ref: 18a7f69dae2a81a566692993897b07b651b2d9ec
parent: 597ce31ff81e23129f5e76705634c4d5c9c72ef2
author: Adrian Grange <agrange@google.com>
date: Fri Jul 18 11:40:39 EDT 2014
Re-introduce frame size check inadvertantly deleted This patch adds back in code that checks that the frame size lies within defined bounds was inadvertantly removed by a previous patch: https://gerrit.chromium.org/gerrit/#/c/70814/ Change-Id: If526570ba559260c4b7e98098bc75f7700ae7f97
--- a/vp9/decoder/vp9_decodeframe.c
+++ b/vp9/decoder/vp9_decodeframe.c
@@ -621,6 +621,11 @@
}
static void resize_context_buffers(VP9_COMMON *cm, int width, int height) {+#if CONFIG_SIZE_LIMIT
+ if (width > DECODE_WIDTH_LIMIT || height > DECODE_HEIGHT_LIMIT)
+ vpx_internal_error(&cm->error, VPX_CODEC_CORRUPT_FRAME,
+ "Width and height beyond allowed size.");
+#endif
if (cm->width != width || cm->height != height) {// Change in frame size (assumption: color format does not change).
if (cm->width == 0 || cm->height == 0 ||