avcodec/h264_slice: Fix container cropping

Fixes out of array read Fixes: asan_heap-oob_394322e_138_cov_4265020547_CVPCMNL1_SVA_C.264 Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

avcodec/h264_slice: Fix container cropping
Fixes out of array read Fixes: asan_heap-oob_394322e_138_cov_4265020547_CVPCMNL1_SVA_C.264 Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
3c63d06d · Michael Niedermayer · 80e42387 · 3c63d06d
Commit 3c63d06d authored Jul 08, 2015 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

h264_slice.c libavcodec/h264_slice.c +4 -1

No files found.
--- a/libavcodec/h264_slice.c
+++ b/libavcodec/h264_slice.c
@@ -980,7 +980,10 @@ static int init_dimensions(H264Context *h)

    /* handle container cropping */
    if (FFALIGN(h->avctx->width,  16) == FFALIGN(width,  16) &&
-        FFALIGN(h->avctx->height, 16) == FFALIGN(height, 16)) {
+        FFALIGN(h->avctx->height, 16) == FFALIGN(height, 16) &&
+        h->avctx->width  <= width &&
+        h->avctx->height <= height
+    ) {
        width  = h->avctx->width;
        height = h->avctx->height;
    }