From 1672c855be7edde17571f98fa603c4fc5270e516 Mon Sep 17 00:00:00 2001
From: happyworker <208suo@208suo.com>
Date: Wed, 18 Sep 2024 15:57:22 +0800
Subject: [PATCH] CVE-2020-35965

---
 libavcodec/exr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/exr.c b/libavcodec/exr.c
index ba6e3fd..5558d55 100644
--- a/libavcodec/exr.c
+++ b/libavcodec/exr.c
@@ -1791,7 +1791,7 @@ static int decode_frame(AVCodecContext *avctx, void *data,
     ptr         = picture->data[0];
 
     // Zero out the start if ymin is not 0
-    for (y = 0; y < s->ymin; y++) {
+    for (y = 0; y < FFMIN(s->ymin, s->h); y++) {
         memset(ptr, 0, out_line_size);
         ptr += picture->linesize[0];
     }
-- 
2.27.0