eessppeelllloo/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-12-12 18:10:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update safety check as the maximum pixel size is no longer 4.

Browse Source 
New max size is 16bit * 4 samples (RGBA).

Originally committed as revision 18655 to svn://svn.ffmpeg.org/ffmpeg/trunk
(cherry picked from commit 445f0a8b66)

Addresses: CVE-2010-3908
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
This commit is contained in:
Michael Niedermayer
2009-04-22 01:54:05 +00:00
committed by Reinhard Tartler
parent c9864adf34
commit 48b086b0ef
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/utils.c
View File

@@ -189,7 +189,7 @@ void avcodec_align_dimensions(AVCodecContext *s, int *width, int *height){
}
int avcodec_check_dimensions(void *av_log_ctx, unsigned int w, unsigned int h){
if((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/4)
if((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/8)
return 0;
av_log(av_log_ctx, AV_LOG_ERROR, "picture size invalid (%ux%u)\n", w, h);