On Tue, Jan 12, 2016 at 02:41:12PM +0100, Carl Eugen Hoyos wrote: > On Tuesday 12 January 2016 02:28:28 pm Michael Niedermayer wrote: > > On Tue, Jan 12, 2016 at 02:19:53PM +0100, Carl Eugen Hoyos wrote: > > > On Tuesday 12 January 2016 02:16:52 pm Michael Niedermayer wrote: > > > > On Tue, Jan 12, 2016 at 09:58:53AM +0100, Carl Eugen Hoyos wrote: > > > > > - if (memcmp("AVI1", buf + 6, 4)) { > > > > > - av_log(avctx, AV_LOG_ERROR, "input is not MJPEG/AVI1\n"); > > > > > - return AVERROR_INVALIDDATA; > > > > > + if (buf[2] == 0xff && buf[3] == APP0) { > > > > > + input_skip = (buf[4] << 8) + buf[5] + 4; > > > > > + } else { > > > > > + input_skip = 2; > > > > > > > > shouldnt the first 2 bytes that are being skiped be checked ? > > > > > > I don't know (possibly) but it seems unrelated to this patch: > > > They are not checked now. > > > > true > > > > still before the patch 4 bytes are checked, afterwards none > > these 4 bytes sort of imply that the previous bytes arent arbitrary > > > > if the 2 bytes are different from what is expected then the code > > would potentially generate invalid output, or do i miss some check > > elsewhere that would prevent that ? > > New patch attached. > > Please comment, Carl Eugen
> mjpeg2jpeg_bsf.c | 5 +++++ > 1 file changed, 5 insertions(+) > a261f4350cbfeefc9c011cfc93fc39e5c4f7fe7c patchmjpeg2jpgffd8.diff > diff --git a/libavcodec/mjpeg2jpeg_bsf.c b/libavcodec/mjpeg2jpeg_bsf.c LGTM thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Those who are too smart to engage in politics are punished by being governed by those who are dumber. -- Plato
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel