[Ffmpeg-devel] [PATCH] Fix segfault in bmp decoder

Michel Bardiaux mbardiaux
Wed Jan 31 12:28:39 CET 2007


Michael Niedermayer wrote:
> Hi
> 
> On Mon, Jan 29, 2007 at 01:36:40PM +0100, Michel Bardiaux wrote:
> [...]
>>>
>>>> Note: it is quite likely this patch actually hides a bug in 
>>>> avcodec_default_get_buffer that causes it to fail without returning
>>>> failure status. I am looking into that.
>>> yes i agree that avcodec_default_get_buffer is likly buggy
>> The problem there seems to be simply that assert() is ignored:
>>
>>     assert(INTERNAL_BUFFER_SIZE > s->internal_buffer_count);
>>
>> Is it OK to change that to av_log plus return(-1)?
> 
> ok

Patch sent, in another thread ("Activate guards...")

> 
> 
>>> to but either way the buffers must be released ... there also needs
>>> to be a release_buffer() in "decode_end" which is also missing in
>>> bmp.c
>> Isnt that true of *every* codec? But I see png.c pnm.c having no
> 
> every codec should release its buffers, its just 1 or 2 lines of code for
> each and it causes problems for user applications (xine at least ...)

How about a warning in avcodec_close if the ->close method is NULL?

> 
> 
>> decode_end. Should I add it there too? And would 8bps.c be a good example?
> 
> i think so
> 
> 
>> Anyway, I would rather schedule this after all the things I already have 
>> going: the change of the bmp decoder to bytestream, and the bmp encoder, 
>> and the FACT chunk, and the MSGSM codec.
> 
> sure sure, do things in whichever order you prefer

Changed my mind, will do these finalisers first since I am now more 
'warmed up' about image codes than about RIFF files.


-- 
Michel Bardiaux
R&D Director
T +32 [0] 2 790 29 41
F +32 [0] 2 790 29 02
E mailto:mbardiaux at mediaxim.be

Mediaxim NV/SA
Vorstlaan 191 Boulevard du Souverain
Brussel 1160 Bruxelles
http://www.mediaxim.com/




More information about the ffmpeg-devel mailing list