Message ID | PAXP193MB1262D52E9DD3F95090EA119AB6CB9@PAXP193MB1262.EURP193.PROD.OUTLOOK.COM |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,v1,1/1] avcodec/vble: Return value check for init_get_bits | expand |
Context | Check | Description |
---|---|---|
andriy/make_x86 | success | Make finished |
andriy/make_fate_x86 | success | Make fate finished |
andriy/make_ppc | success | Make finished |
andriy/make_fate_ppc | success | Make fate finished |
Not needed, check is few lines above.
There are some other checks in init_get_bits function that make the function return AVERROR_INVALIDDATA. So it is essential to check the return value. Line 629 in libavcodec/get_bits.h function init_get_bits_xe: if (bit_size >= INT_MAX - FFMAX(7, AV_INPUT_BUFFER_PADDING_SIZE*8) || bit_size < 0 || !buffer) { bit_size = 0; buffer = NULL; ret = AVERROR_INVALIDDATA; }
Then remove old incomplete checks.
diff --git a/libavcodec/vble.c b/libavcodec/vble.c index f1400959e0..041a203fe9 100644 --- a/libavcodec/vble.c +++ b/libavcodec/vble.c @@ -146,7 +146,9 @@ static int vble_decode_frame(AVCodecContext *avctx, void *data, int *got_frame, if (version != 1) av_log(avctx, AV_LOG_WARNING, "Unsupported VBLE Version: %d\n", version); - init_get_bits(&gb, src + 4, (avpkt->size - 4) * 8); + ret = init_get_bits8(&gb, src + 4, avpkt->size - 4); + if (ret < 0) + return ret; /* Unpack */ if (vble_unpack(ctx, &gb) < 0) {