[vlc-devel] [vlc-commits] demux: av1_unpack: fix leb128 width estimation

Francois Cartegnie fcvlcdev at free.fr
Fri Oct 12 09:26:44 CEST 2018


Le 12/10/2018 à 08:29, Steve Lhomme a écrit :

>> diff --git a/modules/demux/av1_unpack.h b/modules/demux/av1_unpack.h
>> index 683c53423d..af7f056abf 100644
>> --- a/modules/demux/av1_unpack.h
>> +++ b/modules/demux/av1_unpack.h
>> @@ -26,10 +26,10 @@
>>     static inline uint8_t leb128_expected(uint32_t v)
> 
> Shouldn't this be at least 64 bits ?

We're not supposed to write numbers > 32bits.

>>   {
>> -    if     (v < (1U << 8))  return 1;
>> -    else if(v < (1U << 15)) return 2;
>> -    else if(v < (1U << 22)) return 3;
>> -    else if(v < (1U << 29)) return 4;
>> +    if     (v < (1U << 7))  return 1;
>> +    else if(v < (1U << 14)) return 2;
>> +    else if(v < (1U << 21)) return 3;
>> +    else if(v < (1U << 28)) return 4;
> 
> And test all the way to the amount of bits we have. Malformed files will
> exist (also, fuzzer).

That's writer, not reader.
It only depends on leading zeroes and we never provide > 32bits.


-- 
Francois Cartegnie
VideoLAN - VLC Developer


More information about the vlc-devel mailing list