From b1db33159fdc2da4bdd8c75e4ff9a7dd0ef2f0c2 Mon Sep 17 00:00:00 2001
From: Martin Storsjö <martin@martin.st>
Date: Mon, 16 Sep 2013 21:46:50 +0300
Subject: ffv1: Make sure at least one slice context is initialized
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This avoids crashes when initializing the range coder for
the first slice context.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
---
 libavcodec/ffv1.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libavcodec/ffv1.c')

diff --git a/libavcodec/ffv1.c b/libavcodec/ffv1.c
index 378b55b236..a31f2786ee 100644
--- a/libavcodec/ffv1.c
+++ b/libavcodec/ffv1.c
@@ -194,6 +194,10 @@ av_cold int ffv1_init_slice_contexts(FFV1Context *f)
     int i;
 
     f->slice_count = f->num_h_slices * f->num_v_slices;
+    if (f->slice_count <= 0) {
+        av_log(f->avctx, AV_LOG_ERROR, "Invalid number of slices\n");
+        return AVERROR(EINVAL);
+    }
 
     for (i = 0; i < f->slice_count; i++) {
         FFV1Context *fs = av_mallocz(sizeof(*fs));
-- 
cgit v1.2.3