[FFmpeg-devel] [PATCH v1 01/10] return value check for init_get_bits in wmv2dec.c
Maryam Ebrahimzadeh
me22bee at outlook.com
Thu Aug 12 09:00:32 EEST 2021
On Aug 12, 2021, at 10:23 AM, Hendrik Leppkes <h.leppkes at gmail.com<mailto:h.leppkes at gmail.com>> wrote:
On Thu, Aug 12, 2021 at 6:48 AM maryam ebrahimzadeh <me22bee at outlook.com<mailto:me22bee at outlook.com>> wrote:
As the second argument for init_get_bits can be crafted, a return value check for this function call is necessary so replace init_get_bits with init_get_bits8.
---
libavcodec/wmv2dec.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libavcodec/wmv2dec.c b/libavcodec/wmv2dec.c
index c500e3e779..73da73c02c 100644
--- a/libavcodec/wmv2dec.c
+++ b/libavcodec/wmv2dec.c
@@ -101,12 +101,14 @@ static int decode_ext_header(Wmv2Context *w)
GetBitContext gb;
int fps;
int code;
+ int ret;
if (s->avctx->extradata_size < 4)
return AVERROR_INVALIDDATA;
- init_get_bits(&gb, s->avctx->extradata, 32);
-
+ ret = init_get_bits8(&gb, s->avctx->extradata, 4);
+ if (ret < 0)
+ return ret;
This is a fixed size, the buffer size is checked right above, what
exactly would the error condition be here?
Init_get_bits8 checks for overflow and some other conditions (in init_get_bits_xe ) too.
- Hendrik
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel at ffmpeg.org<mailto:ffmpeg-devel at ffmpeg.org>
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request at ffmpeg.org<mailto:ffmpeg-devel-request at ffmpeg.org> with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list