Fix crash for CAVLC->CABAC switch caused by writing into NULL tables.

(iam not sure if this might have been exploitable) fixes issue332 / CVCANLMA2_Sony_C.jsv Other solutions which waste a few bytes less are welcome ... git-svn-id: file:///var/local/repositories/ffmpeg/trunk@11605 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b

Fix crash for CAVLC->CABAC switch caused by writing into NULL tables.
(iam not sure if this might have been exploitable) fixes issue332 / CVCANLMA2_Sony_C.jsv Other solutions which waste a few bytes less are welcome ... git-svn-id: file:///var/local/repositories/ffmpeg/trunk@11605 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
50ecd8ab · michael · 7642e401 · 50ecd8ab
Commit 50ecd8ab authored Jan 24, 2008 by michael
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 2 deletions

libavcodec/h264.c libavcodec/h264.c +0 -2

No files found.
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -2035,12 +2035,10 @@ static int alloc_tables(H264Context *h){
    CHECKED_ALLOCZ(h->slice_table_base  , (big_mb_num+s->mb_stride) * sizeof(uint8_t))
    CHECKED_ALLOCZ(h->cbp_table, big_mb_num * sizeof(uint16_t))

-    if( h->pps.cabac ) {
        CHECKED_ALLOCZ(h->chroma_pred_mode_table, big_mb_num * sizeof(uint8_t))
        CHECKED_ALLOCZ(h->mvd_table[0], 32*big_mb_num * sizeof(uint16_t));
        CHECKED_ALLOCZ(h->mvd_table[1], 32*big_mb_num * sizeof(uint16_t));
        CHECKED_ALLOCZ(h->direct_table, 32*big_mb_num * sizeof(uint8_t));
-    }

    memset(h->slice_table_base, -1, (big_mb_num+s->mb_stride)  * sizeof(uint8_t));
    h->slice_table= h->slice_table_base + s->mb_stride*2 + 1;