aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnton Khirnov <anton@khirnov.net>2012-12-13 19:38:20 +0100
committerAnton Khirnov <anton@khirnov.net>2012-12-14 07:10:53 +0100
commitdeabb52ab4c1fdb3dd319f3980b1489a182011f1 (patch)
tree9ee9d3d7b1f11e72a2d15876a9a7ff0e1eb6c07b
parent07acdd651d1e2f4cfa5f610e616e70e323bb69cd (diff)
downloadffmpeg-deabb52ab4c1fdb3dd319f3980b1489a182011f1.tar.gz
ivi_common: check that scan pattern is set before using it.
Fixes CVE-2012-2791. CC: libav-stable@libav.org
-rw-r--r--libavcodec/ivi_common.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/libavcodec/ivi_common.c b/libavcodec/ivi_common.c
index 9b81094411..76782e5173 100644
--- a/libavcodec/ivi_common.c
+++ b/libavcodec/ivi_common.c
@@ -460,6 +460,11 @@ static int ivi_decode_blocks(GetBitContext *gb, IVIBandDesc *band, IVITile *tile
}
if (cbp & 1) { /* block coded ? */
+ if (!band->scan) {
+ av_log(avctx, AV_LOG_ERROR, "Scan pattern is not set.\n");
+ return AVERROR_INVALIDDATA;
+ }
+
scan_pos = -1;
memset(trvec, 0, num_coeffs*sizeof(trvec[0])); /* zero transform vector */
memset(col_flags, 0, sizeof(col_flags)); /* zero column flags */