Mercurial > libavcodec.hg

diff dca.c @ 4883:9055ed00a295 libavcodec

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix exploitable buffer overflow
author michael
date Fri, 27 Apr 2007 12:41:55 +0000
parents 384c95879d8b
children 2b3fbf807734
line wrap: on
line diff
--- a/dca.c	Fri Apr 27 09:32:31 2007 +0000
+++ b/dca.c	Fri Apr 27 12:41:55 2007 +0000
@@ -1089,6 +1089,9 @@
     uint16_t *ssrc = (uint16_t *) src, *sdst = (uint16_t *) dst;
     PutBitContext pb;
 
+    if((unsigned)src_size > (unsigned)max_size)
+        return -1;
+
     mrk = AV_RB32(src);
     switch (mrk) {
     case DCA_MARKER_RAW_BE: