[FFmpeg-devel] [PATCH] oops I broke rdt.c
Ronald S. Bultje
rsbultje
Wed Dec 17 18:24:43 CET 2008
Hi,
On Wed, Dec 17, 2008 at 12:04 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
> this sounds fragile.
> st->id is 2 different things in one file (rmdec.c)
No it isn't (?). In rdt.c, it's one, in rmdec.c, it's the other.
I think you're confused because a subset of the code in rmdec.c can be
called from within rdt.c. However, that is not the code that uses
st->id (just do a quick grep, you'll see that use of the value in
st->id is restricted to sync(), that's also true for
rm->current_stream (which can take the value of st->id). So, st->id in
rmdec.c is only used within sync(), which is and will never be used
for RTSP. sync() syncs on the RM packet header, which preceedes the RM
packet data. In RDT, a RDT/RTSP packet header preceedes the RM packet
data instead, there is no RM packet header.
For RM streams, st->id is the RM packet header ID of each stream.
For RDT/RTSP streams, st->id is the index of the stream within the set
of identical content streams.
The two are exclusive, they both precede RM packet data parsing, but
for different kind of streams that both happen to encapsulate RM
packet data.
Again, I don't mind getting rid of st->id, but I want to make it clear
that this part of the code is theoretically and practically not
exploitable. If you want I can take the shared code out of rmdec.c
into a new file so that a grep for st->id in that new file is
negative, but that seems kind of overkill to me.
(I guess I'll just remove use of st->id in rdt.c to make you happy. :-).)
Ronald
More information about the ffmpeg-devel
mailing list