[FFmpeg-devel] libavcodec/mpeg12dec.c: Check return value of init_get_bits
Andreas Rheinhardt
andreas.rheinhardt at outlook.com
Tue Jul 20 01:50:30 EEST 2021
Thierry Foucu:
> ---
> libavcodec/mpeg12dec.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c
> index b27ed5bd6d..edca202f0e 100644
> --- a/libavcodec/mpeg12dec.c
> +++ b/libavcodec/mpeg12dec.c
> @@ -1341,8 +1341,11 @@ static int mpeg1_decode_picture(AVCodecContext *avctx, const uint8_t *buf,
> Mpeg1Context *s1 = avctx->priv_data;
> MpegEncContext *s = &s1->mpeg_enc_ctx;
> int ref, f_code, vbv_delay;
> + int ret = 0;
>
> - init_get_bits(&s->gb, buf, buf_size * 8);
> + ret = init_get_bits(&s->gb, buf, buf_size * 8);
> + if (ret < 0)
> + return ret;
>
> ref = get_bits(&s->gb, 10); /* temporal ref */
> s->pict_type = get_bits(&s->gb, 3);
>
Actually, you should use init_get_bits8(), because this checks that
buf_size * 8 actually fits into an int.
(Are sizes > 256MiB actually possible for mpeg1/2? I doubt it.)
- Andreas
More information about the ffmpeg-devel
mailing list