From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 5E5284AC60
	for <ffmpegdev@gitmailbox.com>; Fri, 17 May 2024 21:01:11 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D22AF68D1CA;
	Sat, 18 May 2024 00:01:08 +0300 (EEST)
Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net
 [217.70.183.200])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 10BAC68CDE5
 for <ffmpeg-devel@ffmpeg.org>; Sat, 18 May 2024 00:01:01 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id 6120420002
 for <ffmpeg-devel@ffmpeg.org>; Fri, 17 May 2024 21:01:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc;
 s=gm1; t=1715979661;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=tyaV2IkpEhr7J/LE4yJhZ6urDvdSmW96HKw11rFKaQA=;
 b=WSzmjnyW7KVKOeslNPTIMyxfAQe9ZUX52IvazvSXI/zoEFh3zDcN6EDeTNwqmrkW8XWcWf
 MUz3HtHJFZzf6Anqt/nCYzoGhGzW09FsbJftleinJtwMdS4aWu+TLxYEBrFafJDtSpoWn5
 99jB9GrzZDRs7XF5v28aPfsw1oSQKAbKIM6mWG4iNJqPg8daw+Eak8riMMZRtDLU2Oc9oG
 KGgZhHVlS8zr8ulngsp0VnUOqTuK3RSbM6o7KXIVCFBOxEDkMMe9aE1BsT5ZdFNLIIUv9N
 s0xthq8kXVog+FE4Bed2noGdk+8Qtqe5Ta146y3RYuSocQT6tohkLy5aDDBRmw==
Date: Fri, 17 May 2024 23:01:00 +0200
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <20240517210100.GT6420@pb2>
References: <20240516231932.6950-1-michael@niedermayer.cc>
 <20240516231932.6950-4-michael@niedermayer.cc>
 <AS8P250MB0744554057D5048C9280B3968FEE2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
MIME-Version: 1.0
In-Reply-To: <AS8P250MB0744554057D5048C9280B3968FEE2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
X-GND-Sasl: michael@niedermayer.cc
Subject: Re: [FFmpeg-devel] [PATCH 4/5] avcodec/sga: Check non constant
 init_get_bits8()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: multipart/mixed; boundary="===============6326131297101433296=="
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20240517210100.GT6420@pb2/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>


--===============6326131297101433296==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="w08AuS3ta1SOpvrH"
Content-Disposition: inline


--w08AuS3ta1SOpvrH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, May 17, 2024 at 09:53:21AM +0200, Andreas Rheinhardt wrote:
> Michael Niedermayer:
> > Fixes: CID1473562 Unchecked return value
> > Fixes: CID1473592 Unchecked return value
> >=20
> > Sponsored-by: Sovereign Tech Fund
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> >  libavcodec/sga.c | 10 ++++++++--
> >  1 file changed, 8 insertions(+), 2 deletions(-)
> >=20
> > diff --git a/libavcodec/sga.c b/libavcodec/sga.c
> > index 0f42cf912b2..aca941e057e 100644
> > --- a/libavcodec/sga.c
> > +++ b/libavcodec/sga.c
> > @@ -254,11 +254,14 @@ static int decode_palmapdata(AVCodecContext *avct=
x)
> >      const int bits =3D (s->nb_pal + 1) / 2;
> >      GetByteContext *gb =3D &s->gb;
> >      GetBitContext pm;
> > +    int ret;
> > =20
> >      bytestream2_seek(gb, s->palmapdata_offset, SEEK_SET);
> >      if (bytestream2_get_bytes_left(gb) < s->palmapdata_size)
> >          return AVERROR_INVALIDDATA;
> > -    init_get_bits8(&pm, gb->buffer, s->palmapdata_size);
> > +    ret =3D init_get_bits8(&pm, gb->buffer, s->palmapdata_size);
> > +    if (ret < 0)
> > +        return ret;
> > =20
> >      for (int y =3D 0; y < s->tiles_h; y++) {
> >          uint8_t *dst =3D s->palmapindex_data + y * s->tiles_w;
> > @@ -277,11 +280,14 @@ static int decode_tiledata(AVCodecContext *avctx)
> >      SGAVideoContext *s =3D avctx->priv_data;
> >      GetByteContext *gb =3D &s->gb;
> >      GetBitContext tm;
> > +    int ret;
> > =20
> >      bytestream2_seek(gb, s->tiledata_offset, SEEK_SET);
> >      if (bytestream2_get_bytes_left(gb) < s->tiledata_size)
> >          return AVERROR_INVALIDDATA;
> > -    init_get_bits8(&tm, gb->buffer, s->tiledata_size);
> > +    ret =3D init_get_bits8(&tm, gb->buffer, s->tiledata_size);
> > +    if (ret < 0)
> > +        return ret;
> > =20
> >      for (int n =3D 0; n < s->nb_tiles; n++) {
> >          uint8_t *dst =3D s->tileindex_data + n * 64;
>=20
> Both of these can not fail and could be checked via av_assert1:
> palmapdata_size is given by (s->tiles_w * s->tiles_h * ((s->nb_pal + 1)
> / 2) + 7) / 8 with tiles_w and tiles_h being in the 0..255 range and
> nb_pal being in the 0..4 range.
> tiledata_size is given by s->nb_tiles * 32; nb_tiles fits in 16 bits (it
> is either read via AV_RB16 or is given as the product of tiles_h *
> tiles_w, both of which are read from simple uint8_t.

ill use av_assert1()

thx

[...]
--=20
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

When you are offended at any man's fault, turn to yourself and study your
own failings. Then you will forget your anger. -- Epictetus

--w08AuS3ta1SOpvrH
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABEKAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZkfFiQAKCRBhHseHBAsP
q6JxAJ9Nd03Dhalp35jDCuCfcSbkfKAnHQCdG1iVu/62VlVTjJKxYUAafRAsHmA=
=A0oy
-----END PGP SIGNATURE-----

--w08AuS3ta1SOpvrH--

--===============6326131297101433296==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

--===============6326131297101433296==--