Re: [FFmpeg-devel] [PATCH] huffyuvdec: validate image size
On Sun, Jun 28, 2015 at 11:23:12AM +0200, Andreas Cadhalpun wrote:
On 27.06.2015 22:40, Michael Niedermayer wrote:
On Sat, Jun 27, 2015 at 07:42:48PM +0200, Andreas Cadhalpun wrote:
Signed-off-by: Andreas Cadhalpun andreas.cadhal...@googlemail.com
---
libavcodec/huffyuvdec.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c
index 98c6128..71fb9e3 100644
--- a/libavcodec/huffyuvdec.c
+++ b/libavcodec/huffyuvdec.c
@@ -291,6 +291,12 @@ static av_cold int decode_init(AVCodecContext *avctx)
HYuvContext *s = avctx-priv_data;
int ret;
+if (avctx-width = 0 || avctx-height = 0) {
LGTM
alternatively av_image_check_size() could be used but this should
be equally fine
On 27.06.2015 22:40, Luca Barbato wrote:
There is a function to validate the dimensions. That isn't enough, I
think I sent a patch recently that does that for another codec.
OK, new patch using av_image_check_size attached.
Best regards,
Andreas
huffyuvdec.c |5 +
1 file changed, 5 insertions(+)
bc13fbe9569565b84fde3c4757c64f3f391a4f9b
0001-huffyuvdec-validate-image-size.patch
From b840a905bebfb6549c1de689911dd740746627fa Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun andreas.cadhal...@googlemail.com
Date: Sun, 28 Jun 2015 11:21:54 +0200
Subject: [PATCH] huffyuvdec: validate image size
Signed-off-by: Andreas Cadhalpun andreas.cadhal...@googlemail.com
LGTM
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Avoid a single point of failure, be that a person or equipment.
signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] huffyuvdec: validate image size
On 28.06.2015 14:17, Michael Niedermayer wrote: On Sun, Jun 28, 2015 at 11:23:12AM +0200, Andreas Cadhalpun wrote: huffyuvdec.c |5 + 1 file changed, 5 insertions(+) bc13fbe9569565b84fde3c4757c64f3f391a4f9b 0001-huffyuvdec-validate-image-size.patch From b840a905bebfb6549c1de689911dd740746627fa Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun andreas.cadhal...@googlemail.com Date: Sun, 28 Jun 2015 11:21:54 +0200 Subject: [PATCH] huffyuvdec: validate image size Signed-off-by: Andreas Cadhalpun andreas.cadhal...@googlemail.com LGTM thx Pushed. Best regards, Andreas ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH] huffyuvdec: validate image size
Signed-off-by: Andreas Cadhalpun andreas.cadhal...@googlemail.com
---
libavcodec/huffyuvdec.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c
index 98c6128..71fb9e3 100644
--- a/libavcodec/huffyuvdec.c
+++ b/libavcodec/huffyuvdec.c
@@ -291,6 +291,12 @@ static av_cold int decode_init(AVCodecContext *avctx)
HYuvContext *s = avctx-priv_data;
int ret;
+if (avctx-width = 0 || avctx-height = 0) {
+av_log(avctx, AV_LOG_ERROR, invalid image size %dx%d\n,
+ avctx-width, avctx-height);
+return AVERROR_INVALIDDATA;
+}
+
ff_huffyuvdsp_init(s-hdsp);
memset(s-vlc, 0, 4 * sizeof(VLC));
--
2.1.4
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH] huffyuvdec: validate image size
On Sat, Jun 27, 2015 at 07:42:48PM +0200, Andreas Cadhalpun wrote:
Signed-off-by: Andreas Cadhalpun andreas.cadhal...@googlemail.com
---
libavcodec/huffyuvdec.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavcodec/huffyuvdec.c b/libavcodec/huffyuvdec.c
index 98c6128..71fb9e3 100644
--- a/libavcodec/huffyuvdec.c
+++ b/libavcodec/huffyuvdec.c
@@ -291,6 +291,12 @@ static av_cold int decode_init(AVCodecContext *avctx)
HYuvContext *s = avctx-priv_data;
int ret;
+if (avctx-width = 0 || avctx-height = 0) {
LGTM
alternatively av_image_check_size() could be used but this should
be equally fine
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
What does censorship reveal? It reveals fear. -- Julian Assange
signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
