[FFmpeg-cvslog] r15812 - in trunk/libavcodec: ac3dec.c ac3dec.h ac3dec_data.c ac3dec_data.h eac3dec.c
Fri Nov 14 08:48:28 CET 2008
On Fri, Nov 14, 2008 at 12:31:38AM -0500, Justin Ruggles wrote:
> Michael Niedermayer wrote:
> > On Thu, Nov 13, 2008 at 04:18:13AM +0100, jbr wrote:
> >> Author: jbr
> >> Date: Thu Nov 13 04:18:13 2008
> >> New Revision: 15812
> >> Log:
> >> add support for spectral extension
> > This code looks like it completely lacks validity checks and likely
> > exploitable at several points.
> > I am not asking you to revert it but i would be happy if you did anyway.
> > This code should have passed review before commiting IMHO
> > Below review is incomplete, there likely are more issues, also iam not
> > mentioning the exploitable code as this patch needs to be reviewed completely
> > for security issues (which i did not do) not just the one issue ive found
> > fixed.
> > [...]
> >> + int channel_in_spx[AC3_MAX_CHANNELS]; ///< channel in spectral extension (chinspx)
> > uint8_t
> >> + int spx_atten_code[AC3_MAX_CHANNELS]; ///< spx attenuation code (spxattencod)
> > int8_t
> > and many others also waste space
> I can see the benefit of reducing the memory footprint of the decode
> context, but I can't recall you ever bringing up integer type size as an
> issue except when talking about static or global arrays. I could go
> back and change almost every single field in the struct just to decrease
> the context size... I don't really care either way, but it would be
> good to have some guidance on this. Should I do it for all arrays
> within the struct? Just large arrays? All fields?
Well, id say all arrays, unless there is reason to belive that it causes
a speed loss.
and thanks for reverting and looking into the other found issues.
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Concerning the gods, I have no means of knowing whether they exist or not
or of what sort they may be, because of the obscurity of the subject, and
the brevity of human life -- Protagoras
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
More information about the ffmpeg-cvslog