]> granicus.if.org Git - libvpx/commit
projects / libvpx / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b3933e2) | patch
vp9: Fix potential SEGV in decoder_peek_si_internal
authorVignesh Venkatasubramanian <vigneshv@google.com>
Wed, 22 Jun 2016 17:24:27 +0000 (10:24 -0700)
committerVignesh Venkatasubramanian <vigneshv@google.com>
Thu, 23 Jun 2016 16:39:26 +0000 (09:39 -0700)
commitaa1c813c43c6b2e43036d5573f361924195d65b7
tree1ffaaef79695251694231987033203d1fe171da8tree | snapshot
parentb3933e2d3ccf0de83441eac9d22a145c20ac6803commit | diff
vp9: Fix potential SEGV in decoder_peek_si_internal

decoder_peek_si_internal could potentially read more bytes than
what actually exists in the input buffer. We check for the buffer
size to be at least 8, but we try to read up to 10 bytes in the
worst case. A well crafted file could thus cause a segfault.
Likely change that introduced this bug was:
https://chromium-review.googlesource.com/#/c/70439 (git hash:
7c43fb6)

BUG=chromium:621095

Change-Id: Id74880cfdded44caaa45bbdbaac859c09d3db752
test/decode_api_test.cc diff | blob | history
vp9/vp9_dx_iface.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.