CVE-2018-19128

commit 6c36b3afe72d1ab635efba36e78c849630ed9ec6
Author: Michael Niedermayer <michaelni@gmx.at>
Date:   Thu Aug 14 15:18:49 2014 +0200

    avcodec/lcldec: initialize encoded correctly

    Fixes out of array read
    Fixes: yuv111_no_compr_crash.avi
    Found-by: Piotr Bandurski <ami_stuff@o2.pl>
    Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Gbp-Pq: Name CVE-2018-19128.patch

diff --git a/libavcodec/lcldec.c b/libavcodec/lcldec.c
index 9c606976e70e8a493dda96a792ce982c4e250cf5..0f023cbde2dc2f0b256aef9ab7dd4e915cc2004f 100644 (file)
--- a/libavcodec/lcldec.c
+++ b/libavcodec/lcldec.c
@@ -164,7 +164,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, AVPac
     LclDecContext * const c = avctx->priv_data;
     unsigned int pixel_ptr;
     int row, col;
-    unsigned char *encoded, *outptr;
+    unsigned char *encoded = avpkt->data, *outptr;
     uint8_t *y_out, *u_out, *v_out;
     unsigned int width = avctx->width; // Real image width
     unsigned int height = avctx->height; // Real image height