code.ossystems Code Review - openembedded-core.git/blob

   1 gst-ffmpeg: error concealment: initialize block index.
   2
   3 Fixes CVE-2011-3941 (out of bounds write)
   4
   5 Upstream-Status: Backport
   6
   7 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
   8 Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
   9 ---
  10  libavcodec/error_resilience.c |    3 +++
  11  1 files changed, 3 insertions(+), 0 deletions(-)
  12
  13 diff --git a/libavcodec/error_resilience.c b/libavcodec/error_resilience.c
  14 index 8bb5d0c..d55c000 100644
  15 --- a/gst-libs/ext/libav/libavcodec/error_resilience.c
  16 +++ b/gst-libs/ext/libav/libavcodec/error_resilience.c
  17 @@ -45,6 +45,9 @@ static void decode_mb(MpegEncContext *s, int ref){
  18      s->dest[1] = s->current_picture.data[1] + (s->mb_y * (16>>s->chroma_y_shift) * s->uvlinesize) + s->mb_x * (16>>s->chroma_x_shift);
  19      s->dest[2] = s->current_picture.data[2] + (s->mb_y * (16>>s->chroma_y_shift) * s->uvlinesize) + s->mb_x * (16>>s->chroma_x_shift);
  20
  21 +    ff_init_block_index(s);
  22 +    ff_update_block_index(s);
  23 +
  24      if(CONFIG_H264_DECODER && s->codec_id == CODEC_ID_H264){
  25          H264Context *h= (void*)s;
  26          h->mb_xy= s->mb_x + s->mb_y*s->mb_stride;
  27 --
  28 1.7.5.4
  29