[FFmpeg-devel] [PATCH 04/10] avcodec/cbs_av1: Make overread check more robust

Wed Sep 18 06:26:01 EEST 2019

When performing a comparison of a signed int and an unsigned int, the
signed int is first converted to an unsigned int, so that negative
values are being treated as big, positive values. This can become a
problem in an overread check, namely when an overread already happened.
So change the type of the variable containing the amount of bits that
need to be left to signed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
---
I am not aware of any situation where cbs overreads, but robustness is
nevertheless valueable.

 libavcodec/cbs_av1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/cbs_av1.c b/libavcodec/cbs_av1.c
index 0ff6d60ae2..84998e1e8c 100644
--- a/libavcodec/cbs_av1.c
+++ b/libavcodec/cbs_av1.c
@@ -211,8 +211,8 @@ static int cbs_av1_read_ns(CodedBitstreamContext *ctx, GetBitContext *gbc,
                            uint32_t n, const char *name,
                            const int *subscripts, uint32_t *write_to)
 {
-    uint32_t w, m, v, extra_bit, value;
-    int position;
+    uint32_t m, v, extra_bit, value;
+    int position, w;
 
     av_assert0(n > 0);
 
-- 
2.20.1

