[FFmpeg-devel] [PATCH v4 1/1] avcodec/vc1dec: return value check for init_get_bits
maryam ebrahimzadeh
me22bee at outlook.com
Sun Aug 15 15:49:49 EEST 2021
avcodec/vc1dec: return value check for init_get_bits
As the second argument for init_get_bits(avctx and buf) can be crafted,
a return value check for this function call is necessary
so replace init_get_bits with init_get_bits8.
---
libavcodec/vc1dec.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/libavcodec/vc1dec.c b/libavcodec/vc1dec.c
index 1fb1950ade..0f7c07f2e8 100644
--- a/libavcodec/vc1dec.c
+++ b/libavcodec/vc1dec.c
@@ -444,7 +444,9 @@ static av_cold int vc1_decode_init(AVCodecContext *avctx)
// the last byte of the extradata is a version number, 1 for the
// samples we can decode
- init_get_bits(&gb, avctx->extradata, avctx->extradata_size*8);
+ ret = init_get_bits8(&gb, avctx->extradata, avctx->extradata_size);
+ if (ret < 0)
+ return ret;
if ((ret = ff_vc1_decode_sequence_header(avctx, v, &gb)) < 0)
return ret;
@@ -770,8 +772,11 @@ static int vc1_decode_frame(AVCodecContext *avctx, void *data,
buf_size2 = vc1_unescape_buffer(buf, buf_size, buf2);
}
init_get_bits(&s->gb, buf2, buf_size2*8);
- } else
- init_get_bits(&s->gb, buf, buf_size*8);
+ } else {
+ ret = init_get_bits8(&s->gb, buf, buf_size);
+ if (ret < 0)
+ return ret;
+ }
if (v->res_sprite) {
v->new_sprite = !get_bits1(&s->gb);
--
2.17.1
More information about the ffmpeg-devel
mailing list