From 9a2e79116d6235c53d8e9663a8d30d1950d7431a Mon Sep 17 00:00:00 2001 From: Janne Grunau Date: Fri, 30 Nov 2012 15:00:47 +0100 Subject: golomb: use unsigned arithmetics in svq3_get_ue_golomb() This prevents undefined behaviour of signed left shift if the coded value is larger than 2^31. Large values are most likely invalid and caused errors or by feeding random. Validate every use of svq3_get_ue_golomb() and changed the place there the return value was compared with negative numbers. dirac.c was clean, fixed rv30 and svq3. --- libavcodec/golomb.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'libavcodec/golomb.h') diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h index 6f95a67cff..564ba4e773 100644 --- a/libavcodec/golomb.h +++ b/libavcodec/golomb.h @@ -107,7 +107,8 @@ static inline int get_ue_golomb_31(GetBitContext *gb){ return ff_ue_golomb_vlc_code[buf]; } -static inline int svq3_get_ue_golomb(GetBitContext *gb){ +static inline unsigned svq3_get_ue_golomb(GetBitContext *gb) +{ uint32_t buf; OPEN_READER(re, gb); @@ -121,7 +122,7 @@ static inline int svq3_get_ue_golomb(GetBitContext *gb){ return ff_interleaved_ue_golomb_vlc_code[buf]; }else{ - int ret = 1; + unsigned ret = 1; do { buf >>= 32 - 8; -- cgit v1.2.3