[FFmpeg-devel] [PATCH] on2avc: limit number of bits to 30 in get_egolomb
Michael Niedermayer
michael at niedermayer.cc
Fri Dec 18 01:44:41 CET 2015
On Thu, Dec 17, 2015 at 11:30:01PM +0100, Andreas Cadhalpun wrote:
> On 17.12.2015 13:28, Michael Niedermayer wrote:
> > On Wed, Dec 16, 2015 at 08:20:18PM +0100, Andreas Cadhalpun wrote:
> >> More don't fit into the integer output.
> >>
> >> Also use get_bits_long, since get_bits only supports reading up to 25
> >> bits, while get_bits_long supports the full integer range.
> >>
> >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> >> ---
> >> libavcodec/on2avc.c | 4 ++--
> >> 1 file changed, 2 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
> >> index 15f4dd1..10861b5 100644
> >> --- a/libavcodec/on2avc.c
> >> +++ b/libavcodec/on2avc.c
> >> @@ -211,9 +211,9 @@ static inline int get_egolomb(GetBitContext *gb)
> >> {
> >> int v = 4;
> >>
> >> - while (get_bits1(gb)) v++;
> >> + while (get_bits1(gb) && v < 30) v++;
> >
> > it could make sense to print a warning or error in case its too long
>
> OK, updated patch attached.
>
> Best regards,
> Andreas
>
> on2avc.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
> d59b0416b141d4f10ee758b9816850e660fb968b 0001-on2avc-limit-number-of-bits-to-30-in-get_egolomb.patch
> From 7b71f91162ee10c7e3482111a6f5b117623e01c0 Mon Sep 17 00:00:00 2001
> From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> Date: Wed, 16 Dec 2015 16:48:19 +0100
> Subject: [PATCH] on2avc: limit number of bits to 30 in get_egolomb
>
> More don't fit into the integer output.
>
> Also use get_bits_long, since get_bits only supports reading up to 25
> bits, while get_bits_long supports the full integer range.
>
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
> libavcodec/on2avc.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
> index 15f4dd1..04c8e41 100644
> --- a/libavcodec/on2avc.c
> +++ b/libavcodec/on2avc.c
> @@ -211,9 +211,16 @@ static inline int get_egolomb(GetBitContext *gb)
> {
> int v = 4;
>
> - while (get_bits1(gb)) v++;
> + while (get_bits1(gb)) {
> + v++;
> + if (v > 30) {
> + av_log(NULL, AV_LOG_WARNING, "Too large golomb code in get_egolomb.\n");
> + v = 30;
> + break;
> + }
> + }
>
> - return (1 << v) + get_bits(gb, v);
> + return (1 << v) + get_bits_long(gb, v);
should be fine until someone finds a tighter bound of what is allowed
thanks
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
What does censorship reveal? It reveals fear. -- Julian Assange
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20151218/75a0c805/attachment.sig>
More information about the ffmpeg-devel
mailing list