[Ffmpeg-devel] [PATCH] fix jpegls unitialized data reading

Reimar Döffinger Reimar.Doeffinger
Sun Dec 10 11:10:23 CET 2006

On Sun, Dec 10, 2006 at 02:28:37AM +0100, Michael Niedermayer wrote:
> > Sorry, yet another correction. init_get_bits should get the larger size,
> > too, in case somebody adds thorough checking of get_bits limits e.g. for
> > debugging purposes.
> hmm what about align_put_bits() ?

No, the flush_put_bits already does that implicitly, that is not the
problem (on thinking again, this might actually be a bug
that causes too many bits to be written by the encoder).
The problem is that due to escaping sometimes only 7 bits are
read. So this means you might end up with exactly one bit left to write,
i.e. get_bits_count(&gb) == size * 8 - 1, which means you overread by 7

Reimar D?ffinger

More information about the ffmpeg-devel mailing list