vlc | branch: master | Rémi Denis-Courmont <[email protected]> | Sun Nov 13 11:49:01 2016 +0200| [61eb0882323a9b507f8b3f3f78ebdb5e5f42a4c1] | committer: Rémi Denis-Courmont
vlc_bits: fix integer overflow in signed ExpGolomb code When bs_read_ue() returned 2^32-1, computing (val + 1) as 'int' overflowed. With this patch, the conversion from unsigned to signed is performed after the division by two, so that the absolute value range is always within limits of the signed 32-bits integer type. Also use fast types since the function are meant to be inlined. > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=61eb0882323a9b507f8b3f3f78ebdb5e5f42a4c1 --- include/vlc_bits.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/include/vlc_bits.h b/include/vlc_bits.h index ed6e717..1df9322 100644 --- a/include/vlc_bits.h +++ b/include/vlc_bits.h @@ -231,22 +231,23 @@ static inline void bs_align_1( bs_t *s ) } /* Read unsigned Exp-Golomb code */ -static inline uint32_t bs_read_ue( bs_t * bs ) +static inline uint_fast32_t bs_read_ue( bs_t * bs ) { - int32_t i = 0; + unsigned i = 0; while( bs_read1( bs ) == 0 && bs->p < bs->p_end && i < 31 ) i++; - return ((uint32_t)1 << i) - 1 + bs_read( bs, i ); + return (1U << i) - 1 + bs_read( bs, i ); } /* Read signed Exp-Golomb code */ -static inline int32_t bs_read_se( bs_t *s ) +static inline int_fast32_t bs_read_se( bs_t *s ) { - int val = bs_read_ue( s ); + uint_fast32_t val = bs_read_ue( s ); - return val&0x01 ? (val+1)/2 : -(val/2); + return (val & 0x01) ? (int_fast32_t)((val + 1) / 2) + : -(int_fast32_t)(val / 2); } #undef bs_forward _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
