[FFmpeg-cvslog] r22288 - trunk/libavcodec/avcodec.h

[Michael Niedermayer]

On Tue, Mar 09, 2010 at 12:51:35PM +0000, M?ns Rullg?rd wrote:
> Michael Niedermayer <michaelni at gmx.at> writes:
> 
> > On Sun, Mar 07, 2010 at 10:16:44PM +0100, alexc wrote:
> >> Author: alexc
> >> Date: Sun Mar  7 22:16:44 2010
> >> New Revision: 22288
> >> 
> >> Log:
> >> Increase FF_INPUT_BUFFER_PADDING_SIZE to 64.
> >> 
> >> The purpose of this is to give decoders a reasonable amount of buffer to work
> >> with before needing to check for overreads.
> >
> > breaks ABI, and is wrong, as the padding needed by some codecs for fast
> > overread detection is too much for small frame codecs like *celp ...
> >
> > IMHO
> > 1. revert this
> > 2. replace all memset(FF_INPUT_BUFFER_PADDING_SIZE) by AV_ZERO32()
> > 3. add a field to AVCodec that specifies the required padding for each decoder
> > 4. replace all alloc(FF_INPUT_BUFFER_PADDING_SIZE) by that field from 3.
> 
> Since this is a real problem with potential security implications, can
> we please go ahead and do this soon, major version bump be damned?  We
> already have quite a number of changes queued up for the next bump,
> and doing it before the 0.6 release seems like a good idea.

we dont need a major bump for this
1. is done
2&3 are safe on their own
and 4.could use
#if LAVF_VERSION < X
if(avcodec_version() < Y)
    use FF_INPUT_BUFFER_PADDING_SIZE
else
#endif
    use avcodec->input_padding_size

anyway, iam way to busy to work on this ATM

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Let us carefully observe those good qualities wherein our enemies excel us
and endeavor to excel them, by avoiding what is faulty, and imitating what
is excellent in them. -- Plutarch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/attachments/20100309/8a6effed/attachment.pgp>