Ensure that jpeg does not use mbs that could require larger padding.
This might have been exploitable.
git-svn-id: file:///var/local/repositories/ffmpeg/trunk@20566
9553f0bf-9b14-0410-a0b8-
cfaf0461ba5b
(s->h_count[2] << 12) | (s->v_count[2] << 8) |
(s->h_count[3] << 4) | s->v_count[3];
av_log(s->avctx, AV_LOG_DEBUG, "pix fmt id %x\n", pix_fmt_id);
- if(!(pix_fmt_id & 0x10101010))
+ //NOTE we do not allocate pictures large enough for the possible padding of h/v_count being 4
+ if(!(pix_fmt_id & 0xD0D0D0D0))
pix_fmt_id-= (pix_fmt_id & 0xF0F0F0F0)>>1;
- if(!(pix_fmt_id & 0x01010101))
+ if(!(pix_fmt_id & 0x0D0D0D0D))
pix_fmt_id-= (pix_fmt_id & 0x0F0F0F0F)>>1;
switch(pix_fmt_id){
case PIX_FMT_YUYV422:
case PIX_FMT_UYVY422:
case PIX_FMT_YUV422P:
+ case PIX_FMT_YUV440P:
case PIX_FMT_YUV444P:
case PIX_FMT_GRAY8:
case PIX_FMT_GRAY16BE:
case PIX_FMT_GRAY16LE:
case PIX_FMT_YUVJ420P:
case PIX_FMT_YUVJ422P:
+ case PIX_FMT_YUVJ440P:
case PIX_FMT_YUVJ444P:
case PIX_FMT_YUVA420P:
w_align= 16; //FIXME check for non mpeg style codecs and use less alignment
h_align= 16;
- if(s->codec_id == CODEC_ID_MPEG2VIDEO)
+ if(s->codec_id == CODEC_ID_MPEG2VIDEO || s->codec_id == CODEC_ID_MJPEG || s->codec_id == CODEC_ID_AMV || s->codec_id == CODEC_ID_THP)
h_align= 32; // interlaced is rounded up to 2 MBs
break;
case PIX_FMT_YUV411P:
projects / frescor / ffmpeg.git / commitdiff