Thierry Foucu: > --- > libavcodec/mpeg12dec.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c > index b27ed5bd6d..edca202f0e 100644 > --- a/libavcodec/mpeg12dec.c > +++ b/libavcodec/mpeg12dec.c > @@ -1341,8 +1341,11 @@ static int mpeg1_decode_picture(AVCodecContext *avctx, > const uint8_t *buf, > Mpeg1Context *s1 = avctx->priv_data; > MpegEncContext *s = &s1->mpeg_enc_ctx; > int ref, f_code, vbv_delay; > + int ret = 0; > > - init_get_bits(&s->gb, buf, buf_size * 8); > + ret = init_get_bits(&s->gb, buf, buf_size * 8); > + if (ret < 0) > + return ret; > > ref = get_bits(&s->gb, 10); /* temporal ref */ > s->pict_type = get_bits(&s->gb, 3); > Actually, you should use init_get_bits8(), because this checks that buf_size * 8 actually fits into an int. (Are sizes > 256MiB actually possible for mpeg1/2? I doubt it.)
- Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
