[FFmpeg-soc] [soc]: r2578 - mlp/mlpdec.c
Ramiro Polla
ramiro at lisha.ufsc.br
Thu Jun 26 20:26:20 CEST 2008
Hello,
ramiro wrote:
> Author: ramiro
> Date: Thu Jun 26 19:33:28 2008
> New Revision: 2578
>
> Log:
> More checks to see if there is enough data.
>
> Modified:
> mlp/mlpdec.c
>
> Modified: mlp/mlpdec.c
> ==============================================================================
> --- mlp/mlpdec.c (original)
> +++ mlp/mlpdec.c Thu Jun 26 19:33:28 2008
> @@ -1009,6 +1009,9 @@ static int read_access_unit(AVCodecConte
> for (substr = 0; substr < m->num_substreams; substr++) {
> int extraword_present, checkdata_present, end;
>
> + if (bytes_left < 2)
> + return -1;
> +
> extraword_present = get_bits1(&gb);
> skip_bits1(&gb);
> checkdata_present = get_bits1(&gb);
> @@ -1022,6 +1025,8 @@ static int read_access_unit(AVCodecConte
> bytes_left -= 2;
>
> if (extraword_present) {
> + if (bytes_left < 2)
> + return -1;
> skip_bits(&gb, 16);
> parity_bits ^= *buf++;
> parity_bits ^= *buf++;
This seems like a long and painful road... While we're still reading
headers with easily calculated size, this isn't too hard, and there
won't be much overhead in the checks. But on more complicated headers
and specially the VLC values it's not easy to see if we still have
enough data.
Lots of other codecs I've looked at seem to just trust init_get_bits()
with the remaining bytes.
What's the best practice here? Should the header checksum && coded
lengths be enough to validate the input size?
Ramiro Polla
More information about the FFmpeg-soc
mailing list