[FFmpeg-devel] [PATCH v1] avcodec/cbs_vp8: Improve the bitstream position check
Dai, Jianhui J
jianhui.j.dai at intel.com
Tue Mar 5 07:33:25 EET 2024
> -----Original Message-----
> From: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> On Behalf Of Dai,
> Jianhui J
> Sent: Friday, February 23, 2024 8:43 AM
> To: FFmpeg development discussions and patches <ffmpeg-devel at ffmpeg.org>
> Subject: Re: [FFmpeg-devel] [PATCH v1] avcodec/cbs_vp8: Improve the
> bitstream position check
>
>
>
> > -----Original Message-----
> > From: ffmpeg-devel <ffmpeg-devel-bounces at ffmpeg.org> On Behalf Of Dai,
> > Jianhui J
> > Sent: Thursday, January 25, 2024 8:54 AM
> > To: ffmpeg-devel at ffmpeg.org
> > Subject: [FFmpeg-devel] [PATCH v1] avcodec/cbs_vp8: Improve the
> > bitstream position check
> >
> > The VP8 compressed header may not be byte-aligned due to boolean
> > coding. Use bitwise comparison to prevent the potential overread.
> >
> > Signed-off-by: Jianhui Dai <jianhui.j.dai at intel.com>
> > ---
> > libavcodec/cbs_vp8.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/libavcodec/cbs_vp8.c b/libavcodec/cbs_vp8.c index
> > 065156c248..13acad3724 100644
> > --- a/libavcodec/cbs_vp8.c
> > +++ b/libavcodec/cbs_vp8.c
> > @@ -327,9 +327,10 @@ static int
> > cbs_vp8_read_unit(CodedBitstreamContext
> > *ctx,
> > if (err < 0)
> > return err;
> >
> > + // Position may not be byte-aligned after compressed header; using bits
> > + // count comparison for accuracy.
> > pos = get_bits_count(&gbc);
> > - pos /= 8;
> > - av_assert0(pos <= unit->data_size);
> > + av_assert0(pos <= unit->data_size * 8);
> >
> > frame->data_ref = av_buffer_ref(unit->data_ref);
> > if (!frame->data_ref)
>
> Ping reviewers to help to apply.
>
> The review history can be found here:
> https://patchwork.ffmpeg.org/project/ffmpeg/patch/CH3PR11MB793797554CD
> B411074364733B1742 at CH3PR11MB7937.namprd11.prod.outlook.com/
@Ronald (rsbultje at gmail.com), @Andreas (andreas.rheinhardt at outlook.com)
Could you please help to apply these 2 fixes?
[FFmpeg-devel,v1] avcodec/cbs_vp8: Improve the bitstream position check - Patchwork
https://patchwork.ffmpeg.org/project/ffmpeg/patch/DS7PR11MB7949CF2C01F31B4B8597EC61B17A2@DS7PR11MB7949.namprd11.prod.outlook.com/
[FFmpeg-devel,v1] avcodec/cbs_vp8: Use little endian in fixed() - Patchwork
https://patchwork.ffmpeg.org/project/ffmpeg/patch/DS7PR11MB79499AF0B5FB03FBF1876EFCB17A2@DS7PR11MB7949.namprd11.prod.outlook.com/
>
> > --
> > 2.25.1
> >
> > _______________________________________________
> > ffmpeg-devel mailing list
> > ffmpeg-devel at ffmpeg.org
> > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >
> > To unsubscribe, visit link above, or email
> > ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email ffmpeg-devel-request at ffmpeg.org
> with subject "unsubscribe".
More information about the ffmpeg-devel
mailing list