Skip to content

F
ffmpeg.wasm-core
Commit ffbe087b authored by Reimar Döffinger's avatar Reimar Döffinger
Browse files
Options

Fix cmd_pos bounds check to avoid the overflow case. 

Originally committed as revision 19640 to svn://svn.ffmpeg.org/ffmpeg/trunk
parent 84c1b149
Hide whitespace changes
Inline Side-by-side
Showing with 1 addition and 1 deletion
libavcodec/dvdsubdec.c
View file @ ffbe087b
...@@ -191,7 +191,7 @@ static int decode_dvd_subtitles(AVSubtitle *sub_header, ...@@ -191,7 +191,7 @@ static int decode_dvd_subtitles(AVSubtitle *sub_header,
cmd_pos = READ_OFFSET(buf + cmd_pos); cmd_pos = READ_OFFSET(buf + cmd_pos);
while ((cmd_pos + 2 + offset_size) < buf_size) { while (cmd_pos > 0 && cmd_pos < buf_size - 2 - offset_size) {
date = AV_RB16(buf + cmd_pos); date = AV_RB16(buf + cmd_pos);
next_cmd_pos = READ_OFFSET(buf + cmd_pos + 2); next_cmd_pos = READ_OFFSET(buf + cmd_pos + 2);
dprintf(NULL, "cmd_pos=0x%04x next=0x%04x date=%d\n", dprintf(NULL, "cmd_pos=0x%04x next=0x%04x date=%d\n",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment