[FFmpeg-devel] [libav-devel] [PATCH] wmavoice: limit wmavoice_decode_packet return value to packet size

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Sun Jun 28 12:45:26 CEST 2015

On 28.06.2015 11:40, Luca Barbato wrote:
> On 28/06/15 11:28, Andreas Cadhalpun wrote:
>>> am i assuming correct that gb was read beyond its end ?
>> That only happens in the second case, not in the first.
>>> if so this maybe should be treated as an error instead of cliping
>> Treating one like an error, but not the other seems strange as well.
>> One could add an explode mode for both. Would that be better?
> Adding an explode option is fine for me.

OK, new patch attached.

> What happens on the first.

In that case the addition of s->spillover_nbits can make cnt larger than
the packet size.

Best regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-wmavoice-limit-wmavoice_decode_packet-return-value-t.patch
Type: text/x-diff
Size: 2344 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150628/2d1b36be/attachment.bin>

More information about the ffmpeg-devel mailing list