[vlc-devel] [PATCH] packetizer/h264: fix 17585: prevent overflow leading to crash

[Francois Cartegnie]

Le 04/11/2016 à 11:24, Filip Roséen a écrit :

>> That fix in incorrect and allows overflows, thus not detecting broken
>> SPS, which would be passed to decoder.
> 
> If you do not mind me asking;
> 
>  - where does the patch allow for an overflow to occur?

or not, that was a different issue in vlc_bits read_ue.

>> Also keeps bloating structs without reason. No id will ever require more
>> than 1 byte.
> 
> Yes, one could have split up the read and assignment to the structure,
> but I was looking for the least intrusive change (that would still
> allow for correct behavior) while also honoring the specification in
> terms of how things are structured.

Anyway, the fix was already done, just not pushed.

Francois