[FFmpeg-devel] [PATCH 1/6] avformat/oggdec: Check ffio_ensure_seekback()

[FFmpeg-devel] [PATCH 1/6] avformat/oggdec: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Fixes Coverity issue #1492327.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/oggdec.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 8ea81e5d45..5339fdd32c 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -364,7 +364,9 @@ static int ogg_read_page(AVFormatContext *s, int *sid, int probing)
     ffio_init_checksum(bc, ff_crc04C11DB7_update, 0x4fa9b05f);
 
     /* To rewind if checksum is bad/check magic on switches - this is the max packet size */
-    ffio_ensure_seekback(bc, MAX_PAGE_SIZE);
+    ret = ffio_ensure_seekback(bc, MAX_PAGE_SIZE);
+    if (ret < 0)
+        return ret;
     start_pos = avio_tell(bc);
 
     version = avio_r8(bc);
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 2/6] avformat/gifdec: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Fixes Coverity issue #1598400.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/gifdec.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/gifdec.c b/libavformat/gifdec.c
index 294007682b..d5f06adc64 100644
--- a/libavformat/gifdec.c
+++ b/libavformat/gifdec.c
@@ -85,7 +85,10 @@ static int gif_probe(const AVProbeData *p)
 
 static int resync(AVIOContext *pb)
 {
-    ffio_ensure_seekback(pb, 13);
+    int ret = ffio_ensure_seekback(pb, 13);
+    if (ret < 0)
+        return ret;
+
     for (int i = 0; i < 6; i++) {
         int b = avio_r8(pb);
         if (b != gif87a_sig[i] && b != gif89a_sig[i])
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 3/6] avformat/westwood_vqa: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Fixes Coverity issue #1598405.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/westwood_vqa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libavformat/westwood_vqa.c b/libavformat/westwood_vqa.c
index 3a31e3f5e8..9755fcc9c1 100644
--- a/libavformat/westwood_vqa.c
+++ b/libavformat/westwood_vqa.c
@@ -201,8 +201,10 @@ static int wsvqa_read_packet(AVFormatContext *s,
             /* We need a big seekback buffer because there can be SNxx, VIEW and ZBUF
              * chunks (<512 KiB total) in the stream before we read VQFR (<256 KiB) and
              * seek back here. */
-            ffio_ensure_seekback(pb, wsvqa->vqfl_chunk_size + (512 + 256) * 1024);
+            ret = ffio_ensure_seekback(pb, wsvqa->vqfl_chunk_size + (512 + 256) * 1024);
             avio_skip(pb, chunk_size + skip_byte);
+            if (ret < 0)
+                return ret;
             continue;
         } else if ((chunk_type == SND0_TAG) || (chunk_type == SND1_TAG) ||
             (chunk_type == SND2_TAG) || (chunk_type == VQFR_TAG)) {
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 4/6] avformat/qoadec: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Fixes Coverity issue #1598406.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/qoadec.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/qoadec.c b/libavformat/qoadec.c
index 9cce5157fc..a9632c46c3 100644
--- a/libavformat/qoadec.c
+++ b/libavformat/qoadec.c
@@ -41,6 +41,7 @@ static int qoa_read_header(AVFormatContext *s)
 {
     AVIOContext *pb = s->pb;
     AVStream *st;
+    int ret;
 
     st = avformat_new_stream(s, NULL);
     if (!st)
@@ -52,7 +53,9 @@ static int qoa_read_header(AVFormatContext *s)
     st->duration = avio_rb32(pb);
     st->start_time = 0;
 
-    ffio_ensure_seekback(pb, 4);
+    ret = ffio_ensure_seekback(pb, 4);
+    if (ret < 0)
+        return ret;
     st->codecpar->ch_layout.nb_channels = avio_r8(pb);
     if (st->codecpar->ch_layout.nb_channels == 0)
         return AVERROR_INVALIDDATA;
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 5/6] avformat/dhav: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Fixes Coverity issue #1492324.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/dhav.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/dhav.c b/libavformat/dhav.c
index 303fb42bed..8e08274e68 100644
--- a/libavformat/dhav.c
+++ b/libavformat/dhav.c
@@ -273,8 +273,11 @@ static int dhav_read_header(AVFormatContext *s)
 {
     DHAVContext *dhav = s->priv_data;
     uint8_t signature[5];
+    int ret = ffio_ensure_seekback(s->pb, 5);
+
+    if (ret < 0)
+        return ret;
 
-    ffio_ensure_seekback(s->pb, 5);
     avio_read(s->pb, signature, sizeof(signature));
     if (!memcmp(signature, "DAHUA", 5)) {
         avio_skip(s->pb, 0x400 - 5);
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 6/6] avformat/dhav: Check amount read

[Andreas Rheinhardt]

Prevents potential use of uninitialized data in the following
memcmp().

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavformat/dhav.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libavformat/dhav.c b/libavformat/dhav.c
index 8e08274e68..b2ead99609 100644
--- a/libavformat/dhav.c
+++ b/libavformat/dhav.c
@@ -278,7 +278,9 @@ static int dhav_read_header(AVFormatContext *s)
     if (ret < 0)
         return ret;
 
-    avio_read(s->pb, signature, sizeof(signature));
+    ret = ffio_read_size(s->pb, signature, sizeof(signature));
+    if (ret < 0)
+        return ret;
     if (!memcmp(signature, "DAHUA", 5)) {
         avio_skip(s->pb, 0x400 - 5);
         dhav->last_good_pos = avio_tell(s->pb);
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH 1/6] avformat/oggdec: Check ffio_ensure_seekback()

[Andreas Rheinhardt]

Andreas Rheinhardt:
> Fixes Coverity issue #1492327.
> 
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
> ---
>  libavformat/oggdec.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
> index 8ea81e5d45..5339fdd32c 100644
> --- a/libavformat/oggdec.c
> +++ b/libavformat/oggdec.c
> @@ -364,7 +364,9 @@ static int ogg_read_page(AVFormatContext *s, int *sid, int probing)
>      ffio_init_checksum(bc, ff_crc04C11DB7_update, 0x4fa9b05f);
>  
>      /* To rewind if checksum is bad/check magic on switches - this is the max packet size */
> -    ffio_ensure_seekback(bc, MAX_PAGE_SIZE);
> +    ret = ffio_ensure_seekback(bc, MAX_PAGE_SIZE);
> +    if (ret < 0)
> +        return ret;
>      start_pos = avio_tell(bc);
>  
>      version = avio_r8(bc);

Will apply this patchset tomorrow unless there are objections.

- Andreas

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".