[FFmpeg-devel] [PATCH v3 2/4] cbs_mpeg2: Improve checks for invalid values
James Almer
jamrial at gmail.com
Wed Apr 24 06:53:17 EEST 2019
On 4/23/2019 7:55 PM, Andreas Rheinhardt wrote:
> horizontal/vertical_size_value (containing the twelve least significant
> bits of the frame size) mustn't be zero according to the specifications;
> and the value 0 is forbidden for the colour_description elements.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
> ---
> The actual function calls after macro expansion are the same as in the
> earlier versions with the exception of the extra_bit_slice calls.
> libavcodec/cbs_mpeg2.c | 14 ++++++++------
> libavcodec/cbs_mpeg2_syntax_template.c | 20 ++++++++++----------
> 2 files changed, 18 insertions(+), 16 deletions(-)
>
> diff --git a/libavcodec/cbs_mpeg2.c b/libavcodec/cbs_mpeg2.c
> index cdde68ea38..fc21745a51 100644
> --- a/libavcodec/cbs_mpeg2.c
> +++ b/libavcodec/cbs_mpeg2.c
> @@ -41,20 +41,22 @@
> #define SUBSCRIPTS(subs, ...) (subs > 0 ? ((int[subs + 1]){ subs, __VA_ARGS__ }) : NULL)
>
> #define ui(width, name) \
> - xui(width, name, current->name, 0)
> + xui(width, name, current->name, 0, MAX_UINT_BITS(width), 0)
> +#define uir(width, name, range_min, range_max) \
> + xui(width, name, current->name, range_min, range_max, 0)
> #define uis(width, name, subs, ...) \
> - xui(width, name, current->name, subs, __VA_ARGS__)
> + xui(width, name, current->name, 0, MAX_UINT_BITS(width), subs, __VA_ARGS__)
>
>
> #define READ
> #define READWRITE read
> #define RWContext GetBitContext
>
> -#define xui(width, name, var, subs, ...) do { \
> +#define xui(width, name, var, range_min, range_max, subs, ...) do { \
> uint32_t value = 0; \
> CHECK(ff_cbs_read_unsigned(ctx, rw, width, #name, \
> SUBSCRIPTS(subs, __VA_ARGS__), \
> - &value, 0, (1 << width) - 1)); \
> + &value, range_min, range_max)); \
> var = value; \
> } while (0)
>
> @@ -81,10 +83,10 @@
> #define READWRITE write
> #define RWContext PutBitContext
>
> -#define xui(width, name, var, subs, ...) do { \
> +#define xui(width, name, var, range_min, range_max, subs, ...) do { \
> CHECK(ff_cbs_write_unsigned(ctx, rw, width, #name, \
> SUBSCRIPTS(subs, __VA_ARGS__), \
> - var, 0, (1 << width) - 1)); \
> + var, range_min, range_max)); \
> } while (0)
>
> #define marker_bit() do { \
> diff --git a/libavcodec/cbs_mpeg2_syntax_template.c b/libavcodec/cbs_mpeg2_syntax_template.c
> index 10aaea7734..27dcaad316 100644
> --- a/libavcodec/cbs_mpeg2_syntax_template.c
> +++ b/libavcodec/cbs_mpeg2_syntax_template.c
> @@ -26,8 +26,8 @@ static int FUNC(sequence_header)(CodedBitstreamContext *ctx, RWContext *rw,
>
> ui(8, sequence_header_code);
>
> - ui(12, horizontal_size_value);
> - ui(12, vertical_size_value);
> + uir(12, horizontal_size_value, 1, 4095);
> + uir(12, vertical_size_value, 1, 4095);
>
> mpeg2->horizontal_size = current->horizontal_size_value;
> mpeg2->vertical_size = current->vertical_size_value;
> @@ -79,7 +79,7 @@ static int FUNC(user_data)(CodedBitstreamContext *ctx, RWContext *rw,
> #endif
>
> for (k = 0; k < current->user_data_length; k++)
> - xui(8, user_data, current->user_data[k], 0);
> + xui(8, user_data, current->user_data[k], 0, 255, 0);
Not sure why this is using xui() to being with, when it could simply be
uis(8, user_data[k], 1, k);
And it would also look better in the trace output.
>
> return 0;
> }
> @@ -125,9 +125,9 @@ static int FUNC(sequence_display_extension)(CodedBitstreamContext *ctx, RWContex
>
> ui(1, colour_description);
> if (current->colour_description) {
> - ui(8, colour_primaries);
> - ui(8, transfer_characteristics);
> - ui(8, matrix_coefficients);
> + uir(8, colour_primaries, 1, 255);
> + uir(8, transfer_characteristics, 1, 255);
> + uir(8, matrix_coefficients, 1, 255);
> }
>
> ui(14, display_horizontal_size);
> @@ -366,16 +366,16 @@ static int FUNC(slice_header)(CodedBitstreamContext *ctx, RWContext *rw,
> if (!current->extra_information)
> return AVERROR(ENOMEM);
> for (k = 0; k < current->extra_information_length; k++) {
> - xui(1, extra_bit_slice, bit, 0);
> + xui(1, extra_bit_slice, bit, 1, 1, 0);
> xui(8, extra_information_slice[k],
> - current->extra_information[k], 1, k);
> + current->extra_information[k], 0, 255, 1, k);
> }
> }
> #else
> for (k = 0; k < current->extra_information_length; k++) {
> - xui(1, extra_bit_slice, 1, 0);
> + xui(1, extra_bit_slice, 1, 1, 1, 0);
> xui(8, extra_information_slice[k],
> - current->extra_information[k], 1, k);
> + current->extra_information[k], 0, 255, 1, k);
> }
> #endif
> }
Should be good in any case. Mark can comment on the above and/or push it.
More information about the ffmpeg-devel
mailing list