Fix bug in error handling that causes segfault
See: https://code.google.com/p/chromium/issues/detail?id=362697 The code properly catches an invalid stream but seg faults instead of returning an error due to a buffer not having been initialized. This code fixes that. Change-Id: I695595e742cb08807e1dfb2f00bc097b3eae3a9b
This commit is contained in:
Jim Bankoski
committed by
Gerrit Code Review
Gerrit Code Review
parent
edbd05ff10
commit
88ba08818e
@@ -260,10 +260,10 @@ int vp9_receive_compressed_data(VP9Decoder *pbi,
|
||||
// TODO(jkoleszar): Error concealment is undefined and non-normative
|
||||
// at this point, but if it becomes so, [0] may not always be the correct
|
||||
// thing to do here.
|
||||
if (cm->frame_refs[0].idx != INT_MAX)
|
||||
if (cm->frame_refs[0].idx != INT_MAX && cm->frame_refs[0].buf != NULL)
|
||||
cm->frame_refs[0].buf->corrupted = 1;
|
||||
|
||||
if (cm->frame_bufs[cm->new_fb_idx].ref_count > 0)
|
||||
if (cm->new_fb_idx > 0 && cm->frame_bufs[cm->new_fb_idx].ref_count > 0)
|
||||
cm->frame_bufs[cm->new_fb_idx].ref_count--;
|
||||
|
||||
return -1;
|
||||
|
||||
Reference in New Issue
Block a user