qzhao/ffmpeg-4
SHA256
1
0
Fork 0
forked from jengelh/ffmpeg-4
Code Pull Requests Activity
cf0e3709c3
ffmpeg-4/ffmpeg-CVE-2018-13305.patch
Jan Engelhardt cf0e3709c3 Accepting request 644174 from home:zhengqiang:branches:multimedia:libs 
- Add ffmpeg-CVE-2018-13305.patch to add a missing check for
  negative values of mqaunt variable (CVE-2018-13305,
  bsc#1100345).

OBS-URL: https://build.opensuse.org/request/show/644174
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=27
2018-10-24 08:53:31 +00:00

14 lines
770 B
Diff
Raw Blame History

diff --git a/libavcodec/vc1_block.c b/libavcodec/vc1_block.c
index b06ee9f..5b38183 100644
--- a/libavcodec/vc1_block.c
+++ b/libavcodec/vc1_block.c
@@ -188,7 +188,7 @@ static void vc1_put_signed_blocks_clamped(VC1Context *v)
mquant = v->altpq; \
if ((edges&8) && s->mb_y == (s->mb_height - 1)) \
mquant = v->altpq; \
- if (!mquant || mquant > 31) { \
+ if (!mquant || mquant > 31 || mquant < -31) { \
av_log(v->s.avctx, AV_LOG_ERROR, \
"Overriding invalid mquant %d\n", mquant); \
mquant = 1; \
View Git Blame Copy Permalink