On 5/21/2019 6:34 AM, Tomas Härdin wrote:
> tis 2019-05-21 klockan 17:44 +1000 skrev Peter Ross:
>> ---
>>
>> what's changed:
>> * apply #if CONFIG_VP4_DECODER around large vp4 code blocks
>> * improved vp4_read_mb_value thanks to reminars suggestions
>> * improved configure vp3_decoder_select
>>
>> [...]
>>
>> +#define BLOCK_X (2 * mb_x + (k & 1))
>> +#define BLOCK_Y (2 * mb_y + (k >> 1))
>> +
>> +#if CONFIG_VP4_DECODER
>> +static int vp4_read_mb_value(GetBitContext *gb)
>> +{
>> + int v = 1;
>> + int bits = show_bits(gb, 9);
>
> This call to show_bits() looks unnecessary
>
>> + while ((bits = show_bits(gb, 9)) == 0x1ff) {
>> + skip_bits(gb, 9);
>> + v += 256;
>> + }
>
> I have a feeling this loop should have a stop condition like v <
> SOME_LARGE_VALUE, say INT_MAX-255 or yuv_macroblock_count, to reject
> corrupt/malicious files and not cause undefined behavior
Using get_bits_left(gb) would be better than an arbitrary large value.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
