Check codec_id and codec_type in avcodec_open(), based on 43_codec_type_mismatch.patch from chrome

This is said to be able to lead to a stack based buffer overflow. git-svn-id: file:///var/local/repositories/ffmpeg/trunk@19973 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b

Check codec_id and codec_type in avcodec_open(), based on 43_codec_type_mismatch.patch from chrome
This is said to be able to lead to a stack based buffer overflow. git-svn-id: file:///var/local/repositories/ffmpeg/trunk@19973 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
4b66e1cc · michael · d30b7612 · 4b66e1cc
Commit 4b66e1cc authored Sep 22, 2009 by michael
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

libavcodec/utils.c libavcodec/utils.c +4 -1

No files found.
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -481,7 +481,10 @@ int attribute_align_arg avcodec_open(AVCodecContext *avctx, AVCodec *codec)
    }
    avctx->codec = codec;
-    avctx->codec_id = codec->id;
+    if(avctx->codec_id != codec->id || avctx->codec_type != codec->type){
+        av_log(avctx, AV_LOG_ERROR, "codec type or id mismatches\n");
+        goto end;
+    }
    avctx->frame_number = 0;
    if(avctx->codec->init){
        ret = avctx->codec->init(avctx);