[FFmpeg-devel] [PATCH v2 1/1] avcodec/vble: Return value check for init_get_bits

[Andreas Rheinhardt]

maryam ebrahimzadeh:
> avcodec/vble: Return value check for init_get_bits
> 
> As the second argument for init_get_bits can be crafted,
> a return value check for this function call is necessary.
> So replace init_get_bits with init_get_bits8 and remove a duplicate check before
> the callsite.
> 
> ---
>  libavcodec/vble.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/libavcodec/vble.c b/libavcodec/vble.c
> index f1400959e0..c1d3cdcc95 100644
> --- a/libavcodec/vble.c
> +++ b/libavcodec/vble.c
> @@ -127,7 +127,7 @@ static int vble_decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
>      int ret;
>      ThreadFrame frame = { .f = data };
>  
> -    if (avpkt->size < 4 || avpkt->size - 4 > INT_MAX/8) {
> +    if (avpkt->size < 4) {
>          av_log(avctx, AV_LOG_ERROR, "Invalid packet size\n");
>          return AVERROR_INVALIDDATA;
>      }
> @@ -146,7 +146,9 @@ static int vble_decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
>      if (version != 1)
>          av_log(avctx, AV_LOG_WARNING, "Unsupported VBLE Version: %d\n", version);
>  
> -    init_get_bits(&gb, src + 4, (avpkt->size - 4) * 8);
> +    ret = init_get_bits8(&gb, src + 4, avpkt->size - 4);
> +    if (ret < 0)
> +        return ret;
>  
>      /* Unpack */
>      if (vble_unpack(ctx, &gb) < 0) {
> 
Checking before the callsite has the advantage of not trying to allocate
a huge buffer that ends up unused. So instead of removing said check it
should be fixed: get_bits.h should properly export the maximum supported
buffer size and that should be checked at the beginning.

- Andreas