On 14/09/2021 14:11, joevt wrote:
Please always add a commit log here, even if it is just a copy of the subject.
No need to do anything, I'll take care of it this time.
Regards,
Hans
> Signed-off-by: Joe van Tunen <joevt@xxxxxxx>
> ---
> parse-vtb-ext-block.cpp | 13 ++++++++++---
> 1 file changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/parse-vtb-ext-block.cpp b/parse-vtb-ext-block.cpp
> index 05d54f4..edfe887 100644
> --- a/parse-vtb-ext-block.cpp
> +++ b/parse-vtb-ext-block.cpp
> @@ -17,16 +17,21 @@ void edid_state::parse_vtb_ext_block(const unsigned char *x)
> unsigned num_cvt = x[3];
> unsigned num_st = x[4];
>
> + const unsigned char *y = x + 0x7f;
> x += 5;
> if (num_dtd) {
> printf(" Detailed Timing Descriptors:\n");
> - for (unsigned i = 0; i < num_dtd; i++, x += 18)
> + for (unsigned i = 0; i < num_dtd; i++, x += 18) {
> + if (x + 18 > y) { fail("Not enough bytes remain for more DTBs in the VTB-EXT\n"); return; }
> detailed_timings(" ", x, false);
> + }
> }
> if (num_cvt) {
> printf(" Coordinated Video Timings:\n");
> - for (unsigned i = 0; i < num_cvt; i++, x += 3)
> + for (unsigned i = 0; i < num_cvt; i++, x += 3) {
> + if (x + 3 > y) { fail("Not enough bytes remain for more CVTs in the VTB-EXT\n"); return; }
> detailed_cvt_descriptor(" ", x, false);
> + }
> }
> if (num_st) {
> // Note: the VTB-EXT standard has a mistake in the example EDID
> @@ -36,7 +41,9 @@ void edid_state::parse_vtb_ext_block(const unsigned char *x)
> //
> // The documentation itself is correct, though.
> printf(" Standard Timings:\n");
> - for (unsigned i = 0; i < num_st; i++, x += 2)
> + for (unsigned i = 0; i < num_st; i++, x += 2) {
> + if (x + 2 > y) { fail("Not enough bytes remain for more STs in the VTB-EXT\n"); return; }
> print_standard_timing(" ", x[0], x[1], true);
> + }
> }
> }
>
