[FFmpeg-devel] [PATCH] indeo3: add out-of-buffer write check

Maxim max_pole at gmx.de
Wed May 18 12:58:43 CEST 2011


Michael Niedermayer schrieb:
> On Wed, May 18, 2011 at 12:29:20PM +0200, Maxim wrote:
>   
>> Stefano Sabatini schrieb:
>>     
>>> ...
>>>
>>> In practice cur_lp is always a pointer to uint32_t, so is is always
>>> incremented by 4 units. A better solution would involve to fix the
>>> code logic, but that would require a better understanding of the
>>> codec.
>>>   
>>>       
>> Just a notice: last year I submitted a replacement for that decoder. My
>> code was far from the shape of inclusion und therefore didn't pass the
>> review process immediately. The main advantages of the new code are very
>> small size of lookup tables, good readability and better error/invalid
>> data handling.
>>
>> I'm still working on improving my code. I just want to say that this
>> work is as far as complete, it needs some cosmetic cleanups and maybe
>> some refractions because it was written in a hurry.
>>
>> Therefore, I suggest to switch to the new code, improve it and drop the
>> old one instead of wasting time fixing that obfuscated and potentially
>> broken source. I'm sure you'll spend less time and will gain
>> significantly better results...
>>     
>
> Where can i find the latest version of that patch?
>   

I'll post the new version either later today or tomorrow...


More information about the ffmpeg-devel mailing list