[FFmpeg-cvslog] h263: Check init_get_bits return value

[Michael Niedermayer]

ffmpeg | branch: release/1.1 | Michael Niedermayer <michaelni at gmx.at> | Sat Oct 26 19:02:34 2013 +0200| [d9c82cea11cef662fda21fccbe1a1f62c1689952] | committer: Sean McGovern

h263: Check init_get_bits return value

And use init_get_bits8 to check for integer overflows while at it.

CC: libav-stable at libav.org
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d9c82cea11cef662fda21fccbe1a1f62c1689952
---

 libavcodec/h263dec.c |   28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/libavcodec/h263dec.c b/libavcodec/h263dec.c
index db58fd2..47e903a 100644
--- a/libavcodec/h263dec.c
+++ b/libavcodec/h263dec.c
@@ -384,17 +384,20 @@ uint64_t time= rdtsc();
             return buf_size;
     }
 
+    if (s->bitstream_buffer_size && (s->divx_packed || buf_size < 20)) // divx 5.01+/xvid frame reorder
+        ret = init_get_bits8(&s->gb, s->bitstream_buffer,
+                             s->bitstream_buffer_size);
+    else
+        ret = init_get_bits8(&s->gb, buf, buf_size);
+    s->bitstream_buffer_size = 0;
 
-    if(s->bitstream_buffer_size && (s->divx_packed || buf_size<20)){ //divx 5.01+/xvid frame reorder
-        init_get_bits(&s->gb, s->bitstream_buffer, s->bitstream_buffer_size*8);
-    }else
-        init_get_bits(&s->gb, buf, buf_size*8);
-    s->bitstream_buffer_size=0;
+    if (ret < 0)
+        return ret;
 
-    if (!s->context_initialized) {
-        if (ff_MPV_common_init(s) < 0) //we need the idct permutaton for reading a custom matrix
-            return -1;
-    }
+    if (!s->context_initialized)
+        // we need the idct permutaton for reading a custom matrix
+        if ((ret = ff_MPV_common_init(s)) < 0)
+            return ret;
 
     /* We need to set current_picture_ptr before reading the header,
      * otherwise we cannot store anyting in there */
@@ -414,8 +417,11 @@ uint64_t time= rdtsc();
         if(s->avctx->extradata_size && s->picture_number==0){
             GetBitContext gb;
 
-            init_get_bits(&gb, s->avctx->extradata, s->avctx->extradata_size*8);
-            ret = ff_mpeg4_decode_picture_header(s, &gb);
+            ret = init_get_bits8(&gb, s->avctx->extradata,
+                                 s->avctx->extradata_size);
+            if (ret < 0)
+                return ret;
+            ff_mpeg4_decode_picture_header(s, &gb);
         }
         ret = ff_mpeg4_decode_picture_header(s, &s->gb);
     } else if (CONFIG_H263I_DECODER && s->codec_id == AV_CODEC_ID_H263I) {