ref: abf0df08f167324b9c47c77465b1f3e6ee2ce067
parent: 14e3caca9a3dc1d263519ad874ee0fcc36e796df
author: Jim Bankoski <[email protected]>
date: Tue Jul 1 06:26:26 EDT 2014
validate uv block size when reading partition Change-Id: I74fc5f1a7bab3128cdd49441b83ec3a25aee65ca
--- a/vp9/decoder/vp9_decodeframe.c
+++ b/vp9/decoder/vp9_decodeframe.c
@@ -410,7 +410,7 @@
vp9_reader* r, BLOCK_SIZE bsize) {const int hbs = num_8x8_blocks_wide_lookup[bsize] / 2;
PARTITION_TYPE partition;
- BLOCK_SIZE subsize;
+ BLOCK_SIZE subsize, uv_subsize;
if (mi_row >= cm->mi_rows || mi_col >= cm->mi_cols)
return;
@@ -417,6 +417,10 @@
partition = read_partition(cm, xd, hbs, mi_row, mi_col, bsize, r);
subsize = get_subsize(bsize, partition);
+ uv_subsize = ss_size_lookup[subsize][cm->subsampling_x][cm->subsampling_y];
+ if (subsize >= BLOCK_8X8 && uv_subsize == BLOCK_INVALID)
+ vpx_internal_error(&cm->error, VPX_CODEC_CORRUPT_FRAME,
+ "Invalid block size.");
if (subsize < BLOCK_8X8) {decode_block(cm, xd, tile, mi_row, mi_col, r, subsize);
} else {