[vlc-commits] hxxx_nal: remove useless optim
Thomas Guillem
git at videolan.org
Thu Jun 4 14:23:11 CEST 2020
vlc | branch: master | Thomas Guillem <thomas at gllm.fr> | Wed May 27 13:02:08 2020 +0200| [56822f03d7a498bb22257d6075723c0e1c7f91fe] | committer: Hugo Beauzée-Luyssen
hxxx_nal: remove useless optim
This special case is now useless since p_source is always copied to p_dest,
right after in the memmove loop.
Furthermore, this caused an invalid payload size when the buffer was actually
reallocated since the payload calculation was comparing two different buffers
offset.
CVE-2020-13428
Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=56822f03d7a498bb22257d6075723c0e1c7f91fe
---
modules/packetizer/hxxx_nal.c | 15 ---------------
1 file changed, 15 deletions(-)
diff --git a/modules/packetizer/hxxx_nal.c b/modules/packetizer/hxxx_nal.c
index 73450606e3..6bdfd5a2a5 100644
--- a/modules/packetizer/hxxx_nal.c
+++ b/modules/packetizer/hxxx_nal.c
@@ -122,20 +122,6 @@ block_t *hxxx_AnnexB_to_xVC( block_t *p_block, uint8_t i_nal_length_size )
if( p_list[i_nalcount - 1].move != 0 || i_nal_length_size != 4 ) /* We'll need to grow or shrink */
{
- /* If we grow in size, try using realloc to avoid memcpy */
- if( p_list[i_nalcount - 1].move > 0 && block_WillRealloc( p_block, 0, i_dest ) )
- {
- uint32_t i_sizebackup = p_block->i_buffer;
- block_t *p_newblock = block_Realloc( p_block, 0, i_dest );
- if( unlikely(!p_newblock) )
- goto error;
-
- p_block = p_newblock;
- p_sourceend = &p_block->p_buffer[i_sizebackup];
- p_source = p_dest = p_block->p_buffer;
- }
- else
- {
block_t *p_newblock = block_Alloc( i_dest );
if( unlikely(!p_newblock) )
goto error;
@@ -146,7 +132,6 @@ block_t *hxxx_AnnexB_to_xVC( block_t *p_block, uint8_t i_nal_length_size )
p_block = p_newblock;
p_dest = p_newblock->p_buffer;
- }
}
else
{
More information about the vlc-commits
mailing list