aboutsummaryrefslogtreecommitdiffstats
path: root/libavcodec/escape124.c
diff options
context:
space:
mode:
authorMichael Niedermayer <michaelni@gmx.at>2012-08-16 22:28:29 +0200
committerMichael Niedermayer <michaelni@gmx.at>2012-09-15 00:18:39 +0200
commit9f1e01c9915fe0c86ad2b8f50e11fee9e1b00c62 (patch)
tree9c91d68f04af69dfc0d6cd2cbdde2501163dd56f /libavcodec/escape124.c
parent450e4b1a60721d25f306d97062f35c9c3d7989f8 (diff)
downloadffmpeg-9f1e01c9915fe0c86ad2b8f50e11fee9e1b00c62.tar.gz
escape124: fix integer overflow leading to excessive memory allocation
Fixes Ticket1629 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3d7817048cb387de87600f2152075f78b37b60a6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Diffstat (limited to 'libavcodec/escape124.c')
-rw-r--r--libavcodec/escape124.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/libavcodec/escape124.c b/libavcodec/escape124.c
index 283a5d644a..8548ea08a4 100644
--- a/libavcodec/escape124.c
+++ b/libavcodec/escape124.c
@@ -48,7 +48,7 @@ typedef struct Escape124Context {
CodeBook codebooks[3];
} Escape124Context;
-static int can_safely_read(GetBitContext* gb, int bits) {
+static int can_safely_read(GetBitContext* gb, uint64_t bits) {
return get_bits_left(gb) >= bits;
}
@@ -90,7 +90,7 @@ static CodeBook unpack_codebook(GetBitContext* gb, unsigned depth,
unsigned i, j;
CodeBook cb = { 0 };
- if (!can_safely_read(gb, size * 34))
+ if (!can_safely_read(gb, size * 34L))
return cb;
if (size >= INT_MAX / sizeof(MacroBlock))