diff mbox

[FFmpeg-devel,2/2] backport out of array access fix / CVE-2019-17542 / 15919 clusterfuzz

Message ID 1c5d7cb5-5bd2-489d-d528-38cc67a64c65@quotient-inc.com
State New
Headers show

Commit Message

James Boyle Nov. 14, 2019, 8:01 p.m. UTC 
Hello,

This patch is nearly identical to commit
02f909dc24b1f05cfbba75077c7707b905e63cd2, but is intended to backport
the fix for CVE-2019-17542 to ffmpeg version 3.4.6, which is in use on
RHEL 7 systems that get ffmpeg from rpmfusion.

https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2

---
 libavcodec/vqavideo.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

     }
diff mbox

Patch

diff --git a/libavcodec/vqavideo.c b/libavcodec/vqavideo.c
index 0e70be1..b9743ab 100644
--- a/libavcodec/vqavideo.c
+++ b/libavcodec/vqavideo.c
@@ -147,7 +147,7 @@  static av_cold int vqa_decode_init(AVCodecContext
*avctx)
     }
     s->width = AV_RL16(&s->avctx->extradata[6]);
     s->height = AV_RL16(&s->avctx->extradata[8]);
-    if ((ret = av_image_check_size(s->width, s->height, 0, avctx)) < 0) {
+    if ((ret = ff_set_dimensions(avctx, s->width, s->height)) < 0) {
         s->width= s->height= 0;
         return ret;