[FFmpeg-devel] [PATCH] huffyuvdec: validate image size

Michael Niedermayer michaelni at gmx.at
Sun Jun 28 14:17:58 CEST 2015 

On Sun, Jun 28, 2015 at 11:23:12AM +0200, Andreas Cadhalpun wrote:
> On 27.06.2015 22:40, Michael Niedermayer wrote:
> > On Sat, Jun 27, 2015 at 07:42:48PM +0200, Andreas Cadhalpun wrote:
> >> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> >> ---
> >>  libavcodec/huffyuvdec.c | 6 ++++++
> >>  1 file changed, 6 insertions(+)
> >>
> >> diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c
> >> index 98c6128..71fb9e3 100644
> >> --- a/libavcodec/huffyuvdec.c
> >> +++ b/libavcodec/huffyuvdec.c
> >> @@ -291,6 +291,12 @@ static av_cold int decode_init(AVCodecContext *avctx)
> >>      HYuvContext *s = avctx->priv_data;
> >>      int ret;
> >>  
> >> +    if (avctx->width <= 0 || avctx->height <= 0) {
> > 
> > LGTM
> > alternatively av_image_check_size() could be used but this should
> > be equally fine
> 
> On 27.06.2015 22:40, Luca Barbato wrote:
> > There is a function to validate the dimensions. That isn't enough, I
> > think I sent a patch recently that does that for another codec.
> 
> OK, new patch using av_image_check_size attached.
> 
> Best regards,
> Andreas

>  huffyuvdec.c |    5 +++++
>  1 file changed, 5 insertions(+)
> bc13fbe9569565b84fde3c4757c64f3f391a4f9b  0001-huffyuvdec-validate-image-size.patch
> From b840a905bebfb6549c1de689911dd740746627fa Mon Sep 17 00:00:00 2001
> From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> Date: Sun, 28 Jun 2015 11:21:54 +0200
> Subject: [PATCH] huffyuvdec: validate image size
> 
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>

LGTM

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Avoid a single point of failure, be that a person or equipment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150628/97563262/attachment.asc>

More information about the ffmpeg-devel mailing list