[FFmpeg-devel,3/6] h264_mp4toannexb_bsf: Add a comment about possible overread

Submitted by Andreas Rheinhardt on July 24, 2019, 5:15 p.m.

Details

Message ID 20190724171557.10037-2-andreas.rheinhardt@gmail.com
State New
Headers show

Commit Message

Andreas Rheinhardt July 24, 2019, 5:15 p.m.
Before reading a 16bit size field during parsing of extradata, no check
is performed to make sure that said length field is actually contained
in the extradata. Given that this overread is not dangerous (the extradata
is supposed to be padded), only a comment for it has been added; the error
itself will be detected as part of the normal check for overreads.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
 libavcodec/h264_mp4toannexb_bsf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/libavcodec/h264_mp4toannexb_bsf.c b/libavcodec/h264_mp4toannexb_bsf.c
index 374c2d59fb..aa5ca8d102 100644
--- a/libavcodec/h264_mp4toannexb_bsf.c
+++ b/libavcodec/h264_mp4toannexb_bsf.c
@@ -91,7 +91,7 @@  static int h264_extradata_to_annexb(AVBSFContext *ctx, const int padding)
     while (unit_nb--) {
         int err;
 
-        unit_size   = AV_RB16(extradata);
+        unit_size   = AV_RB16(extradata); /* possible overread ok due to padding */
         extradata  += 2;
         total_size += unit_size + 4;
         av_assert1(total_size <= INT_MAX - padding);