On 06/01/2025 12:40, Michael Niedermayer wrote:
Hi Lynne On Sun, Jan 05, 2025 at 05:59:35PM +0900, Lynne wrote:This also cleans up and gives the code some much needed comments. --- libavcodec/ffv1dec.c | 66 +++++++++++++++++++++++++++++++------------- 1 file changed, 47 insertions(+), 19 deletions(-) diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c index b7f235c47f..aa988571bc 100644 --- a/libavcodec/ffv1dec.c +++ b/libavcodec/ffv1dec.c @@ -866,6 +866,38 @@ static av_cold int decode_init(AVCodecContext *avctx) return 0; }+static int find_next_slice(AVCodecContext *avctx,+ uint8_t *buf, uint8_t *buf_end, int idx, + uint8_t **pos, uint32_t *len) +{ + FFV1Context *f = avctx->priv_data; + + /* Length field */ + uint32_t v = buf_end - buf; + if (idx || f->version > 2) { + /* Three bytes of length, plus flush bit + CRC */ + uint32_t trailer = 3 + 5*!!f->ec; + if (trailer > buf_end - buf) + v = INT_MAX; + else + v = AV_RB24(buf_end - trailer) + trailer; + } ++ if (buf_end - buf < v) { + av_log(avctx, AV_LOG_ERROR, "Slice pointer chain broken\n"); + ff_progress_frame_report(&f->picture, INT_MAX); + return AVERROR_INVALIDDATA; + }the if() can be moved into the previous if()
I'd prefer to keep it separate to make it cleaner this is a check. > the v = buf_end - buf;
is unused in the first if() so it could be set in an else
I think its cleaner this way, plus its 3 less lines.
patch LGTM otherwise
OpenPGP_0xA2FEA5F03F034464.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
