On 8/6/2020 5:04 AM, Xu Guangxin wrote:
> for low overhead obu, we can't forsee the obu size. we can only get it
> when we parsed the obu header.
> ---
>  libavcodec/av1_parse.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libavcodec/av1_parse.h b/libavcodec/av1_parse.h
> index a3b39f039c..823bdedd5e 100644
> --- a/libavcodec/av1_parse.h
> +++ b/libavcodec/av1_parse.h
> @@ -135,7 +135,7 @@ static inline int parse_obu_header(const uint8_t *buf, 
> int buf_size,
>  
>      size = *obu_size + *start_pos;
>  
> -    if (size > buf_size)
> +    if (!*has_size_flag && size > buf_size)

This check was added in c27c7b49dc to fix out of array reads, so this
change will surely reintroduce the issue.

Also, when has_size_flag is 0, size will never be bigger than buf_size
because it will be derived from it, meaning this change is the same as
removing the check altogether.

>          return AVERROR_INVALIDDATA;
>  
>      return size;
> 

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to