Mercurial > libavcodec.hg

changeset 11455:70472d1d2524 libavcodec

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Check level_prefix a bit (this just checks the max our bitreader can handle, as i did nt find a limit in the spec) This should stop cavlc_decode_residual() on a zero bitstream
author michael
date Wed, 10 Mar 2010 09:55:03 +0000
parents 6c4e7bdce257
children c16e47ff9a49
files h264_cavlc.c
diffstat 1 files changed, 6 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/h264_cavlc.c	Wed Mar 10 02:56:52 2010 +0000
+++ b/h264_cavlc.c	Wed Mar 10 09:55:03 2010 +0000
@@ -431,8 +431,13 @@
                     level_code= prefix + get_bits(gb, 4); //part
             }else{
                 level_code= 30 + get_bits(gb, prefix-3); //part
-                if(prefix>=16)
+                if(prefix>=16){
+                    if(prefix > 25+3){
+                        av_log(h->s.avctx, AV_LOG_ERROR, "Invalid level prefix\n");
+                        return -1;
+                    }
                     level_code += (1<<(prefix-3))-4096;
+                }
             }
 
             if(trailing_ones < 3) level_code += 2;