From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 7833F4A044 for ; Mon, 18 Mar 2024 11:35:12 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id AF1DE68D277; Mon, 18 Mar 2024 13:35:10 +0200 (EET) Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2073.outbound.protection.outlook.com [40.92.90.73]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 0BAEB68D243 for ; Mon, 18 Mar 2024 13:35:03 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lvUVBEiaysFpKVpu/1uiMPKCD1zLghGXkUoho4GAwPb3IYPKrHfpiBim+GWRe6uYRh8GKHEij9I/AZdeN3n5iEkY5WDZVP7X0VdeNixn6n4ftlk2RqAEMHC6tY/r1EPZ5rBRPGDqnVUF4jw16/jumFp+5tfJ1PXJQACelUoRDDeIzP2fNZvD1K5PJJGSgOHSjanjPRiqBEXR0dRB5iFIUvc3vX7dNXGFb0H3G4tqrpdkD6eyuhVeNTKr40gZLuIv9M0fSC6jKrK37JQgDOiHUVpkyvo+r46D9w7K5pt3eKNFYoe5VNnyUOywwc99whq3iQHLjcJOJIR3INc1IyFXtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2yu/fIRsUd6TWCbJB9izSZWUNO0LuJa88n6dgWIXntM=; b=mqjSafB+MerpFg5najbAJali7vZnkSw4BYvZNOGkfz/cyN4GXelU+biG/t3omVpWrlCVOnbOk6Ng9MLHulubZw8hQGvEx7acFiAuSDpe1kD4SOqYXXLmRSRl1JO0eTCR78unwhwpFIVxHM191N7BcqdPCNhfna0avzN+wGY/dvPAdeXm45JOcYEhnUAey8+P1Z25A5KmzjIWHCw3vLT3BBmUcg+6o1Iz7qKfsBa14S7ACspxPrVgr8H1jRsfp68/zmnPXDYJM78Wq+dhULpQ4Lr+h77jb3hrBQzIdBpQZkRJ4JHfDtsDsP9P2ki2jKPTZjsZOn7zNAjMU6bEnYL5QQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2yu/fIRsUd6TWCbJB9izSZWUNO0LuJa88n6dgWIXntM=; b=Wyx61oyCT+V3Nr5dL2XtDlcd03M3UFnC5ZaT2zRky9abHxBM3mCPkGYKDZtfwPxIh36ML245yaZT3wTVb58JJzQHzboxH1T8IwNxFQ0va1H97JC12uGtTJyDQQ2Ma8KxscioohhhNLRI/WHtzVGAfbs96L+9xm/rF89JVwxhUpxJHsymia/um8aTdQC1O5YsaeFgSUQERzZRXOrpOwvVeF2uQX7M+JpqRVQWF6FWAWSbTzMR04OZV9wYls+c83Xygj5loCUevP1NZamAW/S6uclkMvUl29UMtiv25xOXNujOjSTVx4PGkN/HSMwo0AmdquCsi7tXVb9aB37hejnjbg== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by AM8P250MB0248.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:32b::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.26; Mon, 18 Mar 2024 11:35:01 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::228d:8c6f:ed10:82eb]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::228d:8c6f:ed10:82eb%7]) with mapi id 15.20.7362.035; Mon, 18 Mar 2024 11:35:00 +0000 Message-ID: Date: Mon, 18 Mar 2024 12:34:58 +0100 User-Agent: Mozilla Thunderbird Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: From: Andreas Rheinhardt In-Reply-To: X-TMN: [d+iQH6PfnHJOL7J9kMlZidfoYz7HimsHaTT2gQP1BP4=] X-ClientProxiedBy: ZR0P278CA0146.