Re: [FFmpeg-devel] [PATCH v1 1/1] avcodec/vorbisdec: Return value check for init_get_bits

Ping. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH v2 1/1] avcodec/vble: Return value check for init_get_bits

Ping. > On Sep 4, 2021, at 10:09 AM, Maryam Ebrahimzadeh wrote: > > > > On Aug 31, 2021, at 11:02 AM, Andreas Rheinhardt > mailto:andreas.rheinha...@outlook.com>> wrote: > > So instead of removing said check it > > In the previous version I didn’t rem

Re: [FFmpeg-devel] [PATCH v2 1/1] avcodec/vble: Return value check for init_get_bits

On Aug 31, 2021, at 11:02 AM, Andreas Rheinhardt mailto:andreas.rheinha...@outlook.com>> wrote: So instead of removing said check it In the previous version I didn’t remove it, but Paul B Mahol said remove the previous check. Here

[FFmpeg-devel] [PATCH v2 1/1] avcodec/vble: Return value check for init_get_bits

avcodec/vble: Return value check for init_get_bits As the second argument for init_get_bits can be crafted, a return value check for this function call is necessary. So replace init_get_bits with init_get_bits8 and remove a duplicate check before the callsite. --- libavcodec/vble.c | 6 -- 1

Re: [FFmpeg-devel] [PATCH v1 1/1] avcodec/vble: Return value check for init_get_bits

There are some other checks in init_get_bits function that make the function return AVERROR_INVALIDDATA. So it is essential to check the return value. Line 629 in libavcodec/get_bits.h function init_get_bits_xe: if (bit_size >= INT_MAX - FFMAX(7, AV_INPUT_BUFFER_PADDING_SIZE*8) || bit_size < 0

[FFmpeg-devel] [PATCH v1 1/1] avcodec/vorbisdec: Return value check for init_get_bits

avcodec/vorbisdec: Return value check for init_get_bits As the second argument for init_get_bits can be crafted, a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/vorbisdec.c | 8 ++-- 1 file changed, 6 insertions(+), 2 d

[FFmpeg-devel] [PATCH v1 1/1] avcodec/vble: Return value check for init_get_bits

avcodec/vble: Return value check for init_get_bits Similar to CVE-2021-38171 as the second argument for init_get_bits() can be crafted, a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/vble.c | 4 +++- 1 file changed, 3 inse

Re: [FFmpeg-devel] [PATCH v3 1/1] avcodec/wmalosslessdec: Return value check for init_get_bits

Why and where it is breaking normal decoding? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH v3 1/1] avcodec/wmalosslessdec: Return value check for init_get_bits

avcodec/wmalosslessdec: Return value check for init_get_bits Similar to CVE-2021-38171 as the second argument for init_get_bits(avpkt and buf) can be crafted, a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/wmalosslessdec

Re: [FFmpeg-devel] [PATCH v2 1/1] avcodec/wmaprodec: return value check for init_get_bits

On Aug 28, 2021, at 9:54 PM, Paul B Mahol mailto:one...@gmail.com>> wrote: applied with minor changes Thank you. Why you change the commit message? Regards, Maryam ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/li

Re: [FFmpeg-devel] [PATCH v2 1/1] avcodec/wmaprodec: return value check for init_get_bits

ping. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH v2 1/1] avcodec/wmalosslessdec: return value check for init_get_bits

Similar to CVE-2021-38171 as the second argument for init_get_bits(avpkt and bu$ a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/wmalosslessdec.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/l

[FFmpeg-devel] [PATCH v2 1/1] avcodec/wmaprodec: return value check for init_get_bits

avcodec/wmaprodec: Return value check for init_get_bits Similar to CVE-2021-38171 as the second argument for init_get_bits(avpkt and buf) can be crafted, a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/wmaprodec.c | 9

Re: [FFmpeg-devel] [PATCH v3 1/1] avcodec/vp6: return value check for init_get_bits

Thanks, So when will you apply this? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH v5 1/1] avcodec/vc1dec: Return value check for init_get_bits

Thanks, So when will you apply this? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH v3 1/1] avcodec/vp6: return value check for init_get_bits

ping. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH v5 1/1] avcodec/vc1dec: Return value check for init_get_bits

ping. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH v3 1/1] avcodec/vp6: return value check for init_get_bits

avcodec/vp6: Return value check for init_get_bits As the second argument for init_get_bits(buf) can be crafted, a return value check for this function call is necessary. Also replace init_get_bits with init_get_bits8. --- libavcodec/vp6.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)

[FFmpeg-devel] [PATCH v5 1/1] avcodec/vc1dec: Return value check for init_get_bits

avcodec/vc1dec: Return value check for init_get_bits As the second argument for init_get_bits(avctx and buf) can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8 and add return value check. --- libavcodec/vc1dec.c | 11 ---

Re: [FFmpeg-devel] [PATCH v4 1/1] avcodec/vc1dec: return value check for init_get_bits

