[FFmpeg-devel] [PATCH] interplayacm: increase bitstream buffer size by AV_INPUT_BUFFER_PADDING_SIZE

Paul B Mahol onemda at gmail.com
Sun Oct 30 23:18:31 EET 2016


On 10/30/16, Andreas Cadhalpun <andreas.cadhalpun at googlemail.com> wrote:
> This fixes out-of-bounds reads by the bitstream reader.
>
> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> ---
>  libavcodec/interplayacm.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavcodec/interplayacm.c b/libavcodec/interplayacm.c
> index 0486e00..f4a3446 100644
> --- a/libavcodec/interplayacm.c
> +++ b/libavcodec/interplayacm.c
> @@ -72,7 +72,7 @@ static av_cold int decode_init(AVCodecContext *avctx)
>      s->block   = av_calloc(s->block_len, sizeof(int));
>      s->wrapbuf = av_calloc(s->wrapbuf_len, sizeof(int));
>      s->ampbuf  = av_calloc(0x10000, sizeof(int));
> -    s->bitstream = av_calloc(s->max_framesize, sizeof(*s->bitstream));
> +    s->bitstream = av_calloc(s->max_framesize +
> AV_INPUT_BUFFER_PADDING_SIZE / sizeof(*s->bitstream) + 1,

How did you came up with this fix?
Little background would help.

> sizeof(*s->bitstream));
>      if (!s->block || !s->wrapbuf || !s->ampbuf || !s->bitstream)
>          return AVERROR(ENOMEM);
>
> --
> 2.10.1
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>


More information about the ffmpeg-devel mailing list