[FFmpeg-devel] [PATCH] r210, r10k and avrp encoder

Michael Niedermayer michaelni at gmx.at
Wed Jan 25 22:54:30 CET 2012


On Wed, Jan 25, 2012 at 10:26:10PM +0100, Alexander Strasser wrote:
> Hi Paul,
> 
> Paul B Mahol wrote:
> [...]
> > diff --git a/libavcodec/r210enc.c b/libavcodec/r210enc.c
> > new file mode 100644
> > index 0000000..cfe433e
> > --- /dev/null
> > +++ b/libavcodec/r210enc.c
> > @@ -0,0 +1,120 @@
> [...]
> > +static int encode_frame(AVCodecContext *avctx, uint8_t *buf,
> > +                        int buf_size, void *data)
> > +{
> > +    AVFrame *pic = data;
> > +    int i, j;
> > +    int aligned_width = FFALIGN(avctx->width, 64);
> > +    uint8_t *src_line;
> > +    uint8_t *dst = buf;
> > +
> > +    if (buf_size < 4 * aligned_width * avctx->height) {
> 
>   Isn't this vulnerable to sign overflow?

Theres a check in avcodec_open2() that should stop such lareg sizes

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

There seems to be only one solution to NIH syndrom, ... a shooting squad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20120125/85ddd6a0/attachment.asc>


More information about the ffmpeg-devel mailing list