[vlc-devel] [PATCH] avcodec: Extend the check for impossible dimensions
Luca Barbato
lu_zero at gentoo.org
Sat Apr 26 21:58:10 CEST 2014
Overly large frame sizes are commonly caused by broken streams.
Bug-Id: 11245
---
It isn't the perfect solution, sending in case you need it really quick.
modules/codec/avcodec/video.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/modules/codec/avcodec/video.c b/modules/codec/avcodec/video.c
index 022dee1..15a3c44 100644
--- a/modules/codec/avcodec/video.c
+++ b/modules/codec/avcodec/video.c
@@ -136,9 +136,11 @@ static inline picture_t *ffmpeg_NewPictBuf( decoder_t *p_dec,
avcodec_align_dimensions2(p_context, &width, &height, aligns);
}
- if( width == 0 || height == 0)
- return NULL; /* invalid display size */
+ if( width == 0 || height == 0 || width > (1 << 14) || height > (1 << 14) ) {
+ msg_Err( p_dec, "Excessive frame size %dx%d.", width, height );
+ return NULL; /* invalid display size */
+ }
p_dec->fmt_out.video.i_width = width;
p_dec->fmt_out.video.i_height = height;
--
1.8.5.1
More information about the vlc-devel
mailing list