[FFmpeg-cvslog] eatqi: replace break by goto.
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Sat Mar 24 10:53:39 CET 2012
On 23 Mar 2012, at 22:37, Michael Niedermayer <michaelni at gmx.at> wrote:
> On Fri, Mar 23, 2012 at 06:30:24PM +0100, Reimar Döffinger wrote:
>> On Fri, Mar 23, 2012 at 01:04:16AM +0100, Michael Niedermayer wrote:
>>> ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Fri Mar 23 00:27:59 2012 +0100| [7c0748c2db015cf2bf2c4a32a43bd1d2697afc1e] | committer: Michael Niedermayer
>>>
>>> eatqi: replace break by goto.
>>>
>>> This fixes some heap overread.
>>>
>>> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
>>> Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
>>>
>>>> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7c0748c2db015cf2bf2c4a32a43bd1d2697afc1e
>>> ---
>>>
>>> libavcodec/eatqi.c | 3 ++-
>>> 1 files changed, 2 insertions(+), 1 deletions(-)
>>>
>>> diff --git a/libavcodec/eatqi.c b/libavcodec/eatqi.c
>>> index 5b7ff39..337fa8e 100644
>>> --- a/libavcodec/eatqi.c
>>> +++ b/libavcodec/eatqi.c
>>> @@ -139,9 +139,10 @@ static int tqi_decode_frame(AVCodecContext *avctx,
>>> for (s->mb_x=0; s->mb_x<(avctx->width+15)/16; s->mb_x++)
>>> {
>>> if(tqi_decode_mb(s, t->block) < 0)
>>> - break;
>>> + goto end;
>>> tqi_idct_put(t, t->block);
>>> }
>>> + end:
>>
>> I feel quite stupid, but I can't find any difference between the
>> old and the new code.
>
> for (s->mb_y=0; s->mb_y<(avctx->height+15)/16; s->mb_y++)
> for (s->mb_x=0; s->mb_x<(avctx->width+15)/16; s->mb_x++)
> {
> if(tqi_decode_mb(s, t->block) < 0)
> goto end;
>
> the break only broke out of the inner loop
Ah, there is the stupid, only looking at the diff instead of the code (though the indentation style of the code is a bit to blame, too).
More information about the ffmpeg-cvslog
mailing list