[FFmpeg-devel] [PATCH] Checked get_bits.h functions to prevent overread

Laurent Aimar fenrir at elivagar.org
Fri Sep 9 01:05:54 CEST 2011


 After trying some fuzzing on libavcodec, it seems that a lot of decoders
does not check (or not enough) for buffer overread which can lead for some
to a segfault.

 I attached a patch that make get_bits.h function checked for overread by
default but let safe decoders disabling the checks at compilation time by
defining UNCHECK_BITSTREAM_READER before including get_bits.h.
 If such patch would be including, I would gladly provide a patch
adding the #define UNCHECK_BITSTREAM_READER to the decoder that are 'safe'.

I haven't yet benchmark the performance loss but will do so.

 One decoder breaks with this patch: mpegaudio. It seems to do weird things
with two get bit context and switching them while decoding. I will try to
have a look at it (unless someone would volunteer to explain me what it is
doing :)

Also, I haven't implemented the checks for A32_BITSTREAM_READER. But I am not
sure when (or even if) this reader is used.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: get_bits-p0.patch
Type: text/x-diff
Size: 2830 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20110909/4bda747d/attachment.bin>

More information about the ffmpeg-devel mailing list