[FFmpeg-devel] [PATCH 4/4] avcodec/dca: make reading past end of buffer safe

Hendrik Leppkes h.leppkes at gmail.com
Thu Mar 3 00:56:42 CET 2016

On Thu, Mar 3, 2016 at 12:37 AM, Ronald S. Bultje <rsbultje at gmail.com> wrote:
> Hi,
> On Wed, Mar 2, 2016 at 2:32 PM, foo86 <foobaz86 at gmail.com> wrote:
>> Limit the maximum length of unary part of Rice code by the number of
>> available bits instead of using an arbitrary constant that happens to be
>> just large enough to work.
>> This effectively limits amount of data that can be overread per segment
>> by maximum length of binary code per sample multiplied by maximum
>> segment size.
>> Increase size of padding area after the end of input buffer according to
>> this limit and add some extra overread checks to make reading past end
>> of buffer safe.
>> ---
>>  libavcodec/dca_xll.c | 25 +++++++++++++++----------
>>  libavcodec/dcadec.h  |  2 +-
>>  2 files changed, 16 insertions(+), 11 deletions(-)
> Completely random comment, but isn't it easier to just enable the safe
> bitstream reader?

This is actually enabled by default, so it probably should never have
overread anywhere, but if the code can be made a bit safer in itself
it probably does no harm either way.

- Hendrik

More information about the ffmpeg-devel mailing list