h264: check context state before decoding slice data partitions
authorJanne Grunau <janne-libav@jannau.net>
Wed, 28 Nov 2012 21:17:14 +0000 (22:17 +0100)
committerReinhard Tartler <siretart@tauware.de>
Sat, 12 Jan 2013 16:59:41 +0000 (17:59 +0100)
Fixes mov_h264_aac__Demo_FlagOfOurFathers.mov.SIGSEGV.4e9.656.

Found-by: Mateusz "j00ru" Jurczyk
CC: libav-stable@libav.org
(cherry-picked from commit c1fcf563b13051f280db169ba41c6a1b21b25e08)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
libavcodec/h264.c

index 97b2115..002477b 100644 (file)
@@ -4013,6 +4013,7 @@ static int decode_nal_units(H264Context *h, const uint8_t *buf, int buf_size){
             hx->inter_gb_ptr= &hx->inter_gb;
 
             if(hx->redundant_pic_count==0 && hx->intra_gb_ptr && hx->s.data_partitioning
+               && s->current_picture_ptr
                && s->context_initialized
                && (avctx->skip_frame < AVDISCARD_NONREF || hx->nal_ref_idc)
                && (avctx->skip_frame < AVDISCARD_BIDIR  || hx->slice_type_nos!=AV_PICTURE_TYPE_B)