| Message ID | tencent_F0EB67D7EA97D3041C744B9F662A909AE606@qq.com |
|---|---|
| State | Accepted |
| Commit | bdb4b64f16b75c4d4cd88c0755aa6111cadaa602 |
| Headers | show |
| Series | [FFmpeg-devel,1/4] avcodec/hevc_parse: restrict configurationVersion to 0 and 1 | expand |
| Context | Check | Description |
|---|---|---|
| yinshiyou/make_loongarch64 | success | Make finished |
| yinshiyou/make_fate_loongarch64 | success | Make fate finished |
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | success | Make fate finished |
On Tue, Jun 13, 2023 at 3:37 PM Zhao Zhili <quinkblack@foxmail.com> wrote: > From: Zhao Zhili <zhilizhao@tencent.com> > > The code after the check skip 21 bytes and then read two bytes. > > Signed-off-by: Zhao Zhili <zhilizhao@tencent.com> > --- > libavcodec/hevc_parse.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/libavcodec/hevc_parse.c b/libavcodec/hevc_parse.c > index 1f3beed183..7bc28fd081 100644 > --- a/libavcodec/hevc_parse.c > +++ b/libavcodec/hevc_parse.c > @@ -88,8 +88,10 @@ int ff_hevc_decode_extradata(const uint8_t *data, int > size, HEVCParamSets *ps, > > /* data[0] == 1 is configurationVersion from 14496-15. > * data[0] == 0 is for backward compatibility predates the standard. > + * > + * Minimum number of bytes of hvcC with 0 numOfArrays is 23. > */ > - if (size > 3 && ((data[0] == 1) || (data[0] == 0 && (data[1] || > data[2] > 1)))) { > + if (size >= 23 && ((data[0] == 1) || (data[0] == 0 && (data[1] || > data[2] > 1)))) { > I think it's better to move the size checking before 21 byte are skipped, or it'll go to the else logic which is different. /* It seems the extradata is encoded as hvcC format. */ > int i, j, num_arrays, nal_len_size; > > -- > 2.25.1 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". >
> -----Original Message----- > From: ffmpeg-devel <ffmpeg-devel-bounces@ffmpeg.org> On Behalf Of Lance Wang > Sent: 2023年6月13日 22:10 > To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> > Subject: Re: [FFmpeg-devel] [PATCH 2/4] avcodec/hevc_parse: check the size of hvcC is at least 23 > > On Tue, Jun 13, 2023 at 3:37 PM Zhao Zhili <quinkblack@foxmail.com> wrote: > > > From: Zhao Zhili <zhilizhao@tencent.com> > > > > The code after the check skip 21 bytes and then read two bytes. > > > > Signed-off-by: Zhao Zhili <zhilizhao@tencent.com> > > --- > > libavcodec/hevc_parse.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/libavcodec/hevc_parse.c b/libavcodec/hevc_parse.c > > index 1f3beed183..7bc28fd081 100644 > > --- a/libavcodec/hevc_parse.c > > +++ b/libavcodec/hevc_parse.c > > @@ -88,8 +88,10 @@ int ff_hevc_decode_extradata(const uint8_t *data, int > > size, HEVCParamSets *ps, > > > > /* data[0] == 1 is configurationVersion from 14496-15. > > * data[0] == 0 is for backward compatibility predates the standard. > > + * > > + * Minimum number of bytes of hvcC with 0 numOfArrays is 23. > > */ > > - if (size > 3 && ((data[0] == 1) || (data[0] == 0 && (data[1] || > > data[2] > 1)))) { > > + if (size >= 23 && ((data[0] == 1) || (data[0] == 0 && (data[1] || > > data[2] > 1)))) { > > > > I think it's better to move the size checking before 21 byte are skipped, > or it'll go to the else logic which > is different. It's not avcC if size is less than 23, go to the else branch is the intended behavior. > > /* It seems the extradata is encoded as hvcC format. */ > > int i, j, num_arrays, nal_len_size; > > > > -- > > 2.25.1 > > > > _______________________________________________ > > ffmpeg-devel mailing list > > ffmpeg-devel@ffmpeg.org > > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > > > To unsubscribe, visit link above, or email > > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". > > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
diff --git a/libavcodec/hevc_parse.c b/libavcodec/hevc_parse.c index 1f3beed183..7bc28fd081 100644 --- a/libavcodec/hevc_parse.c +++ b/libavcodec/hevc_parse.c @@ -88,8 +88,10 @@ int ff_hevc_decode_extradata(const uint8_t *data, int size, HEVCParamSets *ps, /* data[0] == 1 is configurationVersion from 14496-15. * data[0] == 0 is for backward compatibility predates the standard. + * + * Minimum number of bytes of hvcC with 0 numOfArrays is 23. */ - if (size > 3 && ((data[0] == 1) || (data[0] == 0 && (data[1] || data[2] > 1)))) { + if (size >= 23 && ((data[0] == 1) || (data[0] == 0 && (data[1] || data[2] > 1)))) { /* It seems the extradata is encoded as hvcC format. */ int i, j, num_arrays, nal_len_size;