aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Niedermayer <michaelni@gmx.at>2007-04-14 22:05:12 +0000
committerMichael Niedermayer <michaelni@gmx.at>2007-04-14 22:05:12 +0000
commit6c3dba5760a18dff23213d0c4de7f57065a4648c (patch)
tree56a2d6b2195901a80defb8a709a27678c0d8cab7
parentc28baf069de9170cf8a938a2e64d033f2b426618 (diff)
downloadffmpeg-6c3dba5760a18dff23213d0c4de7f57065a4648c.tar.gz
correct another possible buffer overflow where interlaced would
get stuck to 1 but then width/height would change and interlaced wouldnt be reset ... Originally committed as revision 8735 to svn://svn.ffmpeg.org/ffmpeg/trunk
-rw-r--r--libavcodec/mjpeg.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/libavcodec/mjpeg.c b/libavcodec/mjpeg.c
index 7f443954be..a0e71d4d2e 100644
--- a/libavcodec/mjpeg.c
+++ b/libavcodec/mjpeg.c
@@ -1171,6 +1171,7 @@ static int mjpeg_decode_sof(MJpegDecodeContext *s)
s->width = width;
s->height = height;
+ s->interlaced = 0;
/* test interlaced mode */
if (s->first_picture &&
@@ -2258,8 +2259,6 @@ read_header:
skip_bits(&hgb, 32); /* padded field size */
second_field_offs = get_bits_long(&hgb, 32);
av_log(avctx, AV_LOG_DEBUG, "second field offs: 0x%x\n", second_field_offs);
- if (second_field_offs)
- s->interlaced = 1;
dqt_offs = get_bits_long(&hgb, 32);
av_log(avctx, AV_LOG_DEBUG, "dqt offs: 0x%x\n", dqt_offs);