generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix for overflow issue in mpegvideo.c patch by (Martin Boehme: boehme, inb uni-luebeck de)

Browse Source 
this integer overflow might lead to the execution of arbitrary code during encoding with threads

Originally committed as revision 4474 to svn://svn.ffmpeg.org/ffmpeg/trunk
This commit is contained in:
Martin Boehme 2005-07-25 23:07:27 +00:00 committed by Michael Niedermayer
parent d8cbeba156
commit acb22f9391
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/mpegvideo.c
View File

@ -2316,8 +2316,8 @@ int MPV_encode_picture(AVCodecContext *avctx,
int start_y= s->thread_context[i]->start_mb_y;
int end_y= s->thread_context[i]-> end_mb_y;
int h= s->mb_height;
uint8_t *start= buf + buf_size*start_y/h;
uint8_t *end = buf + buf_size* end_y/h;
uint8_t *start= buf + (size_t)(((int64_t) buf_size)*start_y/h);
uint8_t *end = buf + (size_t)(((int64_t) buf_size)* end_y/h);
init_put_bits(&s->thread_context[i]->pb, start, end - start);
}