[SCM] libav/experimental: Don't segfault if an empty codebook gets used. Patch by Denes Balatoni: [ dbalatoni interware hu ] Original thread: [Ffmpeg-devel] [PATCH/BUGREPORT] crash in vorbis decoder date: 02/04/2007 11:08 PM
siretart at users.alioth.debian.org
siretart at users.alioth.debian.org
Sun Jun 30 16:03:56 UTC 2013
The following commit has been merged in the experimental branch:
commit 975741e79cedc6033e5b02319792534a3a42c4ae
Author: Denes Balatoni <dbalatoni at programozo.hu>
Date: Tue Jul 17 07:12:40 2007 +0000
Don't segfault if an empty codebook gets used.
Patch by Denes Balatoni: [ dbalatoni interware hu ]
Original thread: [Ffmpeg-devel] [PATCH/BUGREPORT] crash in vorbis decoder
date: 02/04/2007 11:08 PM
Originally committed as revision 9711 to svn://svn.ffmpeg.org/ffmpeg/trunk
diff --git a/libavcodec/vorbis_dec.c b/libavcodec/vorbis_dec.c
index 290423c..3261965 100644
--- a/libavcodec/vorbis_dec.c
+++ b/libavcodec/vorbis_dec.c
@@ -351,7 +351,7 @@ static int vorbis_parse_setup_hdr_codebooks(vorbis_context *vc) {
}
// Weed out unused vlcs and build codevector vector
- codebook_setup->codevectors=(float *)av_mallocz(used_entries*codebook_setup->dimensions * sizeof(float));
+ codebook_setup->codevectors=used_entries ? (float *)av_mallocz(used_entries*codebook_setup->dimensions * sizeof(float)) : NULL;
for(j=0, i=0;i<entries;++i) {
uint_fast8_t dim=codebook_setup->dimensions;
@@ -1291,7 +1291,7 @@ static int vorbis_residue_decode(vorbis_context *vc, vorbis_residue *vr, uint_fa
uint_fast8_t vqclass=classifs[j_times_ptns_to_read+partition_count];
int_fast16_t vqbook=vr->books[vqclass][pass];
- if (vqbook>=0) {
+ if (vqbook>=0 && vc->codebooks[vqbook].codevectors) {
uint_fast16_t coffs;
unsigned dim= vc->codebooks[vqbook].dimensions; // not uint_fast8_t: 64bit is slower here on amd64
uint_fast16_t step= dim==1 ? vr->partition_size
--
Libav/FFmpeg packaging
More information about the pkg-multimedia-commits
mailing list