[vlc-devel] [PATCH] packetizer/h264: fix 17585: prevent overflow leading to crash

Francois Cartegnie fcvlcdev at free.fr
Fri Nov 4 11:46:24 CET 2016

Le 04/11/2016 à 11:24, Filip Roséen a écrit :

>> That fix in incorrect and allows overflows, thus not detecting broken
>> SPS, which would be passed to decoder.
> If you do not mind me asking;
>  - where does the patch allow for an overflow to occur?

or not, that was a different issue in vlc_bits read_ue.

>> Also keeps bloating structs without reason. No id will ever require more
>> than 1 byte.
> Yes, one could have split up the read and assignment to the structure,
> but I was looking for the least intrusive change (that would still
> allow for correct behavior) while also honoring the specification in
> terms of how things are structured.

Anyway, the fix was already done, just not pushed.


More information about the vlc-devel mailing list