diff mbox series

[FFmpeg-devel] avcodec/get_bits: don't shift more bits than available in an unsigned with get_leb()

Message ID 20240130221612.970-1-jamrial@gmail.com
State New
Headers show
Series [FFmpeg-devel] avcodec/get_bits: don't shift more bits than available in an unsigned with get_leb() | expand

Checks

Context Check Description
yinshiyou/make_loongarch64 success Make finished
yinshiyou/make_fate_loongarch64 success Make fate finished
andriy/make_x86 success Make finished
andriy/make_fate_x86 success Make fate finished

Commit Message

James Almer Jan. 30, 2024, 10:16 p.m. UTC 
Signed-off-by: James Almer <jamrial@gmail.com>
---
 libavcodec/get_bits.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Andreas Rheinhardt Jan. 30, 2024, 10:19 p.m. UTC | #1 
James Almer:
> Signed-off-by: James Almer <jamrial@gmail.com>
> ---
>  libavcodec/get_bits.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libavcodec/get_bits.h b/libavcodec/get_bits.h
> index 9e19d2a439..c0cc7c0a7d 100644
> --- a/libavcodec/get_bits.h
> +++ b/libavcodec/get_bits.h
> @@ -725,7 +725,7 @@ static inline unsigned get_leb(GetBitContext *s) {
>          int byte = get_bits(s, 8);
>          unsigned bits = byte & 0x7f;
>          more = byte & 0x80;
> -        if (i <= 4)
> +        if (i <= 3 || (i == 4 && bits < (1 << 4)))
>              leb |= bits << (i * 7);
>          if (++i == 8)
>              break;

This truncates more bits than necessary, which is IMO against the
documentation of this function.

- Andreas
James Almer Jan. 30, 2024, 10:34 p.m. UTC | #2 
On 1/30/2024 7:19 PM, Andreas Rheinhardt wrote:
> James Almer:
>> Signed-off-by: James Almer <jamrial@gmail.com>
>> ---
>>   libavcodec/get_bits.h | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/libavcodec/get_bits.h b/libavcodec/get_bits.h
>> index 9e19d2a439..c0cc7c0a7d 100644
>> --- a/libavcodec/get_bits.h
>> +++ b/libavcodec/get_bits.h
>> @@ -725,7 +725,7 @@ static inline unsigned get_leb(GetBitContext *s) {
>>           int byte = get_bits(s, 8);
>>           unsigned bits = byte & 0x7f;
>>           more = byte & 0x80;
>> -        if (i <= 4)
>> +        if (i <= 3 || (i == 4 && bits < (1 << 4)))
>>               leb |= bits << (i * 7);
>>           if (++i == 8)
>>               break;
> 
> This truncates more bits than necessary, which is IMO against the
> documentation of this function.

Mmh, true. I'll just leave it as is then. So patch withdrawn.
diff mbox series

Patch

diff --git a/libavcodec/get_bits.h b/libavcodec/get_bits.h
index 9e19d2a439..c0cc7c0a7d 100644
--- a/libavcodec/get_bits.h
+++ b/libavcodec/get_bits.h
@@ -725,7 +725,7 @@  static inline unsigned get_leb(GetBitContext *s) {
         int byte = get_bits(s, 8);
         unsigned bits = byte & 0x7f;
         more = byte & 0x80;
-        if (i <= 4)
+        if (i <= 3 || (i == 4 && bits < (1 << 4)))
             leb |= bits << (i * 7);
         if (++i == 8)
             break;