Mercurial > libavcodec.hg
diff smacker.c @ 3303:68721b62a528 libavcodec
sanity checks, some might have been exploitable ...
author | michael |
---|---|
date | Sat, 13 May 2006 10:45:26 +0000 |
parents | a931984ec6ab |
children | 48fc664f7348 |
line wrap: on
line diff
--- a/smacker.c Thu May 11 23:17:23 2006 +0000 +++ b/smacker.c Sat May 13 10:45:26 2006 +0000 @@ -177,6 +177,11 @@ int escapes[3]; DBCtx ctx; + if(size >= UINT_MAX>>4){ // (((size + 3) >> 2) + 3) << 2 must not overflow + av_log(smk->avctx, AV_LOG_ERROR, "size too large\n"); + return -1; + } + tmp1.length = 256; tmp1.maxlength = 0; tmp1.current = 0;