[FFmpeg-devel] [PATCH] buffer read sanity check (issue 2503)

Michael Niedermayer michaelni
Fri Jan 7 20:42:29 CET 2011


On Fri, Jan 07, 2011 at 02:27:19PM -0500, Daniel Kang wrote:
> On Fri, Jan 7, 2011 at 10:07 AM, Michael Niedermayer <michaelni at gmx.at>wrote:
> 
> >  On Fri, Jan 07, 2011 at 10:02:25AM -0500, Daniel Kang wrote:
> > > It would be possible to move the check outside the loop, but I am not
> > > sure if target_packet_size*avctx->width*avctx->height would overflow or
> > > not. Should I check for this instead?
> >
> > i think it cant overflow, and i think its source not target
> > source is whats added to buf and we check against buf
> 
> 
> I have moved the check out of the loops, and have used the correct size.

>  dpx.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 6bf4e880a98930f2493cd41e318a37ca9a4f3d26  dpx_buffer_sanity_check.diff
> From 02e2a8a5ec7be52314ec7f48154f3389ffcc6a44 Mon Sep 17 00:00:00 2001
> From: Daniel Kang <daniel.d.kang at gmail.com>
> Date: Thu, 6 Jan 2011 23:34:05 -0500
> Subject: [PATCH] dpx buffer overread sanity check

lgtm from a quick look and if tested

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

I have often repented speaking, but never of holding my tongue.
-- Xenocrates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20110107/e7a21764/attachment.pgp>



More information about the ffmpeg-devel mailing list