RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-02-25 16:21:13 +00:00
Code Issues Projects Releases Wiki Activity

tiff: Check that there is no aliasing in pixel format selection

Browse Source 
Fixes possible issues with unexpected bpp/bppcount values.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Bug-Id: CVE-2014-8544
(cherry picked from commit ae5e1f3d66)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
This commit is contained in:
Anton Khirnov 2015-03-07 22:06:59 +01:00 committed by Reinhard Tartler
parent 0051174c70
commit eb9041403d
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libavcodec/tiff.c
View File

@ -270,6 +270,14 @@ static int init_image(TiffContext *s, AVFrame *frame)
int i, ret;
uint32_t *pal;
// make sure there is no aliasing in the following switch
if (s->bpp >= 100 || s->bppcount >= 10) {
av_log(s->avctx, AV_LOG_ERROR,
"Unsupported image parameters: bpp=%d, bppcount=%d\n",
s->bpp, s->bppcount);
return AVERROR_INVALIDDATA;
}
switch (s->bpp * 10 + s->bppcount) {
case 11:
s->avctx->pix_fmt = AV_PIX_FMT_MONOBLACK;