[FFmpeg-devel] [PATCH] on2avc: limit number of bits to 30 in get_egolomb

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Fri Dec 18 15:32:06 CET 2015 

On 18.12.2015 01:44, Michael Niedermayer wrote:
> On Thu, Dec 17, 2015 at 11:30:01PM +0100, Andreas Cadhalpun wrote:
>> On 17.12.2015 13:28, Michael Niedermayer wrote:
>>> On Wed, Dec 16, 2015 at 08:20:18PM +0100, Andreas Cadhalpun wrote:
>>>> More don't fit into the integer output.
>>>>
>>>> Also use get_bits_long, since get_bits only supports reading up to 25
>>>> bits, while get_bits_long supports the full integer range.
>>>>
>>>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>>>> ---
>>>>  libavcodec/on2avc.c | 4 ++--
>>>>  1 file changed, 2 insertions(+), 2 deletions(-)
>>>>
>>>> diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
>>>> index 15f4dd1..10861b5 100644
>>>> --- a/libavcodec/on2avc.c
>>>> +++ b/libavcodec/on2avc.c
>>>> @@ -211,9 +211,9 @@ static inline int get_egolomb(GetBitContext *gb)
>>>>  {
>>>>      int v = 4;
>>>>  
>>>> -    while (get_bits1(gb)) v++;
>>>> +    while (get_bits1(gb) && v < 30) v++;
>>>
>>> it could make sense to print a warning or error in case its too long
>>
>> OK, updated patch attached.
>>
>> Best regards,
>> Andreas
>>
> 
>>  on2avc.c |   11 +++++++++--
>>  1 file changed, 9 insertions(+), 2 deletions(-)
>> d59b0416b141d4f10ee758b9816850e660fb968b  0001-on2avc-limit-number-of-bits-to-30-in-get_egolomb.patch
>> From 7b71f91162ee10c7e3482111a6f5b117623e01c0 Mon Sep 17 00:00:00 2001
>> From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>> Date: Wed, 16 Dec 2015 16:48:19 +0100
>> Subject: [PATCH] on2avc: limit number of bits to 30 in get_egolomb
>>
>> More don't fit into the integer output.
>>
>> Also use get_bits_long, since get_bits only supports reading up to 25
>> bits, while get_bits_long supports the full integer range.
>>
>> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
>> ---
>>  libavcodec/on2avc.c | 11 +++++++++--
>>  1 file changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/libavcodec/on2avc.c b/libavcodec/on2avc.c
>> index 15f4dd1..04c8e41 100644
>> --- a/libavcodec/on2avc.c
>> +++ b/libavcodec/on2avc.c
>> @@ -211,9 +211,16 @@ static inline int get_egolomb(GetBitContext *gb)
>>  {
>>      int v = 4;
>>  
>> -    while (get_bits1(gb)) v++;
>> +    while (get_bits1(gb)) {
>> +        v++;
>> +        if (v > 30) {
>> +            av_log(NULL, AV_LOG_WARNING, "Too large golomb code in get_egolomb.\n");
>> +            v = 30;
>> +            break;
>> +        }
>> +    }
>>  
>> -    return (1 << v) + get_bits(gb, v);
>> +    return (1 << v) + get_bits_long(gb, v);
> 
> should be fine until someone finds a tighter bound of what is allowed

Pushed.

Best regards,
Andreas

More information about the ffmpeg-devel mailing list