[FFmpeg-devel] [PATCH] check for invalid sym values in indeo decoder (issue 2523)

Michael Niedermayer michaelni
Tue Jan 11 17:24:16 CET 2011


On Sun, Jan 09, 2011 at 07:18:07PM -0500, Daniel Kang wrote:
> ffmpeg does not check for invalid sym values (i.e. < 0 or >= 256). With
> corrupted video, this may cause ffmpeg to crash. The patch attached adds
> a check for this.

>  ivi_common.c |    8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 1b7d07ddde38356c61ad50bb64640905b8300613  indeo_invalid_sym_check.diff
> From 43c462f6a4920b82aeb0a22bb6f9c334b9614f96 Mon Sep 17 00:00:00 2001
> From: Daniel Kang <daniel.d.kang at gmail.com>
> Date: Sun, 9 Jan 2011 18:50:28 -0500
> Subject: [PATCH] Check for invalid indeo sym value
> 
> ---
>  libavcodec/ivi_common.c |    8 ++++++--
>  1 files changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/libavcodec/ivi_common.c b/libavcodec/ivi_common.c
> index b158458..81e01a7 100644
> --- a/libavcodec/ivi_common.c
> +++ b/libavcodec/ivi_common.c
> @@ -404,8 +404,12 @@ int ff_ivi_decode_blocks(GetBitContext *gb, IVIBandDesc *band, IVITile *tile)
>                          hi  = get_vlc2(gb, band->blk_vlc.tab->table, IVI_VLC_BITS, 1);
>                          val = IVI_TOSIGNED((hi << 6) | lo); /* merge them and convert into signed val */
>                      } else {
> -                        run = rvmap->runtab[sym];
> -                        val = rvmap->valtab[sym];
> +                        if (sym < 0 || sym >= 256)
> +                            av_log(NULL, AV_LOG_ERROR, "Invalid sym encountered.\n");

this is a error condition and continuing with undefined values makes no sense
also i suspect only one of teh 2 checks is needed

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

It is not what we do, but why we do it that matters.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20110111/4947c815/attachment.pgp>



More information about the ffmpeg-devel mailing list