[FFmpeg-devel] [PATCH] hevc_ps: verify P/T/L information

Michael Niedermayer michaelni at gmx.at
Sun Aug 10 15:48:56 CEST 2014

On Sun, Aug 10, 2014 at 03:16:23PM +0200, Christophe Gisquet wrote:
> Hi,
> 2014-08-10 14:42 GMT+02:00 Ronald S. Bultje <rsbultje at gmail.com>:
> > Are we using the checked bitstream reader? If we are, we're fine already...
> I think we are. On the other hand, it seems the top caller,
> ff_hevc_decode_nal_vps, is never checking if we have read past the
> bitstream end. Shouldn't this be checked at the very end? Hitting the
> bitstream end yet not reporting invalid data at some point looks weird
> to me.
> So, I'm just not sure this always yields vps/sps/... info, so catching
> it might be good. On the other hand, this doesn't help catching bugs
> in the code elsewhere.
> > If not, maybe we should, because let's be honest, getbits is only in
> > headers, so it's not particularly performance-sensitive.
> And this is high-level syntax (think sps), so indeed.

agree with all

should i apply the patch or apply something else ?

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

I am the wisest man alive, for I know one thing, and that is that I know
nothing. -- Socrates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140810/2426f232/attachment.asc>

More information about the ffmpeg-devel mailing list