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:41::7) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|AM8P250MB0248:EE_ X-MS-Office365-Filtering-Correlation-Id: 747a958e-cb38-44c7-4851-08dc473f71db X-MS-Exchange-SLBlob-MailProps: Cq7lScuPrnr9wYTvfIwcniui3GfFkDqF0lA1EAhCT7ynI26RPwXbMblC+STpWFTNfZRf2Fml1Zd5MHBNm2UWLDu5kIMQUs/rVveBxUcXzahC9M9BklVO7/1rnkXfKqTN/L5//vFzNLrJXKgTMye6K0f0MgYg88f6IYK+J3BUgEdSQ1SiPNlXVJS2ej/wAvxzDqNX1aJwo8jpWiHDgQeerAUw1Zq9gXBhOVYyKr1dt617SP8Hx9KrOPj5x9104es8Fmeo/wlaBwlbdLgjnZTg8vHvfUe/ygjc3pT8pH7ygKE+A537MymIYsDInw7bVafBO7wGCNkaBSCGL60uRc+Lzsy73aL04yxbNzvPsduesRU41xVR4pgFZzD/XvHsERvcBsrKyWGSYlXRAibyDaAVg6eMqSCRFln0O8RzU97JYEracWzw/sO5bhgLc2HJAE1Gt7TeLJvbfsI1bcQsdIDJ/meOzSEyE+/xYw0AeAC8muhbdapUB9DKj4RQ7Qy7hj9lbgrfGJfDZS/mGUCuyiPjMq+NWeV5Rr718OdW8r5QcOQ5+Z8TAUTueW7aj+e/lusY5CnytEQ92BQRKMxxJ4uFtEqQLveCGYZ+beTS0Z200WJf8hz4w1yrPMNgsLc22JifC6AsIxe2y8jflN2kSM0AG1lPhwCGbPdqYB7nOZFUyXIkcsp5CD/5xzwwZci3JHGx6o/Ab4pIk3FboeVoYaxOVNPq1B0xlcQ3KWsPDqdFN9CjJ8ieDKnA9oMHe4beS8END50cCz7C76k= X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9oHfhhO3HK7nkC2KjQZfUfhx7YJaE06xvL9ANhZib+IhbshpbXnHFPUziKpO0hsrdP6KLgJ4tF6JcClDYG/gl4/A6MOA0pZs5qDtnwvzCpDOSGtZ0hRFsnxPTpxtxH4/evRLj6030RgfGr0p/T4XL2KJExXyXt0aVJT5GXdgGYUyryh99pahsxdM7vjPi5DcQrQ/zs7ofbNPRZ0RP8nMol3JjojZQPiargPqf9yBwwdatJLvaXAKI1wP2uCIoVvXr0UygmEN6hIPRr2EgYDouY/u3LaPZ/y9uy57MtZx+A3kbSws6MWVyOIZ4vJ7/2hI8mM+pCSpm/BleJ57FMhRT5OcbZywqQFkZG8GWKjbO6AE8fsuAqDQcnJTbW4XToCc+aIuTCTkVN2sQY4unkOFLRKdncZ8q1Am6aaxZdtqyqdm8dLrfiJYh643HOMKxCNgrQVn/9yyBrb51lCYLYWFeXX2S0IzW8L2+HW0Sd6Z0M/90TlazKTVXJ70eP2oa9sQnL3VByNK2duMHssy7G6k2K9jpaVOWz0uzMcVQc4qEpiLD73LTj07zRn6whmzJVEG X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?a2ZuaHNqTzVGWUtwQnl3QkxUaGZrUkIvYWg2bjhwb1BLWkRHSGc1U3VWMmtJ?= =?utf-8?B?Q3pRcGRZMDZCZDdIMmxkZmJFcDB2aDZqQXlTZHU0U09GdldXMUpGU3Jrb0VN?= =?utf-8?B?SjU0UGVYQjlvNUtSeHRySElRSi8xRTNuYnRmOVQ5SmxIV1M2S00waVJiM2VJ?= =?utf-8?B?bmQ3YzJRTGJiK29nLyt5UC90dC9MSlptci8xNjBtWlZhM3pmV0VmU2MrM21y?= =?utf-8?B?N3ZxS2RQUUdpQnZMQUJBN2ZFNkNJenVwZDg5TllLSXdEWVZjcVJlT3ZLMFZC?= =?utf-8?B?dDdDbk1ZV3BoSzR4cGIzY0o0eThWQzdjZWE3MWQxT0lPMDUvSW5sYm1BTUxr?= =?utf-8?B?cDRhVGY4Vng1TU00L2o2N1lJeFVNZkZpbFJtaldqTjRlZUIwYVE1L3RJUFlJ?= =?utf-8?B?ck1kaVVWNmRJUFU4Ym9SbkI3YXZPbHBEOW1IMmRhL1ZodVltR2NDaVR6Nmw5?= =?utf-8?B?YlhTWm00cHZIRW9NSmhGTmJyUU1jNkExYWFpTUdhWFhSR0hNcTAxZTZlSm55?= =?utf-8?B?M1hnSXdwcXFqL05lTElQNmRsS0Vrbmt0Zyt3NWN0MHAwVU1JcFc1YlBCS0NC?= =?utf-8?B?LzMySlBEbG9PZmp2WmJSbFl5eEN2NUxlTVpqSUpIRE5zK3E1S0ZVQXB6R3pP?= =?utf-8?B?ZHdrRTFwclBNS0lwdlo0MTZWWGl4aUYwMVYxOSsvV0NaOSt0NHVHTHo0TVEx?= =?utf-8?B?WDM0eVNEa0JYYThhOUgrM3JnUTk1M2JxSW9pdm9MV1c3R2VpYUh1eWRlbXd2?= =?utf-8?B?TkR4M2NMK0t5SDZTa2JYczJrM1dQRXFVcHVta1pGVi9TOWZZVlJQY2JsdXg0?