]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 409d1cd)
pcx: properly pad the scanline
authorAnton Khirnov <anton@khirnov.net>
Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)
committerAnton Khirnov <anton@khirnov.net>
Thu, 18 Aug 2016 15:06:46 +0000 (17:06 +0200)
It is passed to the get_bits API, which requires buffers to be padded.

Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
libavcodec/pcx.c patch | blob | history

diff --git a/libavcodec/pcx.c b/libavcodec/pcx.c
index aa69d510eaf2554daeba88234bfa189b18d1e16e..77b2331f0e67703316e0878107814444a2896ee8 100644 (file)
--- a/libavcodec/pcx.c
+++ b/libavcodec/pcx.c
@@ -148,7 +148,7 @@ static int pcx_decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
     ptr    = p->data[0];
     stride = p->linesize[0];
 
-    scanline = av_malloc(bytes_per_scanline);
+    scanline = av_malloc(bytes_per_scanline + AV_INPUT_BUFFER_PADDING_SIZE);
     if (!scanline)
         return AVERROR(ENOMEM);
 
Unnamed repository; edit this file 'description' to name the repository.