[FFmpeg-devel] [PATCH] ffmdec: sanitize codec parameters

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Fri Nov 18 23:35:29 EET 2016


On 18.11.2016 02:40, Michael Niedermayer wrote:
> On Thu, Nov 17, 2016 at 07:35:01PM +0100, Andreas Cadhalpun wrote:
>> +                if (size < 0 || size >= FF_MAX_EXTRADATA_SIZE) {
>> +                    av_log(s, AV_LOG_WARNING, "Invalid extradata size %d\n", size);
> 
> i think this and possibly others should be a hard failure
> or why would a invalid extradata_size be ok ?

The decoder might still be able to work.
What would be the advantage of a hard failure?

Best regards,
Andreas



More information about the ffmpeg-devel mailing list