= =?utf-8?B?ZVVua3lHZXZHcW03ZE1HVHRQallMbytnWFB6a0loNkl1cUJycGJkK2o5alpO?= =?utf-8?B?dnFpRU1taTJ4aHhTNUVVd0d3R2N4d0dlODJzNjVoSUhEVGs0V2hOSXZZL3Bh?= =?utf-8?B?SGg4YThoaXV0d2pZWnJEQkhsZ1Y3ZzNHYTdSZ1FrTnBudCtMc0o4SElnekdL?= =?utf-8?B?OVdHaytsSGtWN2JrRVU1UFEySTQrNXpZWnZXWGtzY0RUY1I4dGhxQmt5aEtB?= =?utf-8?B?ZmhZMXFVRXRRZUxWRUoxanh6NmxKOG5kR2plL0tLV25rTzM4NGRyazR1Y0V3?= =?utf-8?B?K0NBU2NGeG5XMTBXcno1NXFpRHFVNmJ2SHBCZ1dCT3lCR0I3bGExdHExZjFE?= =?utf-8?B?VDlZbzk4aERVKzVSNW0rbUU1bkRlZG9jaDUzK2d3VHlWaGhPejlCeHRyZVFr?= =?utf-8?B?anlTREZ3QkRzSjhRWjBNVDR4UCtzU0xPejFLWnQzM1JrcjFmeU03dThxWTFQ?= =?utf-8?B?dTdNQ0xGYml3bWFvTHpUZlB3c1U3UVZoRTcwNEo5Z2k4c2I5Tlp5ZTJWNW5w?= =?utf-8?B?VnNIVFFRaUZISllFM0l3QjFFeC9TTlU0STZqaGtpTDVvZ0Fkcko4bXlQOHJz?= =?utf-8?B?dmZjUjI3TzM0aHE5NjRjMElRdHlLOUU1MTRDclFnNHd1Ty85MElVSDlKdjY1?= =?utf-8?B?dGdOL0Ztd3pSOE0yRVE1Tkt2OHIwTWxIMmxQdUVweGdKeitoc0w2aG4zaUIr?= =?utf-8?B?YjdmVlhPN0Q4VThrK3g4YndIT01OUk5qTmluMGhpUjM1c3NlWHI5ZnZaYkRQ?= =?utf-8?B?em5lK0pjdnROTDVRUDVIMFdMcW1UZkxMaCs3TzNvNjUzeWVicXNtTXp4M01P?= =?utf-8?B?TXFqMVlJbUJmMk9JMlVYY09JYUdpak40clJma29TT1MvNHBDUUo1cFRRPT0=?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 747a958e-cb38-44c7-4851-08dc473f71db X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Mar 2024 11:35:00.1020 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P250MB0248 Subject: Re: [FFmpeg-devel] [PATCH v1] avcodec/cbs_vp8: Improve the bitstream position check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Dai, Jianhui J: > The VP8 compressed header may not be byte-aligned due to boolean > coding. Use bitwise comparison to prevent the potential overread. > > Signed-off-by: Jianhui Dai > --- > libavcodec/cbs_vp8.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/libavcodec/cbs_vp8.c b/libavcodec/cbs_vp8.c > index 065156c248..13acad3724 100644 > --- a/libavcodec/cbs_vp8.c > +++ b/libavcodec/cbs_vp8.c > @@ -327,9 +327,10 @@ static int cbs_vp8_read_unit(CodedBitstreamContext *ctx, > if (err < 0) > return err; > > + // Position may not be byte-aligned after compressed header; using bits > + // count comparison for accuracy. > pos = get_bits_count(&gbc); > - pos /= 8; > - av_assert0(pos <= unit->data_size); > + av_assert0(pos <= unit->data_size * 8); (pos + 7U) / 8 seems better to avoid potential overflow issues (not an issue atm, but if we ever were to use e.g. 64bit for bitcount of the GetBit API, then the multiplication on the right could overflow a 32bit size_t). > > frame->data_ref = av_buffer_ref(unit->data_ref); > if (!frame->data_ref) _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".