From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 94D544EECB for ; Wed, 14 May 2025 16:34:39 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9056068CAF6; Wed, 14 May 2025 19:34:35 +0300 (EEST) Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02olkn2081.outbound.protection.outlook.com [40.92.48.81]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C298268C375 for ; Wed, 14 May 2025 19:34:28 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=OwOQ+O4X8QbWQ+XriLR1xFTzGmM06D/v8h2Lys+ohNRo0BTsvAbP5bZT1LF9FHcv4899XF7mz5E3JhNVLoTIlVJPfToPHjGA+6kP4CiRUZQmMdJy9r5rUcKQf2DvUDZxeU8YvCdPymrXVJT9ZS/RH2z/2n8v15Yv2bp+H0GJga5JjK9kdFV9sNMVp/SINKJAe6O9hWRj3T44S91EAzrQB9u6rzIcaA/v18WdOoFM/AeMQnFs0L2wviw0tokDHXCGqD67vUg7GYbtIe89sJs/KRvEZmCT0yukJ0b7zR20nQdNYwV7YFwQUOrhGUTy8QlY8Aot/lIGfWpk22+MKuIacw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=So2KkbUHaxM9PW5wardzoe6fWnWsV0caJWH/RzBL4zU=; b=hzNz8UqgCgZMIo0SU4msF2ea3vG4zEXzRk60P7eN3XChFRVFNoHa0u0iivKabuuIpzdW5IpvtYnuv5O0CkIFuOhQoZQZ6RXGjx9Y8Kg6lbU4l/Jg28iNYItTnKTVX1hNK6YtnSmeWZ4WIbMbbJwCPz4nrV2kLtWhr21rGJDiUh/YM+hLR6B7AcFvObcSzD7OoP+qCQ2mjMsMKC4Qi7lEccw/cI4AXK1ZkKd356bSveWhs71iHdN1L0slfw+o8CiD2SFG8ydZQNcdBpaK+sd4hAr21g3PcbhyJsFDXPa8YWf5nmd3E00LWwcogVEy0KKKL5QtyRYGG4Yp7btCZMxbSw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=So2KkbUHaxM9PW5wardzoe6fWnWsV0caJWH/RzBL4zU=; b=bjlTqxDYeRkvvgI2Ho3gR68wXaTIeL3HPBWO+x5sCBT2bvMENAiK+fu3HCoW8F5O2zjLj1ehiTnZNBbeE9T0jgNsliDm54eUUNvGDdaDtJfBCQKwjJP423YUhGr600JejVTd72hre7Fjf2ezdcpcUHl/wnlcq6S+gksdE25gBnQ2rfsICaLbZ++a8CnnYgle+00EImi751SMdds2xhTvZrUQBljZGAjnM3W4UCNshKl1MljVc5DRUusva4JyXm8XpvJOu5l9D4CA8Ri6+dNgtrH80XtZQ1SuWjRGMyh70YpaB6odyh7F1yFhT+AjR5PDrQJTFqaIJRyPrDzy4VpOnQ== Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) by DB9P250MB0594.EURP250.PROD.OUTLOOK.COM (2603:10a6:10:335::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8722.29; Wed, 14 May 2025 16:34:27 +0000 Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614%5]) with mapi id 15.20.8699.021; Wed, 14 May 2025 16:34:27 +0000 Message-ID: Date: Wed, 14 May 2025 18:34:25 +0200 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: <20250511003245.413345-1-michael@niedermayer.cc> <20250511003245.413345-7-michael@niedermayer.cc> Content-Language: en-US From: Andreas Rheinhardt In-Reply-To: <20250511003245.413345-7-michael@niedermayer.cc> X-ClientProxiedBy: FR4P281CA0025.