[FFmpeg-devel] [PATCH] avcodec/cbs_jpeg: Fix size of huffman symbol table array
Andreas Rheinhardt
andreas.rheinhardt at outlook.com
Fri Feb 11 11:28:03 EET 2022
Andreas Rheinhardt:
> L[i] can be in the range of 0-255, see table B.5 of ITU T.81.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>
> ---
> libavcodec/cbs_jpeg.h | 2 +-
> libavcodec/cbs_jpeg_syntax_template.c | 4 ++--
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/libavcodec/cbs_jpeg.h b/libavcodec/cbs_jpeg.h
> index 6305f0ee86..9dbebd259f 100644
> --- a/libavcodec/cbs_jpeg.h
> +++ b/libavcodec/cbs_jpeg.h
> @@ -99,7 +99,7 @@ typedef struct JPEGRawHuffmanTable {
> uint8_t Tc;
> uint8_t Th;
> uint8_t L[16];
> - uint8_t V[224];
> + uint8_t V[256];
> } JPEGRawHuffmanTable;
>
> typedef struct JPEGRawHuffmanTableSpecification {
> diff --git a/libavcodec/cbs_jpeg_syntax_template.c b/libavcodec/cbs_jpeg_syntax_template.c
> index 6eda56d623..e06abdc674 100644
> --- a/libavcodec/cbs_jpeg_syntax_template.c
> +++ b/libavcodec/cbs_jpeg_syntax_template.c
> @@ -84,12 +84,12 @@ static int FUNC(huffman_table)(CodedBitstreamContext *ctx, RWContext *rw,
> u(4, Th, 0, 3);
>
> for (i = 0; i < 16; i++)
> - us(8, L[i], i, 0, 224);
> + us(8, L[i], i, 0, 255);
>
> ij = 0;
> for (i = 0; i < 16; i++) {
> for (j = 0; j < current->L[i]; j++) {
> - if (ij >= 224)
> + if (ij >= FF_ARRAY_ELEMS(current->V))
> return AVERROR_INVALIDDATA;
> us(8, V[ij], ij, 0, 255);
> ++ij;
Will apply this later tonight unless there are objections.
- Andreas
More information about the ffmpeg-devel
mailing list