[FFmpeg-devel] [PATCH] avcodec/bonk: check level value to not reach invalid values

Michael Niedermayer michael at niedermayer.cc
Tue Nov 22 21:22:02 EET 2022 

On Tue, Nov 22, 2022 at 11:26:48AM +0100, Paul B Mahol wrote:
> Patch attached.

>  bonk.c |    8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 84abac919e9c120e48bb1a3f84be0697f620b66a  0001-avcodec-bonk-check-level-value-to-not-reach-invalid-.patch
> From 1b9204a39ea111f4fa34fe9cb4254dea2f20923d Mon Sep 17 00:00:00 2001
> From: Paul B Mahol <onemda at gmail.com>
> Date: Tue, 22 Nov 2022 11:27:39 +0100
> Subject: [PATCH] avcodec/bonk: check level value to not reach invalid values
> 
> Signed-off-by: Paul B Mahol <onemda at gmail.com>
> ---
>  libavcodec/bonk.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
[...]

> @@ -330,7 +333,7 @@ static int bonk_decode(AVCodecContext *avctx, AVFrame *frame,
>  
>      skip_bits(gb, s->skip);
>      if ((ret = intlist_read(s, s->k, s->n_taps, 0)) < 0)
> -        return ret;
> +        goto fail;
>  
>      for (int i = 0; i < s->n_taps; i++)
>          s->k[i] *= s->quant[i];
> @@ -345,7 +348,7 @@ static int bonk_decode(AVCodecContext *avctx, AVFrame *frame,
>  
>          predictor_init_state(s->k, state, s->n_taps);
>          if ((ret = intlist_read(s, s->input_samples, samples_per_packet, 1)) < 0)
> -            return ret;
> +            goto fail;
>  
>          for (int i = 0; i < samples_per_packet; i++) {
>              for (int j = 0; j < s->down_sampling - 1; j++) {
> @@ -390,6 +393,7 @@ static int bonk_decode(AVCodecContext *avctx, AVFrame *frame,
>      n = get_bits_count(gb) / 8;
>  
>      if (n > buf_size) {
> +fail:
>          s->bitstream_size = 0;
>          s->bitstream_index = 0;
>          return AVERROR_INVALIDDATA;
> -- 

LGTM

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

When the tyrant has disposed of foreign enemies by conquest or treaty, and
there is nothing more to fear from them, then he is always stirring up
some war or other, in order that the people may require a leader. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20221122/9ff51681/attachment.sig>

More information about the ffmpeg-devel mailing list