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:c9::20) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) X-Microsoft-Original-Message-ID: <5b823691-7b76-4add-a63f-53c496547f2c@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|DB9P250MB0594:EE_ X-MS-Office365-Filtering-Correlation-Id: 72a1aa05-3833-4528-36fc-08dd9305312d X-MS-Exchange-SLBlob-MailProps: AZnQBsB9XmoaApi1aWVt9ILKZbGoHsd6yqsJbF4U9aAg12rXuqzxctx+wlXEIJooMMCfRlaR956l9yiZgn8wV0gkzP+1B7+vgK2WxYuJ3lLhdR2HvuWL/A9UNIct2GJOAScFIvKZPHE+oIukYJuI4Q5f/juCpeLRC0Y09Tw+nAzY9rBsKBVMwciroyxC9et4Qb6YFz066HX97VjBWn+4nNrNBBIEGkTtU/29YRnHRbZfKo3YRPfv0cgYuEhY5jqW6ZZsMfCI3wVNTezW+llfKsUunlvxOLomtpK3Ic9guxfRGn10IInoLxHH8Q6TVnagClUhP7Yend+sKOTfZzw3RIw2s6ZczPwwlaH4dgV36tsoEanYRrNykVx1y1CO/J02r+3WEjwHuZChI2jqCSlsjCYdRt1rJfc7x7JwMHkrvt4I87RLvMvcCnPwv3IjzDVlG4K7IhxGQ4exLpQzWtwvaKZ3kJ0s7eLBgUfJRKLssYJCXZw6yAoTmTM74eX7qU7ODHN9XAx1z75JzZdBnnb9Z7dLvhFYdIty4HjBG7R2DM4fsFAqJKYBRYz3uYfoIM8f0zAhXXG+N3fDlhqXFKSOpyaqBrQxqENawl7mAp7TNZePspBI3mnYiDOKiog+sW4siSDu7LKZka5ULQfoGuf+Frd1bfgGYdYa3Ru3tHLsLTeXRkWSv2wy7sEaYkh56Qlb7x8+psuA/wiyIHTIk+fln+J3q+IAg2H6wVAYqSfUIfSFI4sR2lgfc46fPqxQ92Z9kbD1M4tCy+o= X-Microsoft-Antispam: BCL:0; ARA:14566002|6090799003|5072599009|461199028|7092599006|15080799009|19110799006|8060799009|41001999006|440099028|3412199025; X-Microsoft-Antispam-Message-Info: =?utf-8?B?ek5IMUhFK3k4TWV3R3BXd0JhSXpaWVc4QkdUaTNIK21zT0RWcDJvam1teXFW?= =?utf-8?B?UldRRmlxdUZBQ2xxa0pqNEVUYmRpVzdpNWgwWDh6elJqZ0lBTzZNUHVtcnAw?= =?utf-8?B?YzFtVkxQRld0TWhKdlJaLzN5WUIwU0toOCsvdkM3N3JvZmNPSDlxaUFwbzhu?= =?utf-8?B?K2pDa01pNUJRRG15anlGLzIwb21lS0IxK1NoeGMzRlNFN0Q1OHJIWEZTU3hn?= =?utf-8?B?N1J6bTBrYjRPb2pwRnVMQ0xOVEc4REQ3QnRIZzdTb3ZXaHQ1c1l4dTl2Z3N1?= =?utf-8?B?Wm5KZGw1aFJLdkIvUmtFQjZCNFQ2cFpCeHJvdHVJK2thbUUwSlBkU0MrNTJp?= =?utf-8?B?NDFKaENoa24wVUkvNU5iSnprVVhEQ1ZOeFNDYjVNcWRCa0tvQkluNHdhTUhK?= =?utf-8?B?eGV3enFnRUxaRkhDaUdsazVHQlNidXh5cTRyMmZXdHBHdWFvcDNZZGo5cGI2?= =?utf-8?B?djhEZVFvUzlMN3lMZ2k5dHRxT2lrL2RZQTVzcENueHYxUDZLUVB4OUp1NDEw?= =?utf-8?B?SWpaeFkrOU9mdmY5QzBieUI4dy90d1VkdGs0Z2NWdWZzR1h3S3plb2lnRm0y?= =?utf-8?B?ZDIxNmxHbVRUbThoYmYzZFVpUTlqbVJmYWJQdm9FZTErUytVaXkzcnB6YzBp?= =?utf-8?B?MzJ4RytyS3k2UjVsUFNHb3lLTm5Nc2NzbkFKNndWTWdxV2tybzFGRHR3R0U0?