[FFmpeg-devel] [PATCH 50/57] avcodec/h261dec: Fix UB NULL + 0, remove broken resync code
Andreas Rheinhardt
andreas.rheinhardt at outlook.com
Wed Jun 12 16:48:46 EEST 2024
last_resync_gb is never initialized, causing NULL + 0
in align_get_bits(). In addition to that, the loop is never
entered.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>
---
libavcodec/h261dec.c | 18 +-----------------
1 file changed, 1 insertion(+), 17 deletions(-)
diff --git a/libavcodec/h261dec.c b/libavcodec/h261dec.c
index 8671800c3e..2038afc591 100644
--- a/libavcodec/h261dec.c
+++ b/libavcodec/h261dec.c
@@ -172,7 +172,7 @@ static int h261_decode_gob_header(H261DecContext *h)
static int h261_resync(H261DecContext *h)
{
MpegEncContext *const s = &h->s;
- int left, ret;
+ int ret;
if (h->gob_start_code_skipped) {
ret = h261_decode_gob_header(h);
@@ -185,22 +185,6 @@ static int h261_resync(H261DecContext *h)
return 0;
}
// OK, it is not where it is supposed to be ...
- s->gb = s->last_resync_gb;
- align_get_bits(&s->gb);
- left = get_bits_left(&s->gb);
-
- for (; left > 15 + 1 + 4 + 5; left -= 8) {
- if (show_bits(&s->gb, 15) == 0) {
- GetBitContext bak = s->gb;
-
- ret = h261_decode_gob_header(h);
- if (ret >= 0)
- return 0;
-
- s->gb = bak;
- }
- skip_bits(&s->gb, 8);
- }
}
return -1;
--
2.40.1
More information about the ffmpeg-devel
mailing list