Commit 53f04424 authored by Michael Niedermayer's avatar Michael Niedermayer

avcodec/jpeg2000dec: Port tile size check from j2kdec

Fixes potential integer overflow
Signed-off-by: 's avatarMichael Niedermayer <michaelni@gmx.at>
parent 73ffab41
...@@ -192,6 +192,9 @@ static int get_siz(Jpeg2000DecoderContext *s) ...@@ -192,6 +192,9 @@ static int get_siz(Jpeg2000DecoderContext *s)
s->numXtiles = ff_jpeg2000_ceildiv(s->width - s->tile_offset_x, s->tile_width); s->numXtiles = ff_jpeg2000_ceildiv(s->width - s->tile_offset_x, s->tile_width);
s->numYtiles = ff_jpeg2000_ceildiv(s->height - s->tile_offset_y, s->tile_height); s->numYtiles = ff_jpeg2000_ceildiv(s->height - s->tile_offset_y, s->tile_height);
if(s->numXtiles * (uint64_t)s->numYtiles > INT_MAX/sizeof(Jpeg2000Tile))
return AVERROR(EINVAL);
s->tile = av_mallocz(s->numXtiles * s->numYtiles * sizeof(*s->tile)); s->tile = av_mallocz(s->numXtiles * s->numYtiles * sizeof(*s->tile));
if (!s->tile) if (!s->tile)
return AVERROR(ENOMEM); return AVERROR(ENOMEM);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment