highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

apedec: check bits <= 32

Browse Source 
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer
2012-03-28 08:22:39 +02:00
parent 936951ca5c
commit 7a5e587249
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libavcodec/apedec.c
View File

@@ -421,9 +421,12 @@ static inline int ape_decode_value(APEContext *ctx, APERice *rice)
if (tmpk <= 16) if (tmpk <= 16)
x = range_decode_bits(ctx, tmpk); x = range_decode_bits(ctx, tmpk);
else { else if (tmpk <= 32) {
x = range_decode_bits(ctx, 16); x = range_decode_bits(ctx, 16);
x |= (range_decode_bits(ctx, tmpk - 16) << 16); x |= (range_decode_bits(ctx, tmpk - 16) << 16);
} else {
av_log(ctx->avctx, AV_LOG_ERROR, "too many bits\n");
return -1;
} }
x += overflow << tmpk; x += overflow << tmpk;
} else { } else {