From 7089265756a84bf884a7c2290c6cda38d4dfd60f Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Thu, 28 Apr 2011 21:10:04 +0200
Subject: AMV: disable DR1 and don't override EMU_EDGE

This works around a possibly exploitable crash.
Appearently, vlc can be exploited with a malicous file. This should get
reverted as soon as a proper fix is found.

Reported-at: Thu, 21 Apr 2011 14:38:25 +0000
Reported-by: Dominic Chell <Dominic.Chell@ngssecure.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 89f903b3d5ec38c9c5d90fba7e626fa0eda61a32)
(cherry picked from commit 9b919571e506fbb72b81a35ca1e7c1bd6efc4209)
---
 libavcodec/sp5xdec.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'libavcodec/sp5xdec.c')

diff --git a/libavcodec/sp5xdec.c b/libavcodec/sp5xdec.c
index e2c371a1c2..3d01020a6d 100644
--- a/libavcodec/sp5xdec.c
+++ b/libavcodec/sp5xdec.c
@@ -86,7 +86,6 @@ static int sp5x_decode_frame(AVCodecContext *avctx,
     recoded[j++] = 0xFF;
     recoded[j++] = 0xD9;
 
-    avctx->flags &= ~CODEC_FLAG_EMU_EDGE;
     av_init_packet(&avpkt_recoded);
     avpkt_recoded.data = recoded;
     avpkt_recoded.size = j;
@@ -121,6 +120,6 @@ AVCodec ff_amv_decoder = {
     NULL,
     ff_mjpeg_decode_end,
     sp5x_decode_frame,
-    CODEC_CAP_DR1,
+    0,
     .long_name = NULL_IF_CONFIG_SMALL("AMV Video"),
 };
-- 
cgit v1.2.3