Missing bounds-checks for VUI Bitstream Restriction Syntax Elements

[wrv]

The VUI bitstream restriction syntax elements are not bounds checked: https://github.com/dholroyd/h264-reader/blob/master/src/nal/sps.rs#L803-L812

Expected bounds, according to Annex E.2.1 of the spec:

• max_bytes_per_pic_denom: [0, 16]
• max_bits_per_mb_denom: [0, 16]
• log2_max_mv_length_horizontal: [0, 15]
• log2_max_mv_length_vertical: [0, 15]
• max_num_reorder_frames: [0, max_dec_frame_buffering]
• max_dec_frame_buffering: [max_num_reorder_frames, MaxDpbFrames] where MaxDpbFrames is set by the Level

[dholroyd]

log2_max_mv_length_horizontal: [0, 15] log2_max_mv_length_vertical: [0, 15]

This is indeed what more recent versions of the standard specify, e.g. from 2017,

Looks like this changed at some point though. Bitstreams I've tested with use the value 16, and going back to a 2003 copy of the spec, it says 16,

I don't know when this changed.

It seems that to avoid rejecting real files, these checks should allow 16.

(Discussion of the same confusion on ffmpeg-devel.)

[wrv]

Woah! Thanks for sharing this insight!

Are you familiar with any other syntax elements that have become more restrictive across spec versions?

[dholroyd]

I am not aware of other examples; but I would not have investigated if data already used in some tests hadn't been rejected by the new checks.