aboutsummaryrefslogtreecommitdiffstats
path: root/tests/ref/fate/adpcm-ima-dk3
diff options
context:
space:
mode:
authorAndreas Rheinhardt <andreas.rheinhardt@gmail.com>2021-03-25 14:17:10 +0100
committerAndreas Rheinhardt <andreas.rheinhardt@outlook.com>2021-03-30 12:36:32 +0200
commite7cbbd90267de2a0ad1b5fa8ccb29ab7bf8a26b8 (patch)
treeaa9e350777f45950c69ad6aa1a01cd7a0d572312 /tests/ref/fate/adpcm-ima-dk3
parentc81b8e04aa0952a7aec1e08940f29ae501fb6bfd (diff)
downloadffmpeg-e7cbbd90267de2a0ad1b5fa8ccb29ab7bf8a26b8.tar.gz
avcodec/put_bits: Don't set size_in_bits, fix overflow
A PutBitContext has a field called size_in_bits which is set to the context's bitsize init_put_bits(); but it isn't used at all (the PutBits API uses pointers directly and not bit indexes), so remove it (due to ABI concerns the actual element is only removed at the next bump). Furthermore, the multiplication inherent in setting this field can lead to undefined integer overflows. This is particularly true for FFV1, which uses a very big worst-case buffer (37*4*width*height; even ordinary 1080p triggers an overflow). Ticket #8350 is about this overflow which this commit fixes. This means that the effective range of the PutBits API is no longer restricted by the /8 as long as one isn't using put_bits_(count|left). Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Diffstat (limited to 'tests/ref/fate/adpcm-ima-dk3')
0 files changed, 0 insertions, 0 deletions