# HG changeset patch
# User gpoirier
# Date 1165357099 0
# Node ID 758ba4a1847839ff0ae0ab60e46f366954bb10db
# Parent  c37ea749711e43256425c9cb313cb0d7414f75a3
fix crash when decoding a truncated H264 slice
patch by Alexander Chemeris % ipse P ffmpeg A gmail.com %
Original thread:
date: Dec 5, 2006 7:26 PM
subject: [Ffmpeg-devel] [PATCH] Fix crush when truncated slice passed to H.264 decoder

diff -r c37ea749711e -r 758ba4a18478 h264.c
--- a/h264.c	Tue Dec 05 22:05:09 2006 +0000
+++ b/h264.c	Tue Dec 05 22:18:19 2006 +0000
@@ -4883,6 +4883,10 @@
 
     if(total_coeff==0)
         return 0;
+    if(total_coeff<0) {
+        av_log(h->s.avctx, AV_LOG_ERROR, "corrupted macroblock %d %d (total_coeff<0)\n", s->mb_x, s->mb_y);
+        return -1;
+    }
 
     trailing_ones= coeff_token&3;
     tprintf("trailing:%d, total:%d\n", trailing_ones, total_coeff);