[FFmpeg-devel] [PATCH]lavc/pnmdec: Do not fail by default for truncated pbm files

Michael Niedermayer michael at niedermayer.cc
Tue Apr 18 20:30:08 EEST 2017


On Tue, Oct 11, 2016 at 11:16:48AM +0200, Michael Niedermayer wrote:
> On Tue, Oct 11, 2016 at 10:06:54AM +0200, Carl Eugen Hoyos wrote:
> > 2016-09-05 11:12 GMT+02:00 Carl Eugen Hoyos <ceffmpeg at gmail.com>:
> > > 2016-09-05 10:26 GMT+02:00 Paul B Mahol <onemda at gmail.com>:
> > >> On 9/5/16, Carl Eugen Hoyos <ceffmpeg at gmail.com> wrote:
> > >
> > >>> New patch attached.
> > >>
> > >> It seems this patch disables check for all cases when experimental is enabled,
> > >> but check for overflow in only one case.
> > >
> > > I am not sure I understand:
> > > Do you mean I missed a case where an overflow is now (after the patch)
> > > possible (but wasn't before) or do you mean there are formats after the
> > > patch that allow truncation and formats that do not allow it?
> > 
> > Ping.
> 
> i didnt look at the code but from the diff it seems what was
> meant was that bytestream + n could point outside the array
> that is indeed (suprising to many) undefined, you dont need to do
> bytestream[n]

i just stumbled across this again

the correct way to check for the end (overflow wise) is

if (n > s->bytestream_end - s->bytestream)
    ...

also ptr[] should be memset (probably to 0) when there is no more
input

[...]


-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Dictatorship: All citizens are under surveillance, all their steps and
actions recorded, for the politicians to enforce control.
Democracy: All politicians are under surveillance, all their steps and
actions recorded, for the citizens to enforce control.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170418/ff9eb107/attachment.sig>


More information about the ffmpeg-devel mailing list