diff options
| author | Laurent Aimar <[email protected]> | 2011-10-01 00:45:04 +0200 |
|---|---|---|
| committer | Reinhard Tartler <[email protected]> | 2011-12-24 16:07:49 +0100 |
| commit | 8abf1d882eee75e9fe2b31f387afaf5ad339f4b3 (patch) | |
| tree | fee63a089521fcc89aff611264a046282b02edfa | |
| parent | 1a5309540663a844080e9eec09477ea909a50efe (diff) | |
Fix out of bound reads in the QDM2 decoder.
Signed-off-by: Michael Niedermayer <[email protected]>
Signed-off-by: Justin Ruggles <[email protected]>
(cherry picked from commit 5a19acb17ceb71657b0eec51dac651953520e5c8)
Signed-off-by: Reinhard Tartler <[email protected]>
(cherry picked from commit 0d93d5c4614fafea74bdac681673f5b32eb49063)
Signed-off-by: Reinhard Tartler <[email protected]>
| -rw-r--r-- | libavcodec/qdm2.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/libavcodec/qdm2.c b/libavcodec/qdm2.c index 0a21bc8b81..0a4840242f 100644 --- a/libavcodec/qdm2.c +++ b/libavcodec/qdm2.c @@ -1378,6 +1378,8 @@ static void qdm2_fft_decode_tones (QDM2Context *q, int duration, GetBitContext * return; local_int_14 = (offset >> local_int_8); + if (local_int_14 >= FF_ARRAY_ELEMS(fft_level_index_table)) + return; if (q->nb_channels > 1) { channel = get_bits1(gb); |