Revert "Merge remote-tracking branch 'qatar/master'" (43dec5ef)

Fixes out of array accesses Fixes asan_static-oob_eb9812_5961_iv41.avi This reverts the merge of c9ef6b09 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind

Revert "Merge remote-tracking branch 'qatar/master'" (43dec5ef)
Fixes out of array accesses Fixes asan_static-oob_eb9812_5961_iv41.avi This reverts the merge of c9ef6b09 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
c3d5cd1e · Michael Niedermayer · a0286035 · c3d5cd1e
Commit c3d5cd1e authored Nov 25, 2013 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 14 deletions

indeo4.c libavcodec/indeo4.c +10 -14

No files found.
--- a/libavcodec/indeo4.c
+++ b/libavcodec/indeo4.c
@@ -284,6 +284,7 @@ static int decode_band_hdr(IVI45DecContext *ctx, IVIBandDesc *band,
 {
    int plane, band_num, indx, transform_id, scan_indx;
    int i;
+    int quant_mat;

    plane    = get_bits(&ctx->gb, 2);
    band_num = get_bits(&ctx->gb, 4);
@@ -382,18 +383,17 @@ static int decode_band_hdr(IVI45DecContext *ctx, IVIBandDesc *band,
            band->scan = scan_index_to_tab[scan_indx];
            band->scan_size = band->blk_size;

-            band->quant_mat = get_bits(&ctx->gb, 5);
-            if (band->quant_mat >= FF_ARRAY_ELEMS(quant_index_to_tab)) {
-
-                if (band->quant_mat == 31)
-                    av_log(avctx, AV_LOG_ERROR,
-                           "Custom quant matrix encountered!\n");
-                else
-                    avpriv_request_sample(avctx, "Quantization matrix %d",
-                                          band->quant_mat);
-                band->quant_mat = -1;
+            quant_mat = get_bits(&ctx->gb, 5);
+            if (quant_mat == 31) {
+                av_log(avctx, AV_LOG_ERROR, "Custom quant matrix encountered!\n");
+                return AVERROR_INVALIDDATA;
+            }
+            if (quant_mat >= FF_ARRAY_ELEMS(quant_index_to_tab)) {
+                avpriv_request_sample(avctx, "Quantization matrix %d",
+                                      quant_mat);
                return AVERROR_INVALIDDATA;
            }
+            band->quant_mat = quant_mat;
        } else {
            if (old_blk_size != band->blk_size) {
                av_log(avctx, AV_LOG_ERROR,
@@ -401,10 +401,6 @@ static int decode_band_hdr(IVI45DecContext *ctx, IVIBandDesc *band,
                       "inherited\n");
                return AVERROR_INVALIDDATA;
            }
-            if (band->quant_mat < 0) {
-                av_log(avctx, AV_LOG_ERROR, "Invalid quant_mat inherited\n");
-                return AVERROR_INVALIDDATA;
-            }
        }
        if (quant_index_to_tab[band->quant_mat] > 4 && band->blk_size == 4) {
            av_log(avctx, AV_LOG_ERROR, "Invalid quant matrix for 4x4 block encountered!\n");