generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

h264_cabac: Break infinite loops

Browse Source 
This fixes out of array reads and/or infinite loops.

30 is the maximum number of bits that can be read into
coeff_abs below.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Martin Storsjö <martin@martin.st>
This commit is contained in:
Michael Niedermayer
2013-01-31 04:20:24 +01:00
committed by Vittorio Giovara
parent 3670942fae
commit 91ef250713
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/h264_cabac.c
View File

@@ -1710,7 +1710,7 @@ decode_cabac_residual_internal(H264Context *h, int16_t *block,
\ \
if( coeff_abs >= 15 ) { \ if( coeff_abs >= 15 ) { \
int j = 0; \ int j = 0; \
while( get_cabac_bypass( CC ) ) { \ while (get_cabac_bypass(CC) && j < 30) { \
j++; \ j++; \
} \ } \
\ \