= =?utf-8?B?ZHhicThRZm85T1FwemwzTmZHQjExT3FFOEtiRDg0Q0tpTW0zNUUxdTlZUXMr?= =?utf-8?B?YzhDYlloUkZucGFtNEhydis1aUJTYVJWZkdET29HbjJ2ZDhDaWlZQ2JxbW56?= =?utf-8?B?Z1RydEhDVGY2WFdBeWlPQ1Baei9taG4yRENCMDJxQUNQK3V0N1ZnZ2h4RjFY?= =?utf-8?B?ZzFSMzZBVjVhN1V1QnZUMVpKQkJ2VVVKamtIb1k0VXNEUFltMkVMUHdJT1pB?= =?utf-8?B?MnplZnUxYzRsSnNhejFnMmtWQzNDR1loQ0FrY0NaR2xTRlZ5R1pnOHl5QXNu?= =?utf-8?B?R3JvK1VWM2s2VS9Xa3k3K1lCTC96QU5qZFhpTDNSMm8xMk1PZTdiMUpnd2Nu?= =?utf-8?B?anA5anJCclhMNURhV0NpNjNUeTdRNlp2Vk1Cbk9WNnB0VlR3WUNTcXVZbHI1?= =?utf-8?B?Qys0b2hwMlNqQVN1ZmJNVkhhakVsdHNhMjVJdUFWWDRIUStwQ1BUaGpwWjdi?= =?utf-8?B?Rk9oUUszZlRnQnZXRWpYWS9RSWYwd2ZBQXoxcXRlaDNMQnZycGJ2aE1ubmhS?= =?utf-8?B?OC90MjlyTEJ6VW1jNitvZktPd3c4REJBblVyWHBYVFh1aUVyc0ZVZEVReUtk?= =?utf-8?B?K0lLMWpwbVp0WU10M0drVUZrUmczY3NtUm9Ra1FBMFBZcVZlcFQvRzNXbVpD?= =?utf-8?B?YzdCOTZHN3JxSjJpaTRMYVNJN1RZQlhSUU9vazNWSGxETGZxakdRSGlTVzNK?= =?utf-8?B?bFUxeWZJZEdWYXFKMG55Q0ZkY3BKVW5tblI1SVhaSWRJL1NBUnE4YWhiWHRN?= =?utf-8?B?MS9uNkE2dDlEaC9BVzFJL3h1MWMwY25CTlJER2dKVXB4TlhHVkw1TjVnUHpz?= =?utf-8?Q?Te6vAnX9WAnYQmbR+2POqr684=3D?= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bTdxVG92SlQ1ejhwbTN5VUtiTzBFUWt3b3RXVXpmdlIxdnB5SjVHdHU5NDBz?= =?utf-8?B?YWh4enFIaFp4blRSczZPSHB5WEhhMTNQNmZuNjJPU04xZTFXcUh3bm5qZzQw?= =?utf-8?B?eWZveUM3NHNCeUdtYXFyZUMxbGZKT0ZCamlwNnFjTTZBeFk2Zm51L1BWNWh6?= =?utf-8?B?Q2Y2UFM0WTZoWDFHMUpBZTJrZmVtZk54YTJidjdHT2doOXorcmFJSU9CT1VJ?= =?utf-8?B?WDlOTVB2OVcyT3BKelYwbDdBclZDQmgzalVWT0EyRlFaNVFTdlE3THVWUUEw?= =?utf-8?B?ZGhtYlp1RW9VbEhqalRRZThSWWk3aFZBaG5FUVJMMEhrZnNYUG5WT1pQaEkv?= =?utf-8?B?R3dkai9kZ3U5aHMvMytEc2tLR3lrR0RkU2pzdGNHTlpBS0tqZkJvSFp4MWRI?= =?utf-8?B?Mis0amx4RmxEejZrY093TWV5Lzhlc09NaENRNHBNaGlUT2hiVkFHTElrTFZQ?= =?utf-8?B?VnROckRPTGZPZUtCdVBtdiszdWtoZmRSVzhLaTUvNjhMaHdnZ1JGS05rM0gx?= =?utf-8?B?QTVSRGJJU09aMFkzcE9qQVdIU2k2ZGFVV0pUR3Zjc1NmRGg4cHpSUTBaRVNI?= =?utf-8?B?NDMvOStTZi9veVFMQUdYREM4YS9aaWYzdUp1ZS8wTUJHeEZGZHZuU2JvODFJ?= =?utf-8?B?N3BUbjJtb2NsSjBzZkZGbWh1emtXamxGR09aVTNGMnpNVHFHNCtXQnJySGhp?= =?utf-8?B?NGFhMStYZXVLRkNrZUswd2JYenNBVWZ6bXJLclVWK0dnZWxsSlFKSkVaUmlS?= =?utf-8?B?aVpIakNSVkcwVUVBQ2ZyOVdUbnFUUXp5TkdJZkJmeEdyYU1LRnNGd2JlMjdV?= =?utf-8?B?UW5GLzg0b0tPVkxBMkpYT2NLOWcyK0VGWVBJSUMvc3hnRTRsZ3RZRGRybXRO?= =?utf-8?B?MURCUHZjd3VtL1JmRHozb0Q0THZsQXhqQ2hBbXNWbkhUb3F5RFlyQzQ2bXY1?