00 then
|
||||||
* this is probably one of the two known files that have 6 extra bytes
|
* this is probably one of the two known files that have 6 extra bytes
|
||||||
* after the frame header. Else, assume 2 extra bytes. */
|
* after the frame header. Else, assume 2 extra bytes. */
|
||||||
if ((s->data[10] == 0xFE) &&
|
if (s->size >= 16 &&
|
||||||
|
(s->data[10] == 0xFE) &&
|
||||||
(s->data[11] == 0x00) &&
|
(s->data[11] == 0x00) &&
|
||||||
(s->data[12] == 0x00) &&
|
(s->data[12] == 0x00) &&
|
||||||
(s->data[13] == 0x06) &&
|
(s->data[13] == 0x06) &&
|
||||||
|
|
Loading…
Reference in New Issue