From patchwork Tue Oct 17 22:11:56 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Thompson X-Patchwork-Id: 5610 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.2.161.90 with SMTP id m26csp679653jah; Tue, 17 Oct 2017 15:12:31 -0700 (PDT) X-Received: by 10.28.136.11 with SMTP id k11mr4445830wmd.133.1508278351474; Tue, 17 Oct 2017 15:12:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1508278351; cv=none; d=google.com; s=arc-20160816; b=GdhyBj84uP1qbOmw4r60xOhwANL6UVYKueeMUHcUcLzkh1bmtOkpZ3r2y4yGghpalg Wa0hsL0D4Hhd5sR9aWgN5rW84bRbaHpF4jqTPBkefh5D+VzMEhFe7jNCLXlfqMrID2li u7VU8eyM7fPhYJt2Gjs9UOO6887CGzazaOwm7C7Lod93wCl4Yfdv6c2DbLgOhHKJLOjn aS0q6sgenJ+Uj04ZqFEEQaB1MbHQaoynORjfSSiDICKhRNS8Bemz/5/RfVtUTBd0w0LV VxGq1jWYqYGqxTIhazuOm7wTP3SPZ3N6/Y5seYw4tApmaNjWI0yb7HYY7IFMV8uLJoGC dMvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=9AP1tS/wSJmNnMZydk7wpJUtZnRq66kWdVRD0xtnRQE=; b=OyEgiMSqrQIp79MdMjBQmeGv6qLp1vOOoQBzU5nmskQwL380EtfMQG1QsDIGWT6Rqi 1UcLo1UnREqdmSOvY+53n3CYMKfsYWYfeVvWywifAMEzXvyngBYWF3G+iUihT6jNr+J8 aJv7OeClX06C/+Ke8+ASgKrWy/G1VzfYdgqVw8y43M9pxpSa84/QvUzItI3eoC3a+XlR jX4lP60xVQSq1kavMy7j41E5Uv8pa5h5Oq69LFxDtI/5GdIAcx1xye0SSszrIsxd5bPG 2eV8G30o1jeVjaeEOTbePICiqu2SmbwYaDdx8jwwn0hxtsQsLdE6132dP8Xam3bRK/ge waHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@jkqxz-net.20150623.gappssmtp.com header.s=20150623 header.b=IfZXzvcz; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id n63si7882629wmd.59.2017.10.17.15.12.31; Tue, 17 Oct 2017 15:12:31 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@jkqxz-net.20150623.gappssmtp.com header.s=20150623 header.b=IfZXzvcz; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id B0923689F72; Wed, 18 Oct 2017 01:12:04 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wm0-f53.google.com (mail-wm0-f53.google.com [74.125.82.53]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9759D689820 for ; Wed, 18 Oct 2017 01:12:01 +0300 (EEST) Received: by mail-wm0-f53.google.com with SMTP id q132so6635016wmd.2 for ; Tue, 17 Oct 2017 15:12:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jkqxz-net.20150623.gappssmtp.com; s=20150623; h=from:to:subject:date:message-id:in-reply-to:references; bh=apzsucqcTiBpmplr/cn7qNCQNmAS9akl2gnYcRuuQw4=; b=IfZXzvczE/TzQsiCxasc/Xx5W+0uEa8xKq7/0lmGUAeb8gCkfwXsBHU2+pCtFqw99J PRK1hTjq3J45hwEo8Azs9Wuxghz0/S/yu+rAGRtitHeq2yO+PPbkHb59UBi1HJfOhbZf ugH64RdotUr0IHtNPw/SRQiFaU+cQzoJThdfSfRUg+iLG6TpHUJJascpOEvaE1H9gCpt 6w9UygCTGIZUkmxNVJeFquFims1rMowObE+AEXy+KXht69TgSuGel61WHgfWIP5vAZjY FMgiMOtI/HltVmEXsBzZNDSu2yWjS6wCPIXpAdiveQDb11BQ09zUPXHiNbUOHf7r+TdC cYIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=apzsucqcTiBpmplr/cn7qNCQNmAS9akl2gnYcRuuQw4=; b=Mu7bM9PgNNDENOEimJVBjfAs/56NhnC8Lef1R9tMwHItfmFJnzwUrJjdm2l0n1wWJ9 rtJLOOz1jIw01iukOnUV0xlFS1wck2k0NsUuKii0WB5Lhy/Urm6QTEO317r5loeGUE24 49eM2+N4kfwyh+8Ksy7YV7C1b9HtZGLoiBdPW8ff+Mad90oleCRu1S+gc7ZQjxwBqfKF g7oeUyBHw7cQX8c+EUCePmUPPLdobhDGk8pPLI/D8qAulGH5Ef5DOnFhiawTuCQTBwMB BzRsd4vXYwJfkc37Vodk80JAAWvOnz/pA6yZ1fVZDXQF++HjBX1h4cqhFmwS3UuGdWBq ge1g== X-Gm-Message-State: AMCzsaUB1hODo9lHsF2Xe8FQnszJmFITrdNYIr9SiwTdSaLOLWJkHx0t q0W5Wusj+hjmBQ/NQFwBSq4d/Wm6 X-Google-Smtp-Source: ABhQp+Q+NSAPjC02rvOL9veax+OSaYxaDYTYagH2kfAHI4+ln/DQhq266z0oh5U+Yl+G78XVrOrZdg== X-Received: by 10.28.56.70 with SMTP id f67mr4478684wma.62.1508278325866; Tue, 17 Oct 2017 15:12:05 -0700 (PDT) Received: from rywe.jkqxz.net (cpc91242-cmbg18-2-0-cust650.5-4.cable.virginm.net. [82.8.130.139]) by smtp.gmail.com with ESMTPSA id p77sm13063074wmd.28.2017.10.17.15.12.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 17 Oct 2017 15:12:05 -0700 (PDT) From: Mark Thompson To: ffmpeg-devel@ffmpeg.org Date: Tue, 17 Oct 2017 23:11:56 +0100 Message-Id: <20171017221159.2349-4-sw@jkqxz.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20171017221159.2349-1-sw@jkqxz.net> References: <20171017221159.2349-1-sw@jkqxz.net> Subject: [FFmpeg-devel] [PATCH 4/7] xfacedec: Fix possible overread X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Fixes #6745. --- libavcodec/xfacedec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/xfacedec.c b/libavcodec/xfacedec.c index d045cb6ef4..ab4c0823f5 100644 --- a/libavcodec/xfacedec.c +++ b/libavcodec/xfacedec.c @@ -123,7 +123,7 @@ static int xface_decode_frame(AVCodecContext *avctx, if ((ret = ff_get_buffer(avctx, frame, 0)) < 0) return ret; - for (i = 0, k = 0; avpkt->data[i] && i < avpkt->size; i++) { + for (i = 0, k = 0; i < avpkt->size && avpkt->data[i]; i++) { c = avpkt->data[i]; /* ignore invalid digits */