Vitor Sessak <[email protected]> writes: > On 02/29/2012 04:28 PM, Janne Grunau wrote: >> On 2012-02-26 09:52:44 +0100, Vitor Sessak wrote: >>> --- >>> libavcodec/ra144dec.c | 2 ++ >>> libavcodec/ra288.c | 2 ++ >>> libavcodec/sipr.c | 2 ++ >>> libavcodec/twinvq.c | 2 ++ >>> 4 files changed, 8 insertions(+), 0 deletions(-) >> >> Why? >> >> Have you proofed that each of the decoder can't overread? > > Of course I did. I concede didn't do it with the AMRNB in my first > patch. I was almost sure I saw the check when I reviewed it, but I was > wrong.
[...] >> I would say the decoders are not important enough and speed penalty >> for audio doesn't matter enough to disable the safe bitstream reader. > > How hard is it to check a single constant value correctly? What is the > use of the safe bitstream reader if the check is done right? There's much more to it than that. Almost anything using variable-length codes will need more than a simple packet size check, or a damaged/malicious bitstream may cause over-reads. -- Måns Rullgård [email protected] _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
