AVPacket *avpkt)
{
const uint8_t *buf = avpkt->data;
+ const uint8_t *buf_end = avpkt->data + avpkt->size;
int buf_size = avpkt->size;
DPXContext *const s = avctx->priv_data;
AVFrame *picture = data;
case 8:
case 12: // Treat 12-bit as 16-bit
case 16:
+ if (source_packet_size*avctx->width*avctx->height > buf_end - buf) {
+ av_log(avctx, AV_LOG_ERROR, "Overread buffer. Invalid header?\n");
+ return -1;
+ }
if (source_packet_size == target_packet_size) {
for (x = 0; x < avctx->height; x++) {
memcpy(ptr, buf, target_packet_size*avctx->width);