On Tue, Jan 12, 2016 at 02:19:53PM +0100, Carl Eugen Hoyos wrote:
> On Tuesday 12 January 2016 02:16:52 pm Michael Niedermayer wrote:
> > On Tue, Jan 12, 2016 at 09:58:53AM +0100, Carl Eugen Hoyos wrote:
>
> > > - if (memcmp("AVI1", buf + 6, 4)) {
> > > - av_log(avctx, AV_LOG_ERROR, "input is not MJPEG/AVI1\n");
> > > - return AVERROR_INVALIDDATA;
> > > + if (buf[2] == 0xff && buf[3] == APP0) {
> > > + input_skip = (buf[4] << 8) + buf[5] + 4;
> > > + } else {
> > > + input_skip = 2;
> >
> > shouldnt the first 2 bytes that are being skiped be checked ?
>
> I don't know (possibly) but it seems unrelated to this patch:
> They are not checked now.
true
still before the patch 4 bytes are checked, afterwards none
these 4 bytes sort of imply that the previous bytes arent arbitrary
if the 2 bytes are different from what is expected then the code
would potentially generate invalid output, or do i miss some check
elsewhere that would prevent that ?
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Everything should be made as simple as possible, but not simpler.
-- Albert Einstein
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
