On Sat, Dec 19, 2015 at 12:17:42PM +0100, Andreas Cadhalpun wrote: > On 19.12.2015 01:32, Michael Niedermayer wrote: > > On Fri, Dec 18, 2015 at 08:13:06PM +0100, Andreas Cadhalpun wrote: > >> xwddec.c | 6 ++++++ > >> 1 file changed, 6 insertions(+) > >> 0be27d89a669445b523bfdac99884065e3581f3c > >> 0001-xwddec-prevent-overflow-of-lsize-avctx-height.patch > >> From fb40616d7b432680b92dc3adc44a5b5d12fac55d Mon Sep 17 00:00:00 2001 > >> From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > >> Date: Fri, 18 Dec 2015 19:28:51 +0100 > >> Subject: [PATCH] xwddec: prevent overflow of lsize * avctx->height > >> > >> This is used to check if the input buffer is larger enough, so if this > >> overflows it can cause a false negative leading to a segmentation fault > >> in bytestream2_get_bufferu. > > > > cant the addition overflow too in the input buffer check ? > > Probably. > > > if so then using 64bit in the input buffer check would avoid the > > need for a explicit check on lsize > > Indeed, that's simpler. New patch attached.
LGTM thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Observe your enemies, for they first find out your faults. -- Antisthenes
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
