tiffdec: Prevent illegal memory access caused by recycled pointers.

author Alex Converse <alex.converse@gmail.com>

Wed, 7 Mar 2012 01:00:29 +0000 (17:00 -0800)

committer Alex Converse <alex.converse@gmail.com>

Wed, 7 Mar 2012 23:40:42 +0000 (15:40 -0800)
author Alex Converse <alex.converse@gmail.com>
Wed, 7 Mar 2012 01:00:29 +0000 (17:00 -0800)
committer Alex Converse <alex.converse@gmail.com>
Wed, 7 Mar 2012 23:40:42 +0000 (15:40 -0800)
diff --git a/libavcodec/tiff.c b/libavcodec/tiff.c

index 0ff6ceb..9ca9163 100644 (file)
--- a/libavcodec/tiff.c
+++ b/libavcodec/tiff.c
@@ -535,6 +535,8 @@ static int decode_frame(AVCodecContext *avctx,
          av_log(avctx, AV_LOG_ERROR, "The answer to life, universe and everything is not correct!\n");
          return -1;
      }
+    // Reset these pointers so we can tell if they were set this frame
+    s->stripsizes = s->stripdata = NULL;
      /* parse image file directory */
      off = tget_long(&buf, le);
      if (off >= UINT_MAX - 14 || end_buf - orig_buf < off + 14) {
author	Alex Converse <alex.converse@gmail.com>
	Wed, 7 Mar 2012 01:00:29 +0000 (17:00 -0800)
committer	Alex Converse <alex.converse@gmail.com>
	Wed, 7 Mar 2012 23:40:42 +0000 (15:40 -0800)