ffv1: Make sure at least one slice context is initialized
authorMartin Storsjö <martin@martin.st>
Mon, 16 Sep 2013 18:46:50 +0000 (21:46 +0300)
committerLuca Barbato <lu_zero@gentoo.org>
Tue, 7 Jan 2014 08:43:56 +0000 (09:43 +0100)
This avoids crashes when initializing the range coder for
the first slice context.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit b1db33159fdc2da4bdd8c75e4ff9a7dd0ef2f0c2)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
libavcodec/ffv1.c

index 8a6f33f..917f40d 100644 (file)
@@ -708,6 +708,10 @@ static av_cold int init_slice_contexts(FFV1Context *f){
     int i;
 
     f->slice_count= f->num_h_slices * f->num_v_slices;
+    if (f->slice_count <= 0) {
+        av_log(f->avctx, AV_LOG_ERROR, "Invalid number of slices\n");
+        return AVERROR(EINVAL);
+    }
 
     for(i=0; i<f->slice_count; i++){
         FFV1Context *fs= av_mallocz(sizeof(*fs));