subject:"\[FFmpeg\-devel\] \[PATCH 3\/7\] vorbis\: Reorder conditions to avoid possible overread"

Re: [FFmpeg-devel] [PATCH 3/7] vorbis: Reorder conditions to avoid possible overread

2017-10-17 Thread Rostislav Pehlivanov

On 17 October 2017 at 23:11, Mark Thompson  wrote:

> This can trigger a single-byte overread if the codebook has the maximum
> number of entries.
>
> Fixes #6743.
> ---
>  libavcodec/vorbis.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/vorbis.c b/libavcodec/vorbis.c
> index 399020eec5..ce23b947f0 100644
> --- a/libavcodec/vorbis.c
> +++ b/libavcodec/vorbis.c
> @@ -58,7 +58,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes,
> unsigned num)
>  uint32_t exit_at_level[33] = { 404 };
>  unsigned i, j, p, code;
>
> -for (p = 0; (bits[p] == 0) && (p < num); ++p)
> +for (p = 0; (p < num) && (bits[p] == 0); ++p)
>  ;
>  if (p == num)
>  return 0;
> @@ -71,7 +71,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes,
> unsigned num)
>
>  ++p;
>
> -for (i = p; (bits[i] == 0) && (i < num); ++i)
> +for (i = p; (i < num) && (bits[i] == 0); ++i)
>  ;
>  if (i == num)
>  return 0;
> --
> 2.11.0
>
> ___
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>

LGTM
I'll get around to merging the psy stuff one of these days
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 3/7] vorbis: Reorder conditions to avoid possible overread

2017-10-17 Thread Mark Thompson

This can trigger a single-byte overread if the codebook has the maximum
number of entries.

Fixes #6743.
---
 libavcodec/vorbis.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/vorbis.c b/libavcodec/vorbis.c
index 399020eec5..ce23b947f0 100644
--- a/libavcodec/vorbis.c
+++ b/libavcodec/vorbis.c
@@ -58,7 +58,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes, 
unsigned num)
 uint32_t exit_at_level[33] = { 404 };
 unsigned i, j, p, code;
 
-for (p = 0; (bits[p] == 0) && (p < num); ++p)
+for (p = 0; (p < num) && (bits[p] == 0); ++p)
 ;
 if (p == num)
 return 0;
@@ -71,7 +71,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes, 
unsigned num)
 
 ++p;
 
-for (i = p; (bits[i] == 0) && (i < num); ++i)
+for (i = p; (i < num) && (bits[i] == 0); ++i)
 ;
 if (i == num)
 return 0;
-- 
2.11.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 3/7] vorbis: Reorder conditions to avoid possible overread

[FFmpeg-devel] [PATCH 3/7] vorbis: Reorder conditions to avoid possible overread

2 matches

Site Navigation

Mail list logo

Footer information