= =?utf-8?B?alR6ZlIvRXo3ME1NejJ2dFpCaDlwNWpYd0NFbnNUUjNtUlh4SlY4VUhiWWNs?= =?utf-8?B?QzRpUzRYc3JiSUVmejF0SHR5by9PL01RS2V2SllHWGd2b2NsWGFCY2hjM21Y?= =?utf-8?B?YmFtSUY0NUY2WE42MDJsZHNORVpvUVM4MGRwSVRtNmtPUHBRdGtYeXhRUWNv?= =?utf-8?B?aENJWERMN1czVXRaTGlVeWVEVURvbDIrbFUzYVN0d1I2bWgvNVZYNWpFVjJ3?= =?utf-8?B?cmhhdXQvS1dwUXZVc2lPcER5czhCdFVtN0xwbG1vOHdwM1dWejJxL2h5dlph?= =?utf-8?B?S0VMeWczUkNraUs0dk1pTEJRcjA5MWdLSkJwVXJkWldJV3I0VHZaNEpYQkoz?= =?utf-8?B?SWp5QVR2WEtmN1loMnhDdC8zb2svTEFPWWJxR1hUU3dGeWIrczNLcVczWUdl?= =?utf-8?B?WEpidklzVTByVUIzUE5XV2lSK1luc0tkTDFpWTFnT3JnOU9ZaFVHcGJKSmFY?= =?utf-8?B?MHdhUWJvcFhHZnY5QkFpNEw1WWN4Yk5ucFlLa2M0MVFRZ2J4YkROeGFnUlhu?= =?utf-8?B?QmpwMUhJdDlsZkZNbmVnQW0ycmkxL1A2VEJBdTFpODlTQUpySDVjMHhKelhC?= =?utf-8?B?MjFyU2hqSUdNc0I0VlMzVFh1Zkx3alc1eUFDQTF5Rk1uZTkwc2hRMXZqYlhx?= =?utf-8?B?Z1llQmx2OTlsVGlMaFZuaEF5L0pPaUhpakVLY3hlVVEyb3N1WmI4UGpmcnhX?= =?utf-8?B?N214VkF3UXJVQTJhQnA1aURlR2FCcEwyVHdrbHVPS1ExVjlUc2YyUFBrSXl5?= =?utf-8?Q?iuIr608dZmuyjelXjneRO4iRR9VABk3nByZNuMV?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 72a1aa05-3833-4528-36fc-08dd9305312d X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 May 2025 16:34:26.9364 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9P250MB0594 Subject: Re: [FFmpeg-devel] [PATCH 7/8] avcodec/svq3: Check that for 8 byte space before subtracting X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Michael Niedermayer: > No testcase > > Signed-off-by: Michael Niedermayer > --- > libavcodec/svq3.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavcodec/svq3.c b/libavcodec/svq3.c > index f730358e2f9..30bc9334af7 100644 > --- a/libavcodec/svq3.c > +++ b/libavcodec/svq3.c > @@ -1173,7 +1173,7 @@ static av_cold int svq3_decode_init(AVCodecContext *avctx) > int w,h; > > size = AV_RB32(&extradata[4]); > - if (size > extradata_end - extradata - 8) > + if (extradata_end - extradata < 8 || size > extradata_end - extradata - 8) > return AVERROR_INVALIDDATA; > init_get_bits(&gb, extradata + 8, size * 8); > Can't be triggered: This code is only executed iff marker_found is 1; and given the "m + 8 < avctx->extradata_size" check in the loop it is guaranteed that there are at least eight bytes of extradata available. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".