On Fri, Feb 12, 2021 at 8:48 PM Michael Niedermayer <[email protected]> wrote:
> On Fri, Feb 12, 2021 at 12:00:17AM +0100, Paul B Mahol wrote: > > Signed-off-by: Paul B Mahol <[email protected]> > > --- > > libavcodec/dpx.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/libavcodec/dpx.c b/libavcodec/dpx.c > > index 5372e3d586..68a2762017 100644 > > --- a/libavcodec/dpx.c > > +++ b/libavcodec/dpx.c > > @@ -606,6 +606,9 @@ static int decode_frame(AVCodecContext *avctx, > > > > ff_set_sar(avctx, avctx->sample_aspect_ratio); > > > > + if (buf_size - offset < (((uint64_t)elements * avctx->width * > avctx->height * bits_per_color) >> 3)) > > + return AVERROR_INVALIDDATA; > > looks reasonable, i did not check that this is exactly correct for all > cases though > I think that there is already check for this, I just may be triggered overreads while working on not finished code. > > thx > > [...] > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > The worst form of inequality is to try to make unequal things equal. > -- Aristotle > _______________________________________________ > ffmpeg-devel mailing list > [email protected] > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > [email protected] with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list [email protected] https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email [email protected] with subject "unsubscribe".
