[FFmpeg-devel] [PATCH] avcodec/golomb: Mask shift amount before use in get_ue_golomb()
Michael Niedermayer
michaelni at gmx.at
Thu Dec 3 23:09:35 CET 2015
From: Michael Niedermayer <michael at niedermayer.cc>
Fixes undefined behavior
Fixes: mozilla bug 1229208
Fixes: fbeb8b2c7c996e9b91c6b1af319d7ebc/asan_heap-oob_195450f_2743_e8856ece4579ea486670be2b236099a0.bit
Found-by: Tyson Smith
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
---
libavcodec/golomb.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h
index d30bb6b..323665d 100644
--- a/libavcodec/golomb.h
+++ b/libavcodec/golomb.h
@@ -72,7 +72,7 @@ static inline int get_ue_golomb(GetBitContext *gb)
av_log(NULL, AV_LOG_ERROR, "Invalid UE golomb code\n");
return AVERROR_INVALIDDATA;
}
- buf >>= log;
+ buf >>= log & 31;
buf--;
return buf;
--
1.7.9.5
More information about the ffmpeg-devel
mailing list