[FFmpeg-devel] [PATCH 19/19] lavc: sanitize decoder return value.

Nicolas George nicolas.george at normalesup.org
Tue Jul 31 18:40:54 CEST 2012


Le duodi 12 thermidor, an CCXX, Michael Niedermayer a écrit :
> > +/* Note: we are still vulnerable to decoders decoding a frame and
> > +   returning 0 for success instead of the used bytes. */
> > +#define SANITIZE_DECODED_SIZE(ret, pkt, got_frame) {                   \
> > +    av_assert2((ret) <= (pkt).size);                                   \
> > +    (ret) = FFMIN((ret), (pkt).size);                                  \
> > +    av_assert2(!(pkt).size || (got_frame) || (ret));                   \
> > +    if ((pkt).size && !(got_frame) && !(ret))                          \
> > +        ret = AVERROR_BUG;                                             \
> > +}
> I think the asserts alone should be enough

Are you sure? The asserts only affect lavc built for debugging. For normal
builds, the applications would not be able to trust the return value of
avcodec_decode_<type>() unconditionally, because there may still be codecs
that give a bogus return value and are not yet fixed (like the three that
overread), or even not yet detected.

Regards,

-- 
  Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20120731/04e3e49a/attachment.asc>


More information about the ffmpeg-devel mailing list