Paul B Mahol mailto:one...@gmail.com>> wrote: why are there whitespaces before text in the commit log? Sorry, which do you mean? — Maryam Ebrahimzadeh ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/

[FFmpeg-devel] [PATCH v4 1/1] avcodec/vc1dec: return value check for init_get_bits

avcodec/vc1dec: return value check for init_get_bits As the second argument for init_get_bits(avctx and buf) can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8. --- libavcodec/vc1dec.c | 11 --- 1 file changed, 8 inser

[FFmpeg-devel] [PATCH v3 1/1] return value check for init_get_bits in vc1dec.c

Return value check: return value check for init_get_bits in vc1dec.c As the second argument for init_get_bits(avctx and buf) can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8. --- libavcodec/vc1dec.c | 11 --- 1 file c

Re: [FFmpeg-devel] [PATCH v3 1/1] return value check for init_get_bits in vc1dec.c

As the second argument for init_get_bits (avctx and bus ) can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/

[FFmpeg-devel] [PATCH v3 1/1] return value check for init_get_bits in vc1dec.c

--- libavcodec/vc1dec.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c index 1fb1950ade..0f7c07f2e8 100644 --- a/libavcodec/vc1dec.c +++ b/libavcodec/vc1dec.c @@ -444,7 +444,9 @@ static av_cold int vc1_decode_init(AVCodecCo

Re: [FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in vc1dec.c

Ping. > On Aug 13, 2021, at 1:23 AM, maryam ebrahimzadeh wrote: > > --- > libavcodec/vc1dec.c | 11 --- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c > index 1fb1950ade..bc76a07ca6 100644 > --- a/

[FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in vp6.c

--- libavcodec/vp6.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c index 73822a00f9..d024370793 100644 --- a/libavcodec/vp6.c +++ b/libavcodec/vp6.c @@ -167,7 +167,9 @@ static int vp6_parse_header(VP56Context *s, const uint8_t *buf, int

[FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in vc1dec.c

--- libavcodec/vc1dec.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c index 1fb1950ade..bc76a07ca6 100644 --- a/libavcodec/vc1dec.c +++ b/libavcodec/vc1dec.c @@ -444,7 +444,9 @@ static av_cold int vc1_decode_init(AVCodecCo

Re: [FFmpeg-devel] [PATCH v1 07/10] return value check for init_get_bits in vc1dec.c

I choose them because their second argument can be crafted. On Aug 12, 2021, at 10:29 AM, Hendrik Leppkes mailto:h.lepp...@gmail.com>> wrote: On Thu, Aug 12, 2021 at 6:53 AM maryam ebrahimzadeh mailto:me22...@outlook.com>> wrote: --- libavcodec/vc1dec.c | 8 ++-- 1 fil

Re: [FFmpeg-devel] [PATCH v1 01/10] return value check for init_get_bits in wmv2dec.c

On Aug 12, 2021, at 10:23 AM, Hendrik Leppkes mailto:h.lepp...@gmail.com>> wrote: On Thu, Aug 12, 2021 at 6:48 AM maryam ebrahimzadeh mailto:me22...@outlook.com>> wrote: As the second argument for init_get_bits can be crafted, a return value check for this function call is n

[FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in wmadec.c

sorry for my mistake. previous version faild to make. --- libavcodec/sipr.c| 5 +++-- libavcodec/truemotion2.c | 12 +--- libavcodec/utvideodec.c | 8 ++-- libavcodec/vaapi_mpeg2.c | 5 - libavcodec/vble.c| 5 +++-- libavcodec/vc1dec.c | 8 ++-- libav

[FFmpeg-devel] [PATCH v1 10/10] return value check for init_get_bits in utvideodec.c

--- libavcodec/utvideodec.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c index b39d8a7948..144992ff0d 100644 --- a/libavcodec/utvideodec.c +++ b/libavcodec/utvideodec.c @@ -153,7 +153,9 @@ static int decode_plane10(Ut

[FFmpeg-devel] [PATCH v1 09/10] return value check for init_get_bits in vaapi_mpeg2.c

--- libavcodec/vaapi_mpeg2.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libavcodec/vaapi_mpeg2.c b/libavcodec/vaapi_mpeg2.c index 26e0cd827c..8e3903212a 100644 --- a/libavcodec/vaapi_mpeg2.c +++ b/libavcodec/vaapi_mpeg2.c @@ -136,9 +136,12 @@ static int vaapi_mpeg2_dec

[FFmpeg-devel] [PATCH v1 08/10] return value check for init_get_bits in vble.c

--- libavcodec/vble.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libavcodec/vble.c b/libavcodec/vble.c index f1400959e0..d3e1804c7b 100644 --- a/libavcodec/vble.c +++ b/libavcodec/vble.c @@ -146,8 +146,9 @@ static int vble_decode_frame(AVCodecContext *avctx, void *da

