From 5ae72f54532960cb9eae82a1c9e8d505106c022b Mon Sep 17 00:00:00 2001
From: Janne Grunau <janne-libav@jannau.net>
Date: Sat, 24 Nov 2012 15:50:03 +0100
Subject: flashsv: check for keyframe before using differential coding

Fixes a segfault in te fuzzed sample resolutionchange.flv_s211713.

CC: libav-stable@libav.org
---
 libavcodec/flashsv.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'libavcodec/flashsv.c')

diff --git a/libavcodec/flashsv.c b/libavcodec/flashsv.c
index 2ba32641b7..ac57f9f68a 100644
--- a/libavcodec/flashsv.c
+++ b/libavcodec/flashsv.c
@@ -377,6 +377,11 @@ static int flashsv_decode_frame(AVCodecContext *avctx, void *data,
                 }
 
                 if (has_diff) {
+                    if (!s->keyframe) {
+                        av_log(avctx, AV_LOG_ERROR,
+                               "inter frame without keyframe\n");
+                        return AVERROR_INVALIDDATA;
+                    }
                     s->diff_start  = get_bits(&gb, 8);
                     s->diff_height = get_bits(&gb, 8);
                     av_log(avctx, AV_LOG_DEBUG,
-- 
cgit v1.2.3