From patchwork Sat Apr 11 06:40:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gautam Ramakrishnan X-Patchwork-Id: 18832 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id 08D4844BB90 for ; Sat, 11 Apr 2020 09:40:24 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D946668B683; Sat, 11 Apr 2020 09:40:23 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-pj1-f65.google.com (mail-pj1-f65.google.com [209.85.216.65]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E2D8268B58C for ; Sat, 11 Apr 2020 09:40:16 +0300 (EEST) Received: by mail-pj1-f65.google.com with SMTP id z9so1546466pjd.2 for ; Fri, 10 Apr 2020 23:40:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=iEugRLzpVo0V9wPwoPK06RL2+qEbRm2NF9FUwQxAtwY=; b=hBiMJFp87/6J2CIBq5Q5W/+kA3XK3ewdx5av0c43BeD4l1tJXcy8djHDRETraM0orY TksWfUX+RfMTp0w+BQC2Djb45Yzt5olMly+cxVl9GL6URmPXgIiUh/NlliRbWM/77awn d8avDKzqrLDCbdZGuawxym+2cLBfHQgVpW7Lvf6xpWiNNCl5FzPavQve5RFA1evu38Jc y7S5ctH0EdfkVnKlR5h+SomH6AP2QHbhVJtNvgbAwnGzT6tyqWF49QLasoAAoaqOqUH/ pMfym5sn9gvQSqzTfZNM7/oSfcZl/dO8jPgbN/54KQhjDBrJw5SZ/zForxqv9hlyyQ6u eC8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=iEugRLzpVo0V9wPwoPK06RL2+qEbRm2NF9FUwQxAtwY=; b=VR9dz4T875HfV929RXErFOywBlriWkIVo8sTruc4I8mSu5T4u3Og4237RHNQEkyQ7C SRuRhmttFu4TC95FbvSh3v7xqPsAqdNZ5dgtUMobPQrlF2+KiCu3AVe09ycpwwFuEpCm 8KSo4yHIj0eF1lp2P5EF8+ztbbwYs5yKVgAQXS7d31AU3Vyv0G0QVE5cdHMAcsCdig3m OrLv4APCdliyUJ9DXOIuuI6uXajkmU2Rumlq1T2a+6XGkt+gRCuxdJc99jbDa2NuJTOs D4uKNLKJoLuMQh+0b0H3VD2CSGjcXlHpfL32iJRFY8lQGbLpEo6Cpg9kYYKi1C4GSTZ7 j/hA== X-Gm-Message-State: AGi0PuYm8ekCe3ZmTYjGAog0e5OGNXSk3G8/Cf8vuMXxCq574vE1dlkn VMSkfYlB6oM650bm6iYbLfpPjy2PFgI= X-Google-Smtp-Source: APiQypKvCFXz8+GgrEZlSU3oeyKpNvGfvkI1mEiGG5QcCqNcz/FJSrdOqHM+whGqfE3xtS/SaX+yWw== X-Received: by 2002:a17:90a:25c3:: with SMTP id k61mr3742334pje.28.1586587214856; Fri, 10 Apr 2020 23:40:14 -0700 (PDT) Received: from localhost.localdomain ([223.235.255.212]) by smtp.gmail.com with ESMTPSA id 13sm3382019pfn.131.2020.04.10.23.40.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 10 Apr 2020 23:40:14 -0700 (PDT) From: gautamramk@gmail.com To: ffmpeg-devel@ffmpeg.org Date: Sat, 11 Apr 2020 12:10:07 +0530 Message-Id: <20200411064009.5321-1-gautamramk@gmail.com> X-Mailer: git-send-email 2.17.1 Subject: [FFmpeg-devel] [PATCH 1/3] libavcodec/jpeg2000: fix cblk decode error check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Gautam Ramakrishnan MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" From: Gautam Ramakrishnan bpno becoming negative is not an error. This check has been verified with openjpeg, where the loop ends safely when bpno becomes negative, instead of returning an error. This patch must resolve ticket #5630. --- libavcodec/jpeg2000dec.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c index 9684e57b34..2f6bdeb6e0 100644 --- a/libavcodec/jpeg2000dec.c +++ b/libavcodec/jpeg2000dec.c @@ -1622,11 +1622,7 @@ static int decode_cblk(Jpeg2000DecoderContext *s, Jpeg2000CodingStyle *codsty, cblk->data[cblk->length+1] = 0xff; ff_mqc_initdec(&t1->mqc, cblk->data, 0, 1); - while (passno--) { - if (bpno < 0) { - av_log(s->avctx, AV_LOG_ERROR, "bpno became negative\n"); - return AVERROR_INVALIDDATA; - } + while (passno-- && bpno >= 0) { switch(pass_t) { case 0: decode_sigpass(t1, width, height, bpno + 1, bandpos,