[FFmpeg-devel] [PATCH] lavu/avstring: check for overlong encodings
Stefano Sabatini
stefasab at gmail.com
Mon Sep 1 10:50:49 CEST 2014
On date Saturday 2014-08-30 15:30:02 +0200, Nicolas George encoded:
> Le tridi 13 fructidor, an CCXXII, Stefano Sabatini a écrit :
> > Unless there is an error in the code, a tail length of 6 bytes should
> > never be reached.
> >
> > > Furthermore, the function is capable of decoding the full UTF-8 range, up to
> > > (1<<31)-1, and that takes 6 octets.
> >
> > There is a separate check in the function:
>
> Sorry, I missed the fact that tail_len does not count the initial octet. The
> assert should be ok then.
>
> > I believe overlong encodings are illegal, and thus should be never
> > accepted.
>
> As you wish, a flag can be added later anyway if the default is to reject.
Thanks for the reviews, finally pushed.
--
FFmpeg = Faithless & Frightening Meaningless Philosophical Ecumenical Gem
More information about the ffmpeg-devel
mailing list