Fixes out of array access
Fixes: asan_heap-oob_12a55d3_30_029.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 32e666c354)
Conflicts:
libavcodec/g2meet.c
Fixes out of array accesses
This should not affect any release
Fixes: 8ab69af9e5a7a7e20fe04cdd25c0d6e7-asan_heap-oob_e72b82_5505_cov_2278389485_g2m4.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6b53c1aa82)
Conflicts:
libavcodec/g2meet.c
Fixes out of array read
Fixes: asan_heap-uaf_ae6067_5415_g2m4.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6d9dad6a7c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array accesses
Fixes: asan_heap-oob_ae5f63_5415_g2m4.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 83f7bd6dcf)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Currently the code can in some cases draw tiles that hang outside the
allocated buffer. This patch increases the buffer size to avoid out
of array accesses. An alternative would be to fail if such tiles are
encountered.
I do not know if any valid files use such hanging tiles.
Fixes Ticket2971
Found-by: ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'b1e469885362febce3d9a4678624e44a92f77da9':
g2meet: Allocate cursor buffers large enough to fit the aligned width
See: 3c4c5ca1c1
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
g2meet: do not leak buffers
g2meet: more graceful cursor loading
g2meet: reset dimensions on header parsing errors
Conflicts:
libavcodec/g2meet.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
