Sophie

Sophie

distrib > Mageia > 1 > i586 > by-pkgid > 6988c923d007989602f730672aaeea1e > files > 28

avidemux-2.5.4-5.2.mga1.src.rpm

Description: fix denial of service and possible code execution via
 crafted VC1 file
Origin: upstream, http://git.videolan.org/?p=ffmpeg.git;a=commit;h=cf69619141a5742c4e4156177335d553c5bab7b6
Bug: https://roundup.ffmpeg.org/issue2584
Bug: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/690169

diff -Nur ffmpeg-0.6/libavcodec/vc1dec.c ffmpeg-0.6.new/libavcodec/vc1dec.c
--- ffmpeg-0.6/libavcodec/vc1dec.c	2010-04-20 10:45:34.000000000 -0400
+++ ffmpeg-0.6.new/libavcodec/vc1dec.c	2011-03-31 10:37:57.082468364 -0400
@@ -1365,7 +1365,7 @@
     if (index != vc1_ac_sizes[codingset] - 1) {
         run = vc1_index_decode_table[codingset][index][0];
         level = vc1_index_decode_table[codingset][index][1];
-        lst = index >= vc1_last_decode_table[codingset];
+        lst = index >= vc1_last_decode_table[codingset] || get_bits_left(gb) < 0;
         if(get_bits1(gb))
             level = -level;
     } else {

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional