From: Christophe Mutricy <xtophe@videolan.org>
Date: Mon, 10 Mar 2008 23:29:29 +0000 (+0000)
Subject: Avoid integer overflow. Patch by Drew Yao.
X-Git-Tag: 0.9.0-test0~2201
X-Git-Url: https://git.sesse.net/?a=commitdiff_plain;h=18eb4fd5a75b6429d1d7058a8967696be701a00b;hp=fe37fc3e55aa2ec68b03beb890d2ded1125e0c1c;p=vlc

Avoid integer overflow. Patch by Drew Yao.
---

diff --git a/modules/codec/cinepak.c b/modules/codec/cinepak.c
index 09b491b5f6..97f5233499 100644
--- a/modules/codec/cinepak.c
+++ b/modules/codec/cinepak.c
@@ -397,7 +397,8 @@ static int cinepak_decode_frame( cinepak_context_t *p_context,
     i_height = GET2BYTES( p_data );
     i_frame_strips = GET2BYTES( p_data );
 
-    if( !i_frame_size || !i_width || !i_height )
+    if( !i_frame_size || !i_width || !i_height ||
+        i_width > 0xffff-3 || i_height > 0xffff-3)
     {
         /* Broken header */
         return( -1 );