opensource/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-07-01 05:31:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix crash for CAVLC->CABAC switch caused by writing into NULL tables.

Browse Source 
(iam not sure if this might have been exploitable)
fixes issue332 / CVCANLMA2_Sony_C.jsv
Other solutions which waste a few bytes less are welcome ...

Originally committed as revision 11605 to svn://svn.ffmpeg.org/ffmpeg/trunk
This commit is contained in:
Michael Niedermayer
2008-01-24 19:31:59 +00:00
parent 6bf398a030
commit cb077b7aa3
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavcodec/h264.c
View File

@ -2035,12 +2035,10 @@ static int alloc_tables(H264Context *h){
CHECKED_ALLOCZ(h->slice_table_base , (big_mb_num+s->mb_stride) * sizeof(uint8_t))
CHECKED_ALLOCZ(h->cbp_table, big_mb_num * sizeof(uint16_t))
if( h->pps.cabac ) {
CHECKED_ALLOCZ(h->chroma_pred_mode_table, big_mb_num * sizeof(uint8_t))
CHECKED_ALLOCZ(h->mvd_table[0], 32*big_mb_num * sizeof(uint16_t));
CHECKED_ALLOCZ(h->mvd_table[1], 32*big_mb_num * sizeof(uint16_t));
CHECKED_ALLOCZ(h->direct_table, 32*big_mb_num * sizeof(uint8_t));
}
memset(h->slice_table_base, -1, (big_mb_num+s->mb_stride) * sizeof(uint8_t));
h->slice_table= h->slice_table_base + s->mb_stride*2 + 1;