[FFmpeg-devel] [PATCH 0/2] Origin Wing Commander IV video decoder
Reimar Döffinger
Reimar.Doeffinger
Sun Feb 6 11:56:44 CET 2011
On Sat, Feb 05, 2011 at 11:03:38PM -0500, Ronald S. Bultje wrote:
> Hi,
>
> On Fri, Feb 4, 2011 at 5:47 PM, Kostya <kostya.shishkov at gmail.com> wrote:
> > +static int xan_decode_chroma(AVCodecContext *avctx, AVPacket *avpkt)
> [..]
> > + src = avpkt->data + 4 + chroma_off;
> > + table = src + 2;
> > + mode = bytestream_get_le16(&src);
> > + offset = bytestream_get_le16(&src) * 2;
> > +
> > + if (src + offset >= avpkt->data + avpkt->size) {
>
> This can still overflow, instead use src - avpkt->data >= avpkt->size
> - offset. Rest looks OK.
That still does not follow the rule "keep the value to validate on its own".
Due to only 16 bit not really an issue here, but still bad style IMO.
offset >= avpkt->size - (src - avpkt->data)
is also more readable IMO.
More information about the ffmpeg-devel
mailing list