[FFmpeg-devel] Security issues?

Reimar Döffinger Reimar.Doeffinger
Wed Sep 23 15:15:06 CEST 2009


On Wed, Sep 23, 2009 at 02:57:31PM +0200, Michael Niedermayer wrote:
> > Index: libavcodec/vorbis_dec.c
> > ===================================================================
> > --- libavcodec/vorbis_dec.c     (revision 19987)
> > +++ libavcodec/vorbis_dec.c     (working copy)
> > @@ -162,6 +162,13 @@
> >  #define BARK(x) \
> >      (13.1f*atan(0.00074f*(x))+2.24f*atan(1.85e-8f*(x)*(x))+1e-4f*(x))
> >  
> > +
> > +#define VALIDATE_INDEX(ctx, idx, limit, onerror) \
> 
> > +    if (idx >= limit) {\
> 
> the check should be an argument to the macro
> 
> 
> > +        av_log(ctx, AV_LOG_ERROR, "Index value %d out of range (0 - %d) for "#idx "\n", idx, limit);\

Uh, and what should be the message then? If you change the check, this
message no longer makes sense, I am actually even considering the
onerror possibly too flexible.
I think it might actually be nicer to structure it along the lines of
FF_ALLOC_OR_GOTO...



More information about the ffmpeg-devel mailing list