[FFmpeg-devel] [PATCH 04/19] snowdec: fix return value for small overreads.

Michael Niedermayer michaelni at gmx.at
Sun Jul 29 18:13:37 CEST 2012


On Sun, Jul 29, 2012 at 03:57:22PM +0200, Nicolas George wrote:
> 
> Signed-off-by: Nicolas George <nicolas.george at normalesup.org>
> ---
>  libavcodec/snowdec.c |    2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/libavcodec/snowdec.c b/libavcodec/snowdec.c
> index f3d4656..7ebe7d9 100644
> --- a/libavcodec/snowdec.c
> +++ b/libavcodec/snowdec.c
> @@ -557,6 +557,8 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *data_size, AVPac
>  
>      bytes_read= c->bytestream - c->bytestream_start;
>      if(bytes_read ==0) av_log(s->avctx, AV_LOG_ERROR, "error at end of frame\n"); //FIXME
> +    if (bytes_read > avpkt->size && bytes_read <= avpkt->size + FF_INPUT_BUFFER_PADDING_SIZE)
> +        bytes_read = avpkt->size; /* small overreads are acceptable */
>  
>      return bytes_read;
>  }

i suggest
return buf_size;

and explicitly check for errors that read too much or too little
the range coder can end up reading a bit over, see ffv1.c IIRC it
contains some working error checks

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Democracy is the form of government in which you can choose your dictator
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20120729/92b178ed/attachment.asc>


More information about the ffmpeg-devel mailing list