avcodec/cabac: Check initial cabac decoder state

Fixes integer overflows Fixes: 1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_421427_2340_591e9810c7b09efe501ad84638c9e9f8.264 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Found-by: xiedingbao (Ticket4727) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-11-27 13:37:50 +01:00
parent a1f6b05f52
commit 8000d484b8
5 changed files with 14 additions and 5 deletions
--- a/libavcodec/cabac_functions.h
+++ b/libavcodec/cabac_functions.h
@@ -191,7 +191,8 @@ static av_unused const uint8_t* skip_bytes(CABACContext *c, int n) {
 #endif
    if ((int) (c->bytestream_end - ptr) < n)
        return NULL;
-    ff_init_cabac_decoder(c, ptr + n, c->bytestream_end - ptr - n);
+    if (ff_init_cabac_decoder(c, ptr + n, c->bytestream_end - ptr - n) < 0)
+        return NULL;

    return ptr;
 }