Sophie: gstreamer0.10-ffmpeg-0.10.11-3.2.mga1 src

gstreamer0.10-ffmpeg-0.10.11-3.2.mga1.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

Description: fix denial of service and possible code execution via
 malformed file containing VP3 stream
Origin: upstream, http://git.videolan.org/?p=ffmpeg.git;a=commit;h=eef5c35b4352ec49ca41f6198bee8a976b1f81e5

Index: ffmpeg-0.6/libavcodec/vp3.c
===================================================================
--- ffmpeg-0.6.orig/libavcodec/vp3.c	2011-12-21 10:43:00.560448965 -0500
+++ ffmpeg-0.6/libavcodec/vp3.c	2011-12-21 10:43:15.920449446 -0500
@@ -1285,6 +1285,10 @@
         case 1: // zero run
             s->dct_tokens[plane][i]++;
             i += (token >> 2) & 0x7f;
+            if(i>63){
+                av_log(s->avctx, AV_LOG_ERROR, "Coefficient index overflow\n");
+                return -1;
+            }
             block[perm[i]] = (token >> 9) * dequantizer[perm[i]];
             i++;
             break;