[FFmpeg-devel] [PATCH] pnmdec: add support for mono images with non-space-separated pixel digits

Stefano Sabatini stefano.sabatini-lala at poste.it
Sun May 8 20:11:19 CEST 2011


On date Sunday 2011-05-08 01:32:52 +0200, Michael Niedermayer encoded:
> On Sun, May 08, 2011 at 01:04:10AM +0200, Stefano Sabatini wrote:
[...]
> > Subject: [PATCH] pnmdec: prevent out-of-buffer reads in pnm_decode_frame()
> > 
> > ---
> >  libavcodec/pnmdec.c |    2 +-
> >  1 files changed, 1 insertions(+), 1 deletions(-)
> > 
> > diff --git a/libavcodec/pnmdec.c b/libavcodec/pnmdec.c
> > index 6237e9a..147004b 100644
> > --- a/libavcodec/pnmdec.c
> > +++ b/libavcodec/pnmdec.c
> > @@ -107,7 +107,7 @@ static int pnm_decode_frame(AVCodecContext *avctx, void *data,
> >                      do{
> >                          v= 10*v + c;
> >                          c= (*s->bytestream++) - '0';
> > -                    }while(c <= 9);
> > +                    } while (c <= 9 && s->bytestream < s->bytestream_end);
> >                      put_bits(&pb, sample_len, (((1<<sample_len)-1)*v + (s->maxval>>1))/s->maxval);
> 
> the buffer should be 0 padded so this should not be needed

I confirm (av_new_packet() pads the buffer), so patch dropped.

> 
> 
> >                  }
> >                  flush_put_bits(&pb);
> > -- 
> > 1.7.2.3
> > 
> 
> >  pnmdec.c |    9 ++++++++-
> >  1 file changed, 8 insertions(+), 1 deletion(-)
> > e9919269aa8a2bc136472dc2f038b895efe15295  0002-pnmdec-add-support-for-mono-images-with-non-space-se.patch
> > From c3ff906eb20dc8ebe5f1d07e60c3fb5d8e5d325e Mon Sep 17 00:00:00 2001
> > From: Stefano Sabatini <stefano.sabatini-lala at poste.it>
> > Date: Sun, 8 May 2011 00:47:14 +0200
> > Subject: [PATCH] pnmdec: add support for mono images with non-space-separated pixel digits
> > 
> > When the file to decode contains a sequence of binary values like
> > "1101110...", decode_frame() was reading the sequence of digits like a
> > unique integer value, which was resulting in integer overflows.
> > 
> > The change add support for parsing non-space-separated pixel digits
> > for mono formats, in particular fix decoding of file battrace.pbm, and
> > fix trac issue #154.
> > ---
> >  libavcodec/pnmdec.c |    9 ++++++++-
> >  1 files changed, 8 insertions(+), 1 deletions(-)
> 
> LGTM, thx

Applied and issue closed.
-- 
FFmpeg = Fierce and Fascinating Multipurpose Plastic Ephemeral Gadget


More information about the ffmpeg-devel mailing list