From 51772ce8af03dfc649c6f66aed3b3952d3b6652f Mon Sep 17 00:00:00 2001 From: Kostya Shishkov Date: Thu, 13 Oct 2022 18:21:33 +0200 Subject: [PATCH] indeo5: fix band size check --- nihav-indeo/src/codecs/indeo5.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nihav-indeo/src/codecs/indeo5.rs b/nihav-indeo/src/codecs/indeo5.rs index ec23981..0c6d65e 100644 --- a/nihav-indeo/src/codecs/indeo5.rs +++ b/nihav-indeo/src/codecs/indeo5.rs @@ -180,10 +180,11 @@ impl IndeoXParser for Indeo5Parser { let data_size: usize; if (band_flags & 0x80) != 0 { data_size = br.read(24)? as usize; + validate!(data_size >= 4); } else { data_size = 0; } - validate!(data_size <= ((br.left() / 8) as usize)); + validate!(data_size <= ((br.left() / 8) as usize) + 4); let num_corr: usize; let mut corr_map: [u8; CORR_MAP_SIZE] = [0; CORR_MAP_SIZE]; -- 2.30.2