diff options
| author | Michael Niedermayer <michael@niedermayer.cc> | 2015-07-13 19:10:59 +0200 |
|---|---|---|
| committer | Michael Niedermayer <michael@niedermayer.cc> | 2015-07-13 19:11:56 +0200 |
| commit | 697160366fd101898ef0caeac96234a64137eaad (patch) | |
| tree | 314558464d0937ff82ac35c5169fdfe5bef40ed2 | |
| parent | ba051661746fbab603bca39a217fa96262a4b0c0 (diff) | |
| download | ffmpeg-697160366fd101898ef0caeac96234a64137eaad.tar.gz | |
avcodec/vp3: check current_frame before accessing it
Fixes null pointer dereference
Fixes: b15eb06e0111e94bc59123c86db7aff9_signal_sigsegv_a0500f_45_320vp3.nsv with allocation limit 536870912
Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
| -rw-r--r-- | libavcodec/vp3.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c index 005f043b0f..2492026cb6 100644 --- a/libavcodec/vp3.c +++ b/libavcodec/vp3.c @@ -1947,6 +1947,8 @@ static int vp3_update_thread_context(AVCodecContext *dst, const AVCodecContext * } if (s != s1) { + if (!s->current_frame.f) + return AVERROR(ENOMEM); // init tables if the first frame hasn't been decoded if (!s->current_frame.f->data[0]) { int y_fragment_count, c_fragment_count; |