On 19.12.2015 14:23, Michael Niedermayer wrote: > On Sat, Dec 19, 2015 at 12:17:42PM +0100, Andreas Cadhalpun wrote: >> On 19.12.2015 01:32, Michael Niedermayer wrote: >>> On Fri, Dec 18, 2015 at 08:13:06PM +0100, Andreas Cadhalpun wrote: >>>> xwddec.c | 6 ++++++ >>>> 1 file changed, 6 insertions(+) >>>> 0be27d89a669445b523bfdac99884065e3581f3c >>>> 0001-xwddec-prevent-overflow-of-lsize-avctx-height.patch >>>> From fb40616d7b432680b92dc3adc44a5b5d12fac55d Mon Sep 17 00:00:00 2001 >>>> From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> >>>> Date: Fri, 18 Dec 2015 19:28:51 +0100 >>>> Subject: [PATCH] xwddec: prevent overflow of lsize * avctx->height >>>> >>>> This is used to check if the input buffer is larger enough, so if this >>>> overflows it can cause a false negative leading to a segmentation fault >>>> in bytestream2_get_bufferu. >>> >>> cant the addition overflow too in the input buffer check ? >> >> Probably. >> >>> if so then using 64bit in the input buffer check would avoid the >>> need for a explicit check on lsize >> >> Indeed, that's simpler. New patch attached. > > LGTM
Pushed. Best regards, Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
