[FFmpeg-devel] [PATCH] avcodec/av1_parse: Check obu_size
James Almer
jamrial at gmail.com
Sun Oct 14 21:02:46 EEST 2018
On 10/14/2018 2:56 PM, Michael Niedermayer wrote:
> Fixes: out of array read
> Fixes: SIGSEGV_get_obu_bit_length_av1_parse
>
> Found-by: keval shah <skeval65 at gmail.com>
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
> libavcodec/av1_parse.h | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/av1_parse.h b/libavcodec/av1_parse.h
> index 276af33ba9..864308f81d 100644
> --- a/libavcodec/av1_parse.h
> +++ b/libavcodec/av1_parse.h
> @@ -134,8 +134,8 @@ static inline int parse_obu_header(const uint8_t *buf, int buf_size,
>
> size = *obu_size + *start_pos;
>
> - if (size > INT_MAX)
> - return AVERROR(ERANGE);
> + if (size > buf_size)
> + return AVERROR_INVALIDDATA;
>
> return size;
> }
LGTM, thanks.
More information about the ffmpeg-devel
mailing list