avcodec/fmvc: Fix off by 1 error

Fixes: out of array access Fixes: 1643/clusterfuzz-testcase-minimized-6117573403869184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/fmvc: Fix off by 1 error
Fixes: out of array access Fixes: 1643/clusterfuzz-testcase-minimized-6117573403869184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
e11dcc35 · Michael Niedermayer · 0e87c07d · e11dcc35
Commit e11dcc35 authored May 17, 2017 by Michael Niedermayer
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

fmvc.c libavcodec/fmvc.c +1 -1

No files found.
--- a/libavcodec/fmvc.c
+++ b/libavcodec/fmvc.c
@@ -459,7 +459,7 @@ static int decode_frame(AVCodecContext *avctx,
            int size, offset, start = 0;

            offset = bytestream2_get_le16(gb);
-            if (offset > s->nb_blocks)
+            if (offset >= s->nb_blocks)
                return AVERROR_INVALIDDATA;

            size = bytestream2_get_le16(gb);