generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mkv: Fix a bug where a pointer was cached to an array that might later move due to

Browse Source 
a realloc()

BUG=100492
Review URL: http://codereview.chromium.org/8366004
Fixes: 1 of 2 for CVE-2011-3893

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f35e037c93)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Chris Evans
2012-01-04 16:33:34 +01:00
committed by Michael Niedermayer
parent 1bd1103175
commit 49b8709870
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavformat/matroskadec.c
View File

@@ -1223,7 +1223,6 @@ static int matroska_parse_seekhead_entry(MatroskaDemuxContext *matroska, int idx
static void matroska_execute_seekhead(MatroskaDemuxContext *matroska)
{
EbmlList *seekhead_list = &matroska->seekhead;
MatroskaSeekhead *seekhead = seekhead_list->elem;
int64_t before_pos = avio_tell(matroska->ctx->pb);
int i;
@@ -1233,6 +1232,7 @@ static void matroska_execute_seekhead(MatroskaDemuxContext *matroska)
return;
for (i = 0; i < seekhead_list->nb_elem; i++) {
MatroskaSeekhead *seekhead = seekhead_list->elem;
if (seekhead[i].pos <= before_pos)
continue;