Re: [libav-devel] [PATCH 1/4] h264_sei: use a separate reader for the individual SEI messages

Fri, 19 May 2017 08:24:46 -0700 

On 5/19/17 3:47 PM, Anton Khirnov wrote:
> This tells the parsing functions the payload size and prevents them from
> overreading.
> ---
>  libavcodec/h264_sei.c | 23 +++++++++++++----------
>  1 file changed, 13 insertions(+), 10 deletions(-)
> 
> diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c
> index 17f89ce..2e52227 100644
> --- a/libavcodec/h264_sei.c
> +++ b/libavcodec/h264_sei.c
> @@ -350,6 +350,7 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext 
> *gb,
>                         const H264ParamSets *ps, void *logctx)
>  {
>      while (get_bits_left(gb) > 16) {
> +        GetBitContext gb_payload;
>          int size = 0;
>          int type = 0;
>          int ret  = 0;
> @@ -374,37 +375,39 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext 
> *gb,
>              return AVERROR_INVALIDDATA;
>          }
>  
> +        ret = init_get_bits8(&gb_payload, gb->buffer + get_bits_count(gb) / 
> 8, size);
> +        if (ret < 0)
> +            return ret;
> +
>          switch (type) {
>          case SEI_TYPE_PIC_TIMING: // Picture timing SEI
> -            ret = decode_picture_timing(&h->picture_timing, gb, ps->sps, 
> logctx);
> +            ret = decode_picture_timing(&h->picture_timing, &gb_payload, 
> ps->sps, logctx);
>              break;
>          case SEI_TYPE_USER_DATA_REGISTERED:
> -            ret = decode_registered_user_data(h, gb, logctx, size);
> +            ret = decode_registered_user_data(h, &gb_payload, logctx, size);
>              break;
>          case SEI_TYPE_USER_DATA_UNREGISTERED:
> -            ret = decode_unregistered_user_data(&h->unregistered, gb, 
> logctx, size);
> +            ret = decode_unregistered_user_data(&h->unregistered, 
> &gb_payload, logctx, size);
>              break;
>          case SEI_TYPE_RECOVERY_POINT:
> -            ret = decode_recovery_point(&h->recovery_point, gb);
> +            ret = decode_recovery_point(&h->recovery_point, &gb_payload);
>              break;
>          case SEI_TYPE_BUFFERING_PERIOD:
> -            ret = decode_buffering_period(&h->buffering_period, gb, ps, 
> logctx);
> +            ret = decode_buffering_period(&h->buffering_period, &gb_payload, 
> ps, logctx);
>              break;
>          case SEI_TYPE_FRAME_PACKING:
> -            ret = decode_frame_packing_arrangement(&h->frame_packing, gb);
> +            ret = decode_frame_packing_arrangement(&h->frame_packing, 
> &gb_payload);
>              break;
>          case SEI_TYPE_DISPLAY_ORIENTATION:
> -            ret = decode_display_orientation(&h->display_orientation, gb);
> +            ret = decode_display_orientation(&h->display_orientation, 
> &gb_payload);
>              break;
>          default:
>              av_log(logctx, AV_LOG_DEBUG, "unknown SEI type %d\n", type);
> -            skip_bits(gb, 8 * size);
>          }
>          if (ret < 0)
>              return ret;
>  
> -        // FIXME check bits here
> -        align_get_bits(gb);
> +        skip_bits(gb, 8 * size);
>      }
>  
>      return 0;
> 

Probably Ok.

lu
_______________________________________________
libav-devel mailing list
libav-devel@libav.org
https://lists.libav.org/mailman/listinfo/libav-devel

Reply via email to