On Wed, Jul 04, 2018 at 03:03:03AM +0200, Michael Niedermayer wrote: > On Tue, Jul 03, 2018 at 11:52:59PM +0200, Carl Eugen Hoyos wrote: > > 2018-07-03 23:05 GMT+02:00, Michael Niedermayer <mich...@niedermayer.cc>: > > > Fixes: out of array read > > > Fixes: asff-crash-0e53d0dc491dfdd507530b66562812fbd4c36678 > > > > > > Found-by: Paul Ch <paulc...@icloud.com> > > > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > > > --- > > > libavcodec/mpeg4videodec.c | 11 ++++++++++- > > > 1 file changed, 10 insertions(+), 1 deletion(-) > > > > > > diff --git a/libavcodec/mpeg4videodec.c b/libavcodec/mpeg4videodec.c > > > index 2df525e03a..24c280df46 100644 > > > --- a/libavcodec/mpeg4videodec.c > > > +++ b/libavcodec/mpeg4videodec.c > > > @@ -2867,11 +2867,13 @@ static int decode_vop_header(Mpeg4DecContext *ctx, > > > GetBitContext *gb) > > > return 0; > > > } > > > > > > -static void read_quant_matrix_ext(MpegEncContext *s, GetBitContext *gb) > > > +static int read_quant_matrix_ext(MpegEncContext *s, GetBitContext *gb) > > > > Why is changing the return type of this function useful (in the context > > of the actual patch)? > > Its just more in line with how the code should be. > Full error checking, reporting and handling such errors. > The patch does only the hunks needed to fix this (easy backportable i assume) > if i leave the return type and just return, i will need a future patch that > changes the very same lines to return an error
will apply as this issue was reported by a 2nd researcher it seems already thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The bravest are surely those who have the clearest vision of what is before them, glory and danger alike, and yet notwithstanding go out to meet it. -- Thucydides
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
