avcodec/avrndec: Use the AVFrame format instead of the context
authorMichael Niedermayer <michael@niedermayer.cc>
Sat, 14 Nov 2015 12:04:54 +0000 (13:04 +0100)
committerAndreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Thu, 26 Nov 2015 00:35:46 +0000 (01:35 +0100)
Fixes out of array read
Fixes: 20dd01398dee0f6d83d7e5410a2ae8eb/signal_sigsegv_39eeb1f_4001_62efbdf1c60748dabf1ec310b59525fd.mov

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ccba8aaff2ef5649495ae48bc5c90bd8ff32e6f3)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
libavcodec/avrndec.c

index 5e40d66..695c491 100644 (file)
@@ -113,7 +113,7 @@ static int decode_frame(AVCodecContext *avctx, void *data,
             int shift = p->height - avctx->height;
             int subsample_h, subsample_v;
 
-            av_pix_fmt_get_chroma_sub_sample(avctx->pix_fmt, &subsample_h, &subsample_v);
+            av_pix_fmt_get_chroma_sub_sample(p->format, &subsample_h, &subsample_v);
 
             p->data[0] += p->linesize[0] * shift;
             if (p->data[2]) {