From bbf3cbb1bef1281b07539321460d12b08722879f Mon Sep 17 00:00:00 2001 From: James Zern Date: Mon, 23 Jun 2025 19:05:32 -0700 Subject: [PATCH] VP8BitReaderSetBuffer: move NULL check to call site This is a refinement of 654bfb04 Avoid nullptr arithmetic in VP8BitReaderSetBuffer and removes an unneeded/redundant check in 2 of the 3 calls to this function: * VP8InitBitReader: `start` is guaranteed to be non-NULL * CopyParts0Data: `start` is allocated and checked In `DoRemap()` `last_start` will be NULL before the partitions are parsed. This is the only call that was missing a check. The offsetting of a NULL pointer in `VP8BitReaderSetBuffer` was harmless in this case as the bitreader will not be used meaningfully until there is enough data to begin decoding partition 0. In that case the bitreader will be initialized by `ParsePartitions()` and updated by `DoRemap()` when more data is available. Bug: 393104377 Change-Id: Ib44bc35e00e5129c592d742a2469420cd3d0e858 --- src/dec/idec_dec.c | 10 ++++++++-- src/utils/bit_reader_utils.c | 11 +++++------ 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/dec/idec_dec.c b/src/dec/idec_dec.c index 7c0bb4d1..cf8a33a4 100644 --- a/src/dec/idec_dec.c +++ b/src/dec/idec_dec.c @@ -141,8 +141,14 @@ static void DoRemap(WebPIDecoder* const idec, ptrdiff_t offset) { } { const uint8_t* const last_start = dec->parts[last_part].buf; - VP8BitReaderSetBuffer(&dec->parts[last_part], last_start, - mem->buf + mem->end - last_start); + // 'last_start' will be NULL when 'idec->state' is < STATE_VP8_PARTS0 + // and through a portion of that state (when there isn't enough data to + // parse the partitions). The bitreader is only used meaningfully when + // there is enough data to begin parsing partition 0. + if (last_start != NULL) { + VP8BitReaderSetBuffer(&dec->parts[last_part], last_start, + mem->buf + mem->end - last_start); + } } if (NeedCompressedAlpha(idec)) { ALPHDecoder* const alph_dec = dec->alph_dec; diff --git a/src/utils/bit_reader_utils.c b/src/utils/bit_reader_utils.c index ec9a2341..5e3a8b37 100644 --- a/src/utils/bit_reader_utils.c +++ b/src/utils/bit_reader_utils.c @@ -31,12 +31,11 @@ void VP8BitReaderSetBuffer(VP8BitReader* const br, const uint8_t* const start, size_t size) { - if (start != NULL) { - br->buf = start; - br->buf_end = start + size; - br->buf_max = - (size >= sizeof(lbit_t)) ? start + size - sizeof(lbit_t) + 1 : start; - } + assert(start != NULL); + br->buf = start; + br->buf_end = start + size; + br->buf_max = + (size >= sizeof(lbit_t)) ? start + size - sizeof(lbit_t) + 1 : start; } void VP8InitBitReader(VP8BitReader* const br,