diff mbox

[FFmpeg-devel,2/2] avcodec/cfhd: Use bytestream2 for peaks

Message ID 20180713231425.19462-2-michael@niedermayer.cc
State Accepted
Commit 4a657acaefd599f3971e88419516a7f4ece00e53
Headers show

Commit Message

Michael Niedermayer July 13, 2018, 11:14 p.m. UTC 
This fixes out of array accesses
No testcase known

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/cfhd.c | 10 +++++-----
 libavcodec/cfhd.h |  3 ++-
 2 files changed, 7 insertions(+), 6 deletions(-)

Comments

Kieran Kunhya July 15, 2018, 7:51 p.m. UTC | #1 
On Sat, 14 Jul 2018 at 00:14 Michael Niedermayer <michael@niedermayer.cc>
wrote:

> This fixes out of array accesses
> No testcase known
>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
>

Looks ok if Gagandeep is ok

Kieran
Michael Niedermayer July 18, 2018, 11:47 a.m. UTC | #2 
On Sun, Jul 15, 2018 at 08:51:36PM +0100, Kieran Kunhya wrote:
> On Sat, 14 Jul 2018 at 00:14 Michael Niedermayer <michael@niedermayer.cc>
> wrote:
> 
> > This fixes out of array accesses
> > No testcase known
> >
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> >
> 
> Looks ok if Gagandeep is ok

noone seems to have objected so far so ill apply this soon

thanks

[...]
diff mbox

Patch

diff --git a/libavcodec/cfhd.c b/libavcodec/cfhd.c
index ef5ebe42c5..76838f0869 100644
--- a/libavcodec/cfhd.c
+++ b/libavcodec/cfhd.c
@@ -79,7 +79,7 @@  static void init_peak_table_defaults(CFHDContext *s)
 {
     s->peak.level  = 0;
     s->peak.offset = 0;
-    s->peak.base   = NULL;
+    memset(&s->peak.base, 0, sizeof(s->peak.base));
 }
 
 static void init_frame_defaults(CFHDContext *s)
@@ -133,7 +133,7 @@  static inline void peak_table(int16_t *band, Peak *peak, int length)
     int i;
     for (i = 0; i < length; i++)
         if (abs(band[i]) > peak->level)
-            band[i] = *(peak->base++);
+            band[i] = bytestream2_get_le16(&peak->base);
 }
 
 static inline void process_alpha(int16_t *alpha, int width)
@@ -537,16 +537,16 @@  static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
         } else if (tag == -75) {
             s->peak.offset &= ~0xffff;
             s->peak.offset |= (data & 0xffff);
-            s->peak.base    = (int16_t *) gb.buffer;
+            s->peak.base    = gb;
             s->peak.level   = 0;
         } else if (tag == -76) {
             s->peak.offset &= 0xffff;
             s->peak.offset |= (data & 0xffffU)<<16;
-            s->peak.base    = (int16_t *) gb.buffer;
+            s->peak.base    = gb;
             s->peak.level   = 0;
         } else if (tag == -74 && s->peak.offset) {
             s->peak.level = data;
-            s->peak.base += s->peak.offset / 2 - 2;
+            bytestream2_seek(&s->peak.base, s->peak.offset - 4, SEEK_CUR);
         } else
             av_log(avctx, AV_LOG_DEBUG,  "Unknown tag %i data %x\n", tag, data);
 
diff --git a/libavcodec/cfhd.h b/libavcodec/cfhd.h
index 7cd251fca7..4f2c82d8bc 100644
--- a/libavcodec/cfhd.h
+++ b/libavcodec/cfhd.h
@@ -26,6 +26,7 @@ 
 #include "libavutil/avassert.h"
 
 #include "avcodec.h"
+#include "bytestream.h"
 #include "get_bits.h"
 #include "vlc.h"
 
@@ -71,7 +72,7 @@  typedef struct Plane {
 typedef struct Peak {
     int level;
     int offset;
-    const int16_t *base;
+    GetByteContext base;
 } Peak;
 
 typedef struct CFHDContext {