[Ffmpeg-devel] Maybe (?), robustness patch
Michael Niedermayer
michaelni
Sun Jan 22 22:42:03 CET 2006
Hi
On Sun, Jan 22, 2006 at 05:31:16PM +0000, Mean wrote:
> Hi,
> While trying to create a correct avcC atom with lavformat/x264, i've
> made some (interestingly ?) broken mp4 files.
> One of them makes lavcodec crash hard, which is bad and uncommon.
>
> The problem is that in that case bit_length ends up being equal to
> -1, hence the crash a bit later
> I'm not sure it is a fix of great interest since such broken files
> should not exist at all, but anyway.
>
> The trivial check that avoids the hard crash is below
>
> One such funny file is available here
>
> http://fixounet.free.fr/avidemux/win32/broken_h264_makes_lavcodec_crash.mp4
> No image, but no crash either.
>
> Thanks.
>
>
>
> Index: h264.c
> ===================================================================
> --- h264.c (revision 1724)
> +++ h264.c (working copy)
> @@ -7458,7 +7458,13 @@
> ptr= decode_nal(h, buf + buf_index, &dst_length, &consumed,
> h->is_avc ? nalsize : buf_size - buf_index);
> if(ptr[dst_length - 1] == 0) dst_length--;
> bit_length= 8*dst_length - decode_rbsp_trailing(ptr +
> dst_length - 1);
> -
> + /* MEANX */
> + if(bit_length<=0)
> + {
> + av_log(h->s.avctx, AV_LOG_ERROR, "h264: bit length
> computing error, broken stream ? \n");
> + return -1;
> + }
> + /* /MEANX */
can you submit patches without addng your name to every chunk? just imagine
how ffmpegs source would look like if everyone did this ...
bit_length<0 also needs dst_length=0 and that already seems wrong ...
[...]
--
Michael
More information about the ffmpeg-devel
mailing list