[FFmpeg-devel] [PATCH] Check for buffer overflow in ADX decoder

Michael Niedermayer michaelni
Mon Sep 24 09:34:47 CEST 2007


Hi

On Mon, Sep 24, 2007 at 06:28:42AM +0300, Kostya wrote:
> On Sun, Sep 23, 2007 at 09:53:23PM +0200, Michael Niedermayer wrote:
> > Hi
> > 
> > On Sat, Sep 22, 2007 at 08:37:04AM +0300, Kostya wrote:
> > > $subj
> > 
> > > Index: libavcodec/adx.c
> > > ===================================================================
> > > --- libavcodec/adx.c	(revision 10505)
> > > +++ libavcodec/adx.c	(working copy)
> > > @@ -328,6 +328,11 @@
> > >          rest -= hdrsize;
> > >      }
> > >  
> > > +    /* 18 bytes of data are expanded into 32*2 bytes of audio,
> > > +       so guard against buffer overflows */
> > > +    if(rest/18 > *data_size/64)
> > > +        rest = (*data_size/64) * 18;
> > 
> > ok
> 
> applied
> 
> BTW, this is the last check needed for audio decoders (that I spotted).
> Is it okay to commit patch for decode_audio2() or there's more to
> be done?

ok

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Those who are too smart to engage in politics are punished by being
governed by those who are dumber. -- Plato 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070924/ac657270/attachment.pgp>



More information about the ffmpeg-devel mailing list