diff mbox series

[FFmpeg-devel] libavcodec/mpeg12dec.c: Switch to init_get_bits8 and checks return value

Message ID 20210720223926.3414168-1-tfoucu@gmail.com
State New
Headers show
Series [FFmpeg-devel] libavcodec/mpeg12dec.c: Switch to init_get_bits8 and checks return value
Related show

Checks

Context Check Description
andriy/x86_make success Make finished
andriy/x86_make_fate success Make fate finished
andriy/PPC64_make success Make finished
andriy/PPC64_make_fate success Make fate finished

Commit Message

Thierry Foucu July 20, 2021, 10:39 p.m. UTC
---
 libavcodec/mpeg12dec.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Andreas Rheinhardt July 22, 2021, 1:05 a.m. UTC | #1
Thierry Foucu:
> ---
>  libavcodec/mpeg12dec.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c
> index b27ed5bd6d..a786e48054 100644
> --- a/libavcodec/mpeg12dec.c
> +++ b/libavcodec/mpeg12dec.c
> @@ -1341,8 +1341,11 @@ static int mpeg1_decode_picture(AVCodecContext *avctx, const uint8_t *buf,
>      Mpeg1Context *s1  = avctx->priv_data;
>      MpegEncContext *s = &s1->mpeg_enc_ctx;
>      int ref, f_code, vbv_delay;
> +    int ret = 0;
>  
> -    init_get_bits(&s->gb, buf, buf_size * 8);
> +    ret = init_get_bits8(&s->gb, buf, buf_size * 8);
> +    if (ret < 0)
> +        return ret;
>  
>      ref = get_bits(&s->gb, 10); /* temporal ref */
>      s->pict_type = get_bits(&s->gb, 3);
> 
You misunderstood init_get_bits8(): Its size parameter is in bytes, not
bits. And the above approach would not help at all if buf_size * 8 would
overflow.

- Andreas
Thierry Foucu July 22, 2021, 6:07 p.m. UTC | #2
On Wed, Jul 21, 2021 at 6:19 PM Andreas Rheinhardt <
andreas.rheinhardt@outlook.com> wrote:

> Thierry Foucu:
> > ---
> >  libavcodec/mpeg12dec.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c
> > index b27ed5bd6d..a786e48054 100644
> > --- a/libavcodec/mpeg12dec.c
> > +++ b/libavcodec/mpeg12dec.c
> > @@ -1341,8 +1341,11 @@ static int mpeg1_decode_picture(AVCodecContext
> *avctx, const uint8_t *buf,
> >      Mpeg1Context *s1  = avctx->priv_data;
> >      MpegEncContext *s = &s1->mpeg_enc_ctx;
> >      int ref, f_code, vbv_delay;
> > +    int ret = 0;
> >
> > -    init_get_bits(&s->gb, buf, buf_size * 8);
> > +    ret = init_get_bits8(&s->gb, buf, buf_size * 8);
> > +    if (ret < 0)
> > +        return ret;
> >
> >      ref = get_bits(&s->gb, 10); /* temporal ref */
> >      s->pict_type = get_bits(&s->gb, 3);
> >
> You misunderstood init_get_bits8(): Its size parameter is in bytes, not
> bits. And the above approach would not help at all if buf_size * 8 would
> overflow.
>

Sorry, my bad, I did not review the API documentation on the new function.
Will be sending an update


>
> - Andreas
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
diff mbox series

Patch

diff --git a/libavcodec/mpeg12dec.c b/libavcodec/mpeg12dec.c
index b27ed5bd6d..a786e48054 100644
--- a/libavcodec/mpeg12dec.c
+++ b/libavcodec/mpeg12dec.c
@@ -1341,8 +1341,11 @@  static int mpeg1_decode_picture(AVCodecContext *avctx, const uint8_t *buf,
     Mpeg1Context *s1  = avctx->priv_data;
     MpegEncContext *s = &s1->mpeg_enc_ctx;
     int ref, f_code, vbv_delay;
+    int ret = 0;
 
-    init_get_bits(&s->gb, buf, buf_size * 8);
+    ret = init_get_bits8(&s->gb, buf, buf_size * 8);
+    if (ret < 0)
+        return ret;
 
     ref = get_bits(&s->gb, 10); /* temporal ref */
     s->pict_type = get_bits(&s->gb, 3);