[FFmpeg-devel] [PATCH 1/2] avcodec/flac_parser: Assert that we do not overrun the link_penalty array
Rémi Denis-Courmont
remi at remlab.net
Mon May 13 09:07:50 EEST 2024
Le 5 mai 2024 02:51:59 GMT+03:00, Michael Niedermayer <michael at niedermayer.cc> a écrit :
>Fixes: CID1454676 Out-of-bounds read
It's a stretch to call this "fixing". It just asserts that the situation doesn't happen, in other words, that it is a false positive from the static analyser.
The code change looks OK, but the commit description seems misleading.
>
>Sponsored-by: Sovereign Tech Fund
>Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>---
> libavcodec/flac_parser.c | 2 ++
> 1 file changed, 2 insertions(+)
>
>diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c
>index 47904d515a6..d9c47801f83 100644
>--- a/libavcodec/flac_parser.c
>+++ b/libavcodec/flac_parser.c
>@@ -518,6 +518,8 @@ static int check_header_mismatch(FLACParseContext *fpc,
> for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++)
> curr = curr->next;
>
>+ av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS);
>+
> if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY ||
> header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) {
> FLACHeaderMarker *start, *end;
More information about the ffmpeg-devel
mailing list