[FFmpeg-cvslog] avcodec/jpeg2000dec: Check SIZ dimensions to be within the supported range
Michael Niedermayer
git at videolan.org
Wed Nov 18 12:42:48 CET 2015
ffmpeg | branch: release/2.7 | Michael Niedermayer <michael at niedermayer.cc> | Sun Nov 15 21:12:50 2015 +0100| [2deaccfe670e2c51d895951d2e1cb73b04c87e99] | committer: Michael Niedermayer
avcodec/jpeg2000dec: Check SIZ dimensions to be within the supported range
Fixes potential integer overflows
Fixes: 03e0abe721b1174856d41a1eb5d6a896/signal_sigabrt_7ffff6ae7cc9_3813_e71bf3541abed3ccba031cd5ba0269a4.avi
This fix is choosen to be simple to backport, better solution
for master is planed
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6ef819c40bcc2175edba7ce9e20c3036c01b36b9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2deaccfe670e2c51d895951d2e1cb73b04c87e99
---
libavcodec/jpeg2000dec.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index 04f9423..34591c3 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -252,6 +252,10 @@ static int get_siz(Jpeg2000DecoderContext *s)
avpriv_request_sample(s->avctx, "Support for image offsets");
return AVERROR_PATCHWELCOME;
}
+ if (s->width > 32768U || s->height > 32768U) {
+ avpriv_request_sample(s->avctx, "Large Dimensions");
+ return AVERROR_PATCHWELCOME;
+ }
if (ncomponents <= 0) {
av_log(s->avctx, AV_LOG_ERROR, "Invalid number of components: %d\n",
More information about the ffmpeg-cvslog
mailing list