[FFmpeg-devel] [PATCH 1/2] avcodec/hap: pass texture-compression destination as argument, not in context

Michael Niedermayer michael at niedermayer.cc
Tue Nov 8 14:44:05 EET 2016


On Tue, Nov 08, 2016 at 12:21:52AM +0000, Tom Butterworth wrote:
> This allows a subsequent change to compress directly into the output packet when possible.
> ---
>  libavcodec/hapenc.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/libavcodec/hapenc.c b/libavcodec/hapenc.c
> index 076923b..7056b62 100644
> --- a/libavcodec/hapenc.c
> +++ b/libavcodec/hapenc.c
> @@ -52,10 +52,9 @@ enum HapHeaderLength {
>      HAP_HDR_LONG = 8,
>  };
>  
> -static void compress_texture(AVCodecContext *avctx, const AVFrame *f)
> +static void compress_texture(AVCodecContext *avctx, uint8_t *out, const AVFrame *f)

passing an output array without array size into a function raises a
red security flag.

This should have some check or assert to protect against overwriting
beyond the array end.
And or the size requirements should be documented so that the code
allocating and te code writing stay in sync

Even if it never can overwrite ATM,  assumtations can easily get
broken or get out of sync by mistake ...

while this isnt exactly a problem introduced by this patch i think this
should be improved

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Frequently ignored answer#1 FFmpeg bugs should be sent to our bugtracker. User
questions about the command line tools should be sent to the ffmpeg-user ML.
And questions about how to use libav* should be sent to the libav-user ML.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20161108/4a3aeb87/attachment.sig>


More information about the ffmpeg-devel mailing list