From 960964f5a9ad9d8e90aaeae9130fe81e80ce4ddf Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Fri, 9 Feb 2007 02:21:34 +0000
Subject: fix segfault with lol-ffplay2.mpg (dunno if this is exploitable,
 probably not easily)

Originally committed as revision 7889 to svn://svn.ffmpeg.org/ffmpeg/trunk
---
 libavcodec/mpeg12.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libavcodec/mpeg12.c')

diff --git a/libavcodec/mpeg12.c b/libavcodec/mpeg12.c
index c0d1f0d7b7..0b7cb47e80 100644
--- a/libavcodec/mpeg12.c
+++ b/libavcodec/mpeg12.c
@@ -2593,6 +2593,10 @@ static int mpeg_decode_slice(Mpeg1Context *s1, int mb_y,
             break;
         }
     }
+    if(s->mb_x >= (unsigned)s->mb_width){
+        av_log(s->avctx, AV_LOG_ERROR, "initial skip overflow\n");
+        return -1;
+    }
 
     s->resync_mb_x= s->mb_x;
     s->resync_mb_y= s->mb_y= mb_y;
-- 
cgit v1.2.3