Diego Biurrun <[email protected]> writes: > On Fri, Jul 15, 2011 at 10:15:56AM +0100, Måns Rullgård wrote: >> Diego Biurrun <[email protected]> writes: >> >> > User-provided data should never trigger an assert; also fixes the warning: >> > libavcodec/vaapi_mpeg2.c:112:14: warning: variable 'start_code' set but >> > not used >> > --- a/libavcodec/vaapi_mpeg2.c >> > +++ b/libavcodec/vaapi_mpeg2.c >> > @@ -116,7 +116,8 @@ static int vaapi_mpeg2_decode_slice(AVCodecContext >> > *avctx, const uint8_t *buffer >> > /* Determine macroblock_offset */ >> > init_get_bits(&gb, buffer, 8 * size); >> > start_code = get_bits(&gb, 32); >> > - assert((start_code & 0xffffff00) == 0x00000100); >> > + if (!((start_code & 0xffffff00) == 0x00000100)) >> > + return -1; >> >> Fix the get_bits -> get_bits_long while at it, or this is bound to cause >> trouble. > > Notice that even this trivial grep already finds two dozen more candidate > instances of this issue: > > biurrun@passion:~/src/libav $ git grep -e 'skip_bits(.*32)' -e > 'get_bits(.*32)' | wc -l > 24 > > I'm not volunteering to fix...
I did not ask you to fix all of them, only the one your patch exposes. You don't want your patch to cause regressions, do you? -- Måns Rullgård [email protected] _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
