[FFmpeg-devel] [RFC] avcodec: Add native DCA decoder based on libdcadec.
andreas.cadhalpun at googlemail.com
Tue Jan 5 22:46:19 CET 2016
On 05.01.2016 21:38, foo86 wrote:
> On Tue, Jan 05, 2016 at 08:45:22PM +0100, Andreas Cadhalpun wrote:
>> On 03.01.2016 18:49, foo86 wrote:
>>> +// 5.3.1 - Bit stream header
>>> +static int parse_frame_header(DCA2CoreDecoder *s)
>>> + // Source PCM resolution
>>> + s->source_pcm_res = ff_dca_bits_per_sample[pcmr_index = get_bits(&s->gb, 3)];
>> This can cause an out-of-bounds read if get_bits returns 7, because ff_dca_bits_per_sample
>> only has 7 elements.
> Fixed locally, thanks.
> P.S. To avoid resending this huge patch, I've put the fixes accumulated
> so far in a private dcadec2 branch on github  (will be rebased
> frequently against FFmpeg master).
> : https://github.com/foo86/FFmpeg/tree/dcadec2
OK. This decoder seems to be quite robust in handling fuzzed samples,
so from a security point of view it should be fine to replace the
old dca decoder with this one.
Out of curiosity: Can you post a few benchmarks comparing the performance
of the old and the new decoder?
More information about the ffmpeg-devel