[FFmpeg-devel] Possible array overflow in libavcodec/adpcm.c
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Wed Mar 21 20:10:58 CET 2012
On Wed, Mar 21, 2012 at 07:45:21PM +0100, Philipp Thomas wrote:
> gcc 4.7 warns of a possible array overflow in said file. And
> adpcm_decode_frame has
>
>
> for (i = 0; i < 4; i++)
> prev[0][i] = (int16_t)bytestream_get_be16(&src);
>
>
> Where prev is defined as int[2][2]. If you look a bit above, you see
>
> for (i = 0; i < 32; i++)
> table[0][i] = (int16_t)bytestream_get_be16(&src);
>
> Where table is defined int[2]16]. Both look to me as dirty hacks assuming
> a fixed memory layout which I doubt is sane. Any reasons why not to change
> that into two nested loops that initialize prev and table?
Usually for speed reasons. But I can't find the code you mention with
prev, I think that was changed. So I guess you could change the "table"
code the same way.
More information about the ffmpeg-devel
mailing list