From f1b2cfa03e5ea91046694a02f67e83263d1887fc Mon Sep 17 00:00:00 2001 From: James Zern Date: Mon, 24 Aug 2015 19:54:08 -0700 Subject: [PATCH 1/4] Chapters::*::Parse: replace pos asserts w/checks replace the common patterns assert(pos <= stop) / assert(pos == stop) with error checks BUG=23431751 Change-Id: I3425f6083456b5ab4f40497e3a192569b494dfa9 --- mkvparser.cpp | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/mkvparser.cpp b/mkvparser.cpp index 60a52bd..632dfc8 100644 --- a/mkvparser.cpp +++ b/mkvparser.cpp @@ -3223,10 +3223,12 @@ long Chapters::Parse() { } pos += size; - assert(pos <= stop); + if (pos > stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); + if (pos != stop) + return E_FILE_FORMAT_INVALID; return 0; } @@ -3337,10 +3339,12 @@ long Chapters::Edition::Parse(IMkvReader* pReader, long long pos, } pos += size; - assert(pos <= stop); + if (pos > stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); + if (pos != stop) + return E_FILE_FORMAT_INVALID; return 0; } @@ -3495,10 +3499,12 @@ long Chapters::Atom::Parse(IMkvReader* pReader, long long pos, long long size) { } pos += size; - assert(pos <= stop); + if (pos > stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); + if (pos != stop) + return E_FILE_FORMAT_INVALID; return 0; } @@ -3629,10 +3635,12 @@ long Chapters::Display::Parse(IMkvReader* pReader, long long pos, } pos += size; - assert(pos <= stop); + if (pos > stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); + if (pos != stop) + return E_FILE_FORMAT_INVALID; return 0; } From 2857b2350c822135d537adcca6da86fb05939219 Mon Sep 17 00:00:00 2001 From: James Zern Date: Mon, 24 Aug 2015 19:56:45 -0700 Subject: [PATCH 2/4] Tags::*::Parse: replace pos asserts w/checks replace the common patterns assert(pos <= stop) / assert(pos == stop) with error checks + harmonize error return -1 -> E_FILE_FORMAT_INVALID BUG=23431751 Change-Id: Icfc582e414a7d02ae0675ef14c047922c4a12036 --- mkvparser.cpp | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/mkvparser.cpp b/mkvparser.cpp index 632dfc8..fb1f2ab 100644 --- a/mkvparser.cpp +++ b/mkvparser.cpp @@ -3688,14 +3688,12 @@ long Tags::Parse() { } pos += size; - assert(pos <= stop); if (pos > stop) - return -1; + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); if (pos != stop) - return -1; + return E_FILE_FORMAT_INVALID; return 0; } @@ -3806,14 +3804,12 @@ long Tags::Tag::Parse(IMkvReader* pReader, long long pos, long long size) { } pos += size; - assert(pos <= stop); if (pos > stop) - return -1; + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); if (pos != stop) - return -1; + return E_FILE_FORMAT_INVALID; return 0; } @@ -3904,14 +3900,12 @@ long Tags::SimpleTag::Parse(IMkvReader* pReader, long long pos, } pos += size; - assert(pos <= stop); if (pos > stop) - return -1; + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); if (pos != stop) - return -1; + return E_FILE_FORMAT_INVALID; return 0; } @@ -5363,10 +5357,12 @@ long Tracks::Parse() { } pos = payload_stop; - assert(pos <= stop); + if (pos > stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == stop); + if (pos != stop) + return E_FILE_FORMAT_INVALID; return 0; // success } From b366a980531f6fe93211e31e7295143ce6e50720 Mon Sep 17 00:00:00 2001 From: James Zern Date: Mon, 24 Aug 2015 19:57:54 -0700 Subject: [PATCH 3/4] Cluster::ParseBlockGroup: replace pos asserts w/checks replace the common patterns assert(pos <= stop) / assert(pos == stop) with error checks + harmonize error return -1 -> E_FILE_FORMAT_INVALID BUG=23431751 Change-Id: I799d54df62d93388b52ac325b836ab28e0860992 --- mkvparser.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mkvparser.cpp b/mkvparser.cpp index fb1f2ab..9e04b0f 100644 --- a/mkvparser.cpp +++ b/mkvparser.cpp @@ -6378,10 +6378,12 @@ long Cluster::ParseBlockGroup(long long payload_size, long long& pos, } pos = block_stop; // consume block-part of block group - assert(pos <= payload_stop); + if (pos > payload_stop) + return E_FILE_FORMAT_INVALID; } - assert(pos == payload_stop); + if (pos != payload_stop) + return E_FILE_FORMAT_INVALID; status = CreateBlock(0x20, // BlockGroup ID payload_start, payload_size, discard_padding); From 06b4337ed8001200cde9755674f8cd5fee22cda7 Mon Sep 17 00:00:00 2001 From: James Zern Date: Mon, 24 Aug 2015 19:58:31 -0700 Subject: [PATCH 4/4] Block::Parse: replace pos asserts w/checks replace the common patterns assert(pos <= stop) / assert(pos == stop) with error checks BUG=23431751 Change-Id: Ia1265a639086c790a2ed542f34c2f438c153b036 --- mkvparser.cpp | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/mkvparser.cpp b/mkvparser.cpp index 9e04b0f..c0e2838 100644 --- a/mkvparser.cpp +++ b/mkvparser.cpp @@ -7362,7 +7362,6 @@ long Block::Parse(const Cluster* pCluster) { return E_FILE_FORMAT_INVALID; ++pos; // consume frame count - assert(pos <= stop); if (pos > stop) return E_FILE_FORMAT_INVALID; @@ -7420,8 +7419,6 @@ long Block::Parse(const Cluster* pCluster) { --frame_count; } - assert(pf < pf_end); - assert(pos <= stop); if (pf >= pf_end || pos > stop) return E_FILE_FORMAT_INVALID; @@ -7566,7 +7563,6 @@ long Block::Parse(const Cluster* pCluster) { return E_FILE_FORMAT_INVALID; pos += len; // consume length of (delta) size - assert(pos <= stop); if (pos > stop) return E_FILE_FORMAT_INVALID; @@ -7590,20 +7586,18 @@ long Block::Parse(const Cluster* pCluster) { // parse last frame if (frame_count > 0) { - assert(pos <= stop); - assert(pf < pf_end); + if (pos > stop || pf >= pf_end) + return E_FILE_FORMAT_INVALID; const Frame& prev = *pf++; assert(prev.len == frame_size); if (prev.len != frame_size) return E_FILE_FORMAT_INVALID; - assert(pf < pf_end); if (pf >= pf_end) return E_FILE_FORMAT_INVALID; Frame& curr = *pf++; - assert(pf == pf_end); if (pf != pf_end) return E_FILE_FORMAT_INVALID;