[FFmpeg-devel] [PATCH 3/8] cbs_mpeg2: Improve checks for invalid values

Andreas Rheinhardt andreas.rheinhardt at googlemail.com
Sat Dec 1 21:28:05 EET 2018


horizontal/vertical_size_value (containing the twelve least significant
bits of the frame size) mustn't be zero according to the specifications.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at googlemail.com>
---
 libavcodec/cbs_mpeg2.c                 | 17 ++++++++++-------
 libavcodec/cbs_mpeg2_syntax_template.c |  4 ++--
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/libavcodec/cbs_mpeg2.c b/libavcodec/cbs_mpeg2.c
index 8b8b266563..0c7d358f24 100644
--- a/libavcodec/cbs_mpeg2.c
+++ b/libavcodec/cbs_mpeg2.c
@@ -42,19 +42,22 @@
 
 #define ui(width, name) \
         xui(width, name, current->name, 0)
+#define uir(width, name, range_min, range_max) \
+        xuir(width, name, current->name, range_min, range_max, 0)
 #define uis(width, name, subs, ...) \
         xui(width, name, current->name, subs, __VA_ARGS__)
-
+#define xui(width, name, var, subs, ...) \
+        xuir(width, name, var, 0, (1 << width) - 1, subs, __VA_ARGS__)
 
 #define READ
 #define READWRITE read
 #define RWContext GetBitContext
 
-#define xui(width, name, var, subs, ...) do { \
+#define xuir(width, name, var, range_min, range_max, subs, ...) do { \
         uint32_t value = 0; \
         CHECK(ff_cbs_read_unsigned(ctx, rw, width, #name, \
                                    SUBSCRIPTS(subs, __VA_ARGS__), \
-                                   &value, 0, (1 << width) - 1)); \
+                                   &value, range_min, range_max)); \
         var = value; \
     } while (0)
 
@@ -72,7 +75,7 @@
 #undef READ
 #undef READWRITE
 #undef RWContext
-#undef xui
+#undef xuir
 #undef marker_bit
 #undef nextbits
 
@@ -81,10 +84,10 @@
 #define READWRITE write
 #define RWContext PutBitContext
 
-#define xui(width, name, var, subs, ...) do { \
+#define xuir(width, name, var, range_min, range_max, subs, ...) do { \
         CHECK(ff_cbs_write_unsigned(ctx, rw, width, #name, \
                                     SUBSCRIPTS(subs, __VA_ARGS__), \
-                                    var, 0, (1 << width) - 1)); \
+                                    var, range_min, range_max)); \
     } while (0)
 
 #define marker_bit() do { \
@@ -98,7 +101,7 @@
 #undef READ
 #undef READWRITE
 #undef RWContext
-#undef xui
+#undef xuir
 #undef marker_bit
 #undef nextbits
 
diff --git a/libavcodec/cbs_mpeg2_syntax_template.c b/libavcodec/cbs_mpeg2_syntax_template.c
index 88cf453b17..fd059d56d4 100644
--- a/libavcodec/cbs_mpeg2_syntax_template.c
+++ b/libavcodec/cbs_mpeg2_syntax_template.c
@@ -26,8 +26,8 @@ static int FUNC(sequence_header)(CodedBitstreamContext *ctx, RWContext *rw,
 
     ui(8,  sequence_header_code);
 
-    ui(12, horizontal_size_value);
-    ui(12, vertical_size_value);
+    uir(12, horizontal_size_value, 1, (1 << 12) -1);
+    uir(12, vertical_size_value, 1, (1 << 12) - 1);
 
     mpeg2->horizontal_size = current->horizontal_size_value;
     mpeg2->vertical_size   = current->vertical_size_value;
-- 
2.19.1



More information about the ffmpeg-devel mailing list