On 12/12/11 15:54, Gaurav Narula wrote:
--- libavcodec/kmvc.c | 82 ++++++++++++++++++++++++++++++++++++++++++---------- 1 files changed, 66 insertions(+), 16 deletions(-)diff --git a/libavcodec/kmvc.c b/libavcodec/kmvc.c index 07ca194..7f63699 100644 --- a/libavcodec/kmvc.c +++ b/libavcodec/kmvc.c @@ -57,17 +57,21 @@ typedef struct BitBuf { #define kmvc_init_getbits(bb, src) bb.bits = 7; bb.bitbuf = *src++; -#define kmvc_getbit(bb, src, res) {\ +#define kmvc_getbit(bb, src, src_end, res) {\ res = 0; \ if (bb.bitbuf& (1<< bb.bits)) res = 1; \ bb.bits--; \ if(bb.bits == -1) { \ + if (src>= src_end) { \ + av_log(ctx->avctx, AV_LOG_ERROR, "Data overrun\n"); \ + return AVERROR_INVALIDDATA; \ + } \ bb.bitbuf = *src++; \ bb.bits = 7; \ } \ }
res == 1 is an error condition that always triggers a return, am I wrong? Why not factor it in the macro as well?
lu -- Luca Barbato Gentoo/linux http://dev.gentoo.org/~lu_zero _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
