Check codec_id and codec_type in avcodec_open(), based on 43_codec_type_mismatch.patch from chrome

This is said to be able to lead to a stack based buffer overflow. Originally committed as revision 19973 to svn://svn.ffmpeg.org/ffmpeg/trunk
author: Michael Niedermayer <michaelni@gmx.at> 2009-09-22 22:44:56 +0000
committer: Michael Niedermayer <michaelni@gmx.at> 2009-09-22 22:44:56 +0000
commit: 4c0dda2b3f45471faa233c62205e712fb072a76b (patch)
tree: 8ab4ee216b5fde2c933fd92ecf4be6b29e32bf48 /libavcodec/utils.c
parent: 6e3fa35d295ff6038cfcac0e03000769f0c656d5 (diff)
download: ffmpeg-4c0dda2b3f45471faa233c62205e712fb072a76b.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index 1ec039e5e9..c31608df99 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -481,7 +481,10 @@ int attribute_align_arg avcodec_open(AVCodecContext *avctx, AVCodec *codec)
     }
 
     avctx->codec = codec;
-    avctx->codec_id = codec->id;
+    if(avctx->codec_id != codec->id || avctx->codec_type != codec->type){
+        av_log(avctx, AV_LOG_ERROR, "codec type or id mismatches\n");
+        goto end;
+    }
     avctx->frame_number = 0;
     if(avctx->codec->init){
         ret = avctx->codec->init(avctx);
author	Michael Niedermayer <michaelni@gmx.at>	2009-09-22 22:44:56 +0000
committer	Michael Niedermayer <michaelni@gmx.at>	2009-09-22 22:44:56 +0000
commit	4c0dda2b3f45471faa233c62205e712fb072a76b (patch)
tree	8ab4ee216b5fde2c933fd92ecf4be6b29e32bf48 /libavcodec/utils.c
parent	6e3fa35d295ff6038cfcac0e03000769f0c656d5 (diff)
download	ffmpeg-4c0dda2b3f45471faa233c62205e712fb072a76b.tar.gz