pngdec: don't use AV_PIX_FMT_MONOBLACK for apng
authorAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Sun, 3 May 2015 18:36:20 +0000 (20:36 +0200)
committerAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Thu, 14 May 2015 17:09:10 +0000 (19:09 +0200)
commite6a5023d1f2f3ec5aaf8ae299cb7ca8dd006459b
tree124aeeb1aaab417254960b012f970979860985ed
parent99e737a7c787875b6c123e0b2ac32276fbeb5852
pngdec: don't use AV_PIX_FMT_MONOBLACK for apng

AV_PIX_FMT_MONOBLACK has the AV_PIX_FMT_FLAG_BITSTREAM flag, i.e.
linesize can be smaller than width.

Since x_offset is only check against the width, this can lead to
x_offset * bpp >= image_linesize.

In this case ptr could be set to a position outside the image_buf in
png_handle_row, leading to memory corruption and thus crashes.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 372aa0777aaacf726de7cd7dd0e6797026a124ee)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
libavcodec/pngdec.c