From: Markus Koschany <apo@debian.org>
Date: Sun, 30 Dec 2018 16:29:28 +0000 (+0100)
Subject: CVE-2017-15672
X-Git-Tag: archive/raspbian/6%11.12-1_deb8u6+rpi1^2~20
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=6fb0bb9250500afc446c32ff3c70b0504c3c3193;p=libav.git

CVE-2017-15672

Origin: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904

Gbp-Pq: Name CVE-2017-15672.patch
---

diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c
index 50b220f..84a4b1b 100644
--- a/libavcodec/ffv1dec.c
+++ b/libavcodec/ffv1dec.c
@@ -730,7 +730,7 @@ static int read_header(FFV1Context *f)
     } else {
         const uint8_t *p = c->bytestream_end;
         for (f->slice_count = 0;
-             f->slice_count < MAX_SLICES && 3 < p - c->bytestream_start;
+             f->slice_count < MAX_SLICES && 3 + 5*!!f->ec < p - c->bytestream_start;
              f->slice_count++) {
             int trailer = 3 + 5 * !!f->ec;
             int size    = AV_RB24(p - trailer);