Browse code
wmapro: error out on impossible scale factor offsets
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 02ec656af72030eea4f3d63e30b25625cce6a3df)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Luca Barbato authored on 2013/06/29 09:16:50Showing 1 changed files
| ... | ... |
@@ -435,7 +435,8 @@ static av_cold int decode_init(AVCodecContext *avctx) |
| 435 | 435 |
for (x = 0; x < num_possible_block_sizes; x++) {
|
| 436 | 436 |
int v = 0; |
| 437 | 437 |
while (s->sfb_offsets[x][v + 1] << x < offset) |
| 438 |
- ++v; |
|
| 438 |
+ if (++v >= MAX_BANDS) |
|
| 439 |
+ return AVERROR_INVALIDDATA; |
|
| 439 | 440 |
s->sf_offsets[i][x][b] = v; |
| 440 | 441 |
} |
| 441 | 442 |
} |