diff mbox

[FFmpeg-devel,04/10] avcodec/cbs_av1: Make overread check more robust

Message ID 20190918032607.11774-4-andreas.rheinhardt@gmail.com
State Accepted
Commit 1929dd4eff93e81bab8637f298754294448e624e
Headers show

Commit Message

Andreas Rheinhardt Sept. 18, 2019, 3:26 a.m. UTC
When performing a comparison of a signed int and an unsigned int, the
signed int is first converted to an unsigned int, so that negative
values are being treated as big, positive values. This can become a
problem in an overread check, namely when an overread already happened.
So change the type of the variable containing the amount of bits that
need to be left to signed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
I am not aware of any situation where cbs overreads, but robustness is
nevertheless valueable.

 libavcodec/cbs_av1.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff mbox


diff --git a/libavcodec/cbs_av1.c b/libavcodec/cbs_av1.c
index 0ff6d60ae2..84998e1e8c 100644
--- a/libavcodec/cbs_av1.c
+++ b/libavcodec/cbs_av1.c
@@ -211,8 +211,8 @@  static int cbs_av1_read_ns(CodedBitstreamContext *ctx, GetBitContext *gbc,
                            uint32_t n, const char *name,
                            const int *subscripts, uint32_t *write_to)
-    uint32_t w, m, v, extra_bit, value;
-    int position;
+    uint32_t m, v, extra_bit, value;
+    int position, w;
     av_assert0(n > 0);