[FFmpeg-devel] [PATCH v1 07/10] return value check for init_get_bits in vc1dec.c

--- libavcodec/vc1dec.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c index 1fb1950ade..07d60294f2 100644 --- a/libavcodec/vc1dec.c +++ b/libavcodec/vc1dec.c @@ -444,7 +444,9 @@ static av_cold int vc1_decode_init(AVCodecContex

[FFmpeg-devel] [PATCH v1 06/10] return value check for init_get_bits in vp6.c

--- libavcodec/vp6.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c index 73822a00f9..149daa59f3 100644 --- a/libavcodec/vp6.c +++ b/libavcodec/vp6.c @@ -167,7 +167,9 @@ static int vp6_parse_header(VP56Context *s, const uint8_t *buf, int

[FFmpeg-devel] [PATCH v1 05/10] return value check for init_get_bits in vorbisdec.c

--- libavcodec/vorbisdec.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libavcodec/vorbisdec.c b/libavcodec/vorbisdec.c index dac2b6841c..80358f6359 100644 --- a/libavcodec/vorbisdec.c +++ b/libavcodec/vorbisdec.c @@ -1052,7 +1052,9 @@ static av_cold int vorbis_decod

[FFmpeg-devel] [PATCH v1 04/10] return value check for init_get_bits in wmadec.c

--- libavcodec/wmadec.c | 15 +++ 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/libavcodec/wmadec.c b/libavcodec/wmadec.c index d627bbe50e..6ac6221d11 100644 --- a/libavcodec/wmadec.c +++ b/libavcodec/wmadec.c @@ -822,6 +822,7 @@ static int wma_decode_superframe(AVCode

[FFmpeg-devel] [PATCH v1 03/10] return value check for init_get_bits in wmalosslessdec.c

--- libavcodec/wmalosslessdec.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/libavcodec/wmalosslessdec.c b/libavcodec/wmalosslessdec.c index 74c91f4f7e..a2e83ca99c 100644 --- a/libavcodec/wmalosslessdec.c +++ b/libavcodec/wmalosslessdec.c @@ -1187,6 +1187,7 @@ stati

[FFmpeg-devel] [PATCH v1 02/10] return value check for init_get_bits in wmaprodec.c

--- libavcodec/wmaprodec.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/libavcodec/wmaprodec.c b/libavcodec/wmaprodec.c index e0d00d2d37..23df0be6ab 100644 --- a/libavcodec/wmaprodec.c +++ b/libavcodec/wmaprodec.c @@ -1615,6 +1615,7 @@ static int decode_packet(AVCod

[FFmpeg-devel] [PATCH v1 01/10] return value check for init_get_bits in wmv2dec.c

As the second argument for init_get_bits can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8. --- libavcodec/wmv2dec.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libavcodec/wmv2dec.c b/libavcodec/w

Re: [FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in adts_decode_extradata

Ping. > On Aug 5, 2021, at 12:45 AM, maryam ebrahimzadeh wrote: > > version2: > As second argument for init_get_bits (buf) can be crafted, return value check > for this function call is necessary. > 'buf' is part of 'AVPacket pkt'. >

[FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in adts_decode_extradata

version2: As second argument for init_get_bits (buf) can be crafted, return value check for this function call is necessary. 'buf' is part of 'AVPacket pkt'. replace init_get_bits with init_get_bits8. --- libavformat/adtsenc.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --

[FFmpeg-devel] [PATCH v2 1/1] return value check for init_get_bits in adts_decode_extradata

version2: As second argument for init_get_bits (buf) can be crafted, return value check for this function call is necessary. 'buf' is part of 'AVPacket pkt'. replace init_get_bits with init_get_bits8. --- libavformat/adtsenc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git

Re: [FFmpeg-devel] [PATCH v1 1/1] return value check for init_get_bits in adts_decode_extradata

Ping. > On Aug 3, 2021, at 11:58 AM, maryam ebrahimzadeh wrote: > > As second argument for init_get_bits (buf) can be crafted, return value check > for this function call is necessary. > 'buf' is part of 'AVPacket pkt'. > > --- > libavfor

Re: [FFmpeg-devel] [PATCH v1 1/1] check and propagate function return value

On Aug 3, 2021, at 11:07 AM, Paul B Mahol mailto:one...@gmail.com>> wrote: lgtm Thanks for reviewing. If it is my duty, how can I push it to the master? ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://f

[FFmpeg-devel] [PATCH v1 1/1] return value check for init_get_bits in adts_decode_extradata

As second argument for init_get_bits (buf) can be crafted, return value check for this function call is necessary. 'buf' is part of 'AVPacket pkt'. --- libavformat/adtsenc.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libavformat/adtsenc.c b/libavformat/adtsenc.c

[FFmpeg-devel] [PATCH v1 1/1] check and propagate function return value

From: maryam ebr Hello, similar to CVE-2013-0868, here return value check for 'init_vlc' is needed. crafted DNxHD data can cause unspecified impact. --- libavcodec/dnxhddec.c | 21 ++--- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/libavcodec/dnxhddec.c b/libav