Re: [FFmpeg-devel] [PATCH] on2avc: limit number of bits to 30 in get_egolomb

Thu, 17 Dec 2015 14:30:22 -0800 

On 17.12.2015 13:28, Michael Niedermayer wrote:
> On Wed, Dec 16, 2015 at 08:20:18PM +0100, Andreas Cadhalpun wrote:
>> More don't fit into the integer output.
>>
>> Also use get_bits_long, since get_bits only supports reading up to 25
>> bits, while get_bits_long supports the full integer range.
>>
>> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
>> ---
>>  libavcodec/on2avc.c | 4 ++--
>>  1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
>> index 15f4dd1..10861b5 100644
>> --- a/libavcodec/on2avc.c
>> +++ b/libavcodec/on2avc.c
>> @@ -211,9 +211,9 @@ static inline int get_egolomb(GetBitContext *gb)
>>  {
>>      int v = 4;
>>  
>> -    while (get_bits1(gb)) v++;
>> +    while (get_bits1(gb) && v < 30) v++;
> 
> it could make sense to print a warning or error in case its too long

OK, updated patch attached.

Best regards,
Andreas


>From 7b71f91162ee10c7e3482111a6f5b117623e01c0 Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
Date: Wed, 16 Dec 2015 16:48:19 +0100
Subject: [PATCH] on2avc: limit number of bits to 30 in get_egolomb

More don't fit into the integer output.

Also use get_bits_long, since get_bits only supports reading up to 25
bits, while get_bits_long supports the full integer range.

Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
---
 libavcodec/on2avc.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
index 15f4dd1..04c8e41 100644
--- a/libavcodec/on2avc.c
+++ b/libavcodec/on2avc.c
@@ -211,9 +211,16 @@ static inline int get_egolomb(GetBitContext *gb)
 {
     int v = 4;
 
-    while (get_bits1(gb)) v++;
+    while (get_bits1(gb)) {
+        v++;
+        if (v > 30) {
+            av_log(NULL, AV_LOG_WARNING, "Too large golomb code in get_egolomb.\n");
+            v = 30;
+            break;
+        }
+    }
 
-    return (1 << v) + get_bits(gb, v);
+    return (1 << v) + get_bits_long(gb, v);
 }
 
 static int on2avc_decode_pairs(On2AVCContext *c, GetBitContext *gb, float *dst,
-- 
2.6.2


_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Reply via email to