aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRonald S. Bultje <rsbultje@gmail.com>2012-03-13 17:18:41 -0700
committerReinhard Tartler <siretart@tauware.de>2012-05-04 22:09:27 +0200
commit7240cc3f8b8798dfbb5d1adda7afb53dc0c871c1 (patch)
tree9aeb3905ed3549c9f2eccb8e75dfca4989b97dd0
parent7fe4c8cb761b0fc8685dacf9f187311b9d124a52 (diff)
downloadffmpeg-7240cc3f8b8798dfbb5d1adda7afb53dc0c871c1.tar.gz
jpeg: handle progressive in second field of interlaced.
Progressive data is allocated later in decode_sof(), not allocating that data leads to NULL dereferences. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 5eec5a79da118170f3cfe185a862783d3fa50abe) Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Diffstat
-rw-r--r--libavcodec/mjpegdec.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index a7950287e2..7f12fc162c 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -306,9 +306,7 @@ int ff_mjpeg_decode_sof(MJpegDecodeContext *s)
s->first_picture = 0;
}
- if (s->interlaced && (s->bottom_field == !s->interlace_polarity))
- return 0;
-
+ if (!(s->interlaced && (s->bottom_field == !s->interlace_polarity))) {
/* XXX: not complete test ! */
pix_fmt_id = (s->h_count[0] << 28) | (s->v_count[0] << 24) |
(s->h_count[1] << 20) | (s->v_count[1] << 16) |
@@ -375,6 +373,7 @@ int ff_mjpeg_decode_sof(MJpegDecodeContext *s)
if (len != (8 + (3 * nb_components)))
av_log(s->avctx, AV_LOG_DEBUG, "decode_sof0: error, len(%d) mismatch\n", len);
+ }
/* totally blank picture as progressive JPEG will only add details to it */
if (s->progressive) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 16:54:17 +0000