From: Michael Niedermayer <michaelni@gmx.at>
Date: Fri, 3 Oct 2014 02:30:58 +0000 (+0200)
Subject: avcodec/utils: Add case for jv to avcodec_align_dimensions2()
X-Git-Tag: archive/raspbian/6%11.12-1_deb8u8+rpi1^2~17
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8324eb70a90a5c83e1f49cb8c148a9b9632b2e16;p=libav.git

avcodec/utils: Add case for jv to avcodec_align_dimensions2()

Fixes out of array accesses
Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

Gbp-Pq: Name CVE-2014-8542.patch
---

diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index ba29f63..5a3e952 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -254,6 +254,10 @@ void avcodec_align_dimensions2(AVCodecContext *s, int *width, int *height,
             w_align = 4;
             h_align = 4;
         }
+        if (s->codec_id == AV_CODEC_ID_JV) {
+            w_align = 8;
+            h_align = 8;
+        }
         break;
     case AV_PIX_FMT_BGR24:
         if ((s->codec_id == AV_CODEC_ID_MSZH) ||