highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

avcodec/jpeg2000dec: Check SIZ dimensions to be within the supported range

Browse Source 
Fixes potential integer overflows
Fixes: 03e0abe721b1174856d41a1eb5d6a896/signal_sigabrt_7ffff6ae7cc9_3813_e71bf3541abed3ccba031cd5ba0269a4.avi

This fix is choosen to be simple to backport, better solution
for master is planed

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer 2015-11-15 21:12:50 +01:00
parent a1a8cbcb35
commit 6ef819c40b
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/jpeg2000dec.c
View File

@ -279,6 +279,10 @@ static int get_siz(Jpeg2000DecoderContext *s)
avpriv_request_sample(s->avctx, "Support for image offsets"); avpriv_request_sample(s->avctx, "Support for image offsets");
return AVERROR_PATCHWELCOME; return AVERROR_PATCHWELCOME;
} }
if (s->width > 32768U || s->height > 32768U) {
avpriv_request_sample(s->avctx, "Large Dimensions");
return AVERROR_PATCHWELCOME;
}
if (ncomponents <= 0) { if (ncomponents <= 0) {
av_log(s->avctx, AV_LOG_ERROR, "Invalid number of components: %d\n", av_log(s->avctx, AV_LOG_ERROR, "Invalid number of components: %d\n",