OSDN Git Service
(root)
/
android-x86
/
external-ffmpeg.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
402fb55
)
h264_cabac: Break infinite loops
author
Michael Niedermayer
<michaelni@gmx.at>
Thu, 31 Jan 2013 03:20:24 +0000
(
04:20
+0100)
committer
Martin Storsjö
<martin@martin.st>
Thu, 15 Jan 2015 08:17:01 +0000
(10:17 +0200)
This fixes out of array reads and/or infinite loops.
30 is the maximum number of bits that can be read into
coeff_abs below.
CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Martin Storsjö <martin@martin.st>
libavcodec/h264_cabac.c
patch
|
blob
|
history
diff --git
a/libavcodec/h264_cabac.c
b/libavcodec/h264_cabac.c
index
1e91626
..
0ad8ac0
100644
(file)
--- a/
libavcodec/h264_cabac.c
+++ b/
libavcodec/h264_cabac.c
@@
-1712,7
+1712,7
@@
decode_cabac_residual_internal(H264Context *h, int16_t *block,
\
if( coeff_abs >= 15 ) { \
int j = 0; \
- while
( get_cabac_bypass( CC )
) { \
+ while
(get_cabac_bypass(CC) && j < 30
) { \
j++; \
} \
\
OSDN Git Service
