mirror of https://git.ffmpeg.org/ffmpeg.git
h264_cabac: Break infinite loops
This fixes out of array reads and/or infinite loops. 30 is the maximum number of bits that can be read into coeff_abs below. CC: libav-stable@libav.org Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Martin Storsjö <martin@martin.st>
This commit is contained in:
parent
402fb5550e
commit
def69553e7
|
@ -1712,7 +1712,7 @@ decode_cabac_residual_internal(H264Context *h, int16_t *block,
|
||||||
\
|
\
|
||||||
if( coeff_abs >= 15 ) { \
|
if( coeff_abs >= 15 ) { \
|
||||||
int j = 0; \
|
int j = 0; \
|
||||||
while( get_cabac_bypass( CC ) ) { \
|
while (get_cabac_bypass(CC) && j < 30) { \
|
||||||
j++; \
|
j++; \
|
||||||
} \
|
} \
|
||||||
\
|
\
|
||||||
|
|
Loading…
Reference in New Issue