[FFmpeg-devel] [FFmpeg-commits] targa: fix potential buffer overreads

Ronald S. Bultje rsbultje
Mon Feb 21 19:54:42 CET 2011


Hi,

On Mon, Feb 21, 2011 at 1:33 PM, Reimar D?ffinger
<Reimar.Doeffinger at gmx.de> wrote:
> On Fri, Feb 18, 2011 at 05:16:34PM -0500, Ronald S. Bultje wrote:
>> On Fri, Feb 18, 2011 at 10:09 AM, Jean-Daniel Dupas <git at ffmpeg.org> wrote:
>> > -static void targa_decode_rle(AVCodecContext *avctx, TargaContext *s, const uint8_t *src, uint8_t *dst, int w, int h, int stride, int bpp)
>> > +#define CHECK_BUFFER_SIZE(buf, buf_end, needed, where) \
>> > + ? ?if(buf + needed > buf_end){ \
>> > + ? ? ? ?av_log(avctx, AV_LOG_ERROR, "Problem: unexpected end of data while reading " where "\n"); \
>> > + ? ? ? ?return -1; \
>> > + ? ?} \
>>
>> Didn't Reimar just say this should be needed > buf_end - buf to
>> prevent overflows? This looks wrong.
>
> This still isn't fixed.

Apologies, fixed now.

Ronald



More information about the ffmpeg-devel mailing list