[1/6] webp: Treat data_size greater than INT_MAX as invalid

Message ID 1450355291-21591-1-git-send-email-diego@biurrun.de
State New
Headers show

Commit Message

Diego Biurrun Dec. 17, 2015, 12:28 p.m.
---
 libavcodec/webp.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

Comments

Luca Barbato Dec. 17, 2015, 2:37 p.m. | #1
On 17/12/15 13:28, Diego Biurrun wrote:
> ---
>  libavcodec/webp.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/libavcodec/webp.c b/libavcodec/webp.c
> index c475744..7826cab 100644
> --- a/libavcodec/webp.c
> +++ b/libavcodec/webp.c
> @@ -1309,10 +1309,8 @@ static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p,
>      }
>      s->lossless = 0;
>  
> -    if (data_size > INT_MAX) {
> -        av_log(avctx, AV_LOG_ERROR, "unsupported chunk size\n");
> -        return AVERROR_PATCHWELCOME;
> -    }
> +    if (data_size > INT_MAX)
> +        return AVERROR_INVALIDDATA;
>  
>      av_init_packet(&pkt);
>      pkt.data = data_start;
> 

Is it confirmed as not supported by the format?
Anton Khirnov Dec. 18, 2015, 1:42 p.m. | #2
Quoting Diego Biurrun (2015-12-17 13:28:06)
> ---
>  libavcodec/webp.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/libavcodec/webp.c b/libavcodec/webp.c
> index c475744..7826cab 100644
> --- a/libavcodec/webp.c
> +++ b/libavcodec/webp.c
> @@ -1309,10 +1309,8 @@ static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p,
>      }
>      s->lossless = 0;
>  
> -    if (data_size > INT_MAX) {
> -        av_log(avctx, AV_LOG_ERROR, "unsupported chunk size\n");
> -        return AVERROR_PATCHWELCOME;
> -    }
> +    if (data_size > INT_MAX)
> +        return AVERROR_INVALIDDATA;
>  

Does this actually fix anything? One can successfully argue for either
of those being "correct" (for some value of correct). And dropping error
messages is not nice, since they allow you to quickly identify the line
where it fails.

Patch

diff --git a/libavcodec/webp.c b/libavcodec/webp.c
index c475744..7826cab 100644
--- a/libavcodec/webp.c
+++ b/libavcodec/webp.c
@@ -1309,10 +1309,8 @@  static int vp8_lossy_decode_frame(AVCodecContext *avctx, AVFrame *p,
     }
     s->lossless = 0;
 
-    if (data_size > INT_MAX) {
-        av_log(avctx, AV_LOG_ERROR, "unsupported chunk size\n");
-        return AVERROR_PATCHWELCOME;
-    }
+    if (data_size > INT_MAX)
+        return AVERROR_INVALIDDATA;
 
     av_init_packet(&pkt);
     pkt.data = data_start;