diff options
| author | Michael Niedermayer <michael@niedermayer.cc> | 2015-12-04 00:31:44 +0100 |
|---|---|---|
| committer | Michael Niedermayer <michael@niedermayer.cc> | 2015-12-04 01:55:11 +0100 |
| commit | 77a644e6fa4aaeb2c26cfaa0e8ec3b19829b8d88 (patch) | |
| tree | abe60320facc3ca608da9ed3e02663bf66afb468 | |
| parent | cafb19560401612a07760d230a50d9c1d0564daf (diff) | |
| download | ffmpeg-77a644e6fa4aaeb2c26cfaa0e8ec3b19829b8d88.tar.gz | |
avcodec/h264_direct: Check CO-POCs before use
Fixes harmless integer overflow
Fixes mozilla bug 1230286
Found-by: Tyson Smith
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
| -rw-r--r-- | libavcodec/h264_direct.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/libavcodec/h264_direct.c b/libavcodec/h264_direct.c index 5756a7ba66..5f66a67d89 100644 --- a/libavcodec/h264_direct.c +++ b/libavcodec/h264_direct.c @@ -137,6 +137,10 @@ void ff_h264_direct_ref_list_init(const H264Context *const h, H264SliceContext * if (h->picture_structure == PICT_FRAME) { int cur_poc = h->cur_pic_ptr->poc; int *col_poc = sl->ref_list[1][0].parent->field_poc; + if (col_poc[0] == INT_MAX && col_poc[1] == INT_MAX) { + av_log(h->avctx, AV_LOG_ERROR, "co located POCs unavailable\n"); + sl->col_parity = 1; + } else sl->col_parity = (FFABS(col_poc[0] - cur_poc) >= FFABS(col_poc[1] - cur_poc)); ref1sidx = |