gifdec: check that the last keyframe exists and has been successfully parsed.

author Michael Niedermayer <michaelni@gmx.at>

Thu, 24 Jan 2013 03:17:58 +0000 (04:17 +0100)

committer Michael Niedermayer <michaelni@gmx.at>

Thu, 24 Jan 2013 03:18:56 +0000 (04:18 +0100)
author Michael Niedermayer <michaelni@gmx.at>
Thu, 24 Jan 2013 03:17:58 +0000 (04:17 +0100)
committer Michael Niedermayer <michaelni@gmx.at>
Thu, 24 Jan 2013 03:18:56 +0000 (04:18 +0100)
diff --git a/libavcodec/gifdec.c b/libavcodec/gifdec.c

index b0254decd1f42363a8e551c365a6de6737d236cb..51e8422951bc0849c5b60bc5d9922ed7181659cf 100644 (file)
--- a/libavcodec/gifdec.c
+++ b/libavcodec/gifdec.c
@@ -75,6 +75,7 @@ typedef struct GifState {
  
      AVCodecContext *avctx;
      int keyframe;
+    int keyframe_ok;
      int trans_color;    /**< color value that is used instead of transparent color */
  } GifState;
  
@@ -472,6 +473,7 @@ static int gif_decode_frame(AVCodecContext *avctx, void *data, int *got_frame, A
      }
  
      if (s->keyframe) {
+        s->keyframe_ok = 0;
          if ((ret = gif_read_header1(s)) < 0)
              return ret;
  
@@ -489,7 +491,13 @@ static int gif_decode_frame(AVCodecContext *avctx, void *data, int *got_frame, A
  
          s->picture.pict_type = AV_PICTURE_TYPE_I;
          s->picture.key_frame = 1;
+        s->keyframe_ok = 1;
      } else {
+        if (!s->keyframe_ok) {
+            av_log(avctx, AV_LOG_ERROR, "cannot decode frame without keyframe\n");
+            return AVERROR_INVALIDDATA;
+        }
+
          if ((ret = avctx->reget_buffer(avctx, &s->picture)) < 0) {
              av_log(avctx, AV_LOG_ERROR, "reget_buffer() failed\n");
              return ret;
author	Michael Niedermayer <michaelni@gmx.at>
	Thu, 24 Jan 2013 03:17:58 +0000 (04:17 +0100)
committer	Michael Niedermayer <michaelni@gmx.at>
	Thu, 24 Jan 2013 03:18:56 +0000 (04:18 +0100)