[libav-stable] gifdec: check that the image dimensions are non-zero

Anton Khirnov git at libav.org
Thu Nov 21 21:14:31 CET 2013


Module: libav
Branch: master
Commit: c453723ad7d14abc5e82677eebaa6025fa598f08

Author:    Anton Khirnov <anton at khirnov.net>
Committer: Anton Khirnov <anton at khirnov.net>
Date:      Fri Nov 15 10:15:24 2013 +0100

gifdec: check that the image dimensions are non-zero

Also add an error message an return a more suitable error code
(INVALIDDATA, not EINVAL);
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable at libav.org

---

 libavcodec/gifdec.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libavcodec/gifdec.c b/libavcodec/gifdec.c
index 136d112..b1207ae 100644
--- a/libavcodec/gifdec.c
+++ b/libavcodec/gifdec.c
@@ -87,8 +87,11 @@ static int gif_read_image(GifState *s, AVFrame *frame)
 
     /* verify that all the image is inside the screen dimensions */
     if (left + width > s->screen_width ||
-        top + height > s->screen_height)
-        return AVERROR(EINVAL);
+        top + height > s->screen_height ||
+        !width || !height) {
+        av_log(s->avctx, AV_LOG_ERROR, "Invalid image dimensions.\n");
+        return AVERROR_INVALIDDATA;
+    }
 
     /* build the palette */
     n = (1 << bits_per_pixel);



More information about the libav-stable mailing list