[FFmpeg-devel] [PATCH] add av_shrink_packet

Baptiste Coudurier baptiste.coudurier
Wed Apr 8 19:49:55 CEST 2009

On 4/8/2009 2:29 AM, Reimar D?ffinger wrote:
> On Tue, Apr 07, 2009 at 06:02:39PM -0700, Baptiste Coudurier wrote:
>> On 4/7/2009 5:49 PM, Michael Niedermayer wrote:
>>> and decoders have to deal with nonsense input anyway, throwing such
>>> away at demuxer level doesnt feel correct to me
>> Well, I tend to agree but this is only good if someone actually fixes
>> crashes in decoder...
> [...]
>>> maybe we could set some flag in AVPacket to indicate that a packet is
>>> possibly damaged, iam not sure if this would be of any use, but a user
>>> application could at least drop such packets if its author thinks its
>>> better though i dont really think it is ...
>> Well when you know that decoder is not error proof regarding partial
>> packets, it certainly is IMHO.
> IMO that is not a valid argument, because such a decoder is a major
> security issue and needs to be fixed ASAP.

It is a perfectly valid argument.

You just cannot predict bugs and considering complexity of some codecs
you may just don't exactly know if there are bugs in the code, you don't
know about weird cases.

It would be _safer_ in any case to discard these packets.

A quick look at roundup will show you that ALAC has or had problems (and
the question to discard partial packets was considered) and I suspect
H.264 decoder has problems as well, considering how many crash are reported.

Now if you think these decoders should be disabled, well disable ALAC
and H.264, and ask users to send patches ;)


Baptiste COUDURIER                              GnuPG Key Id: 0x5C1ABAAA
Key fingerprint                 8D77134D20CC9220201FC5DB0AC9325C5C1ABAAA
checking for life_signs in -lkenny... no
FFmpeg maintainer                                  http://www.ffmpeg.org

More information about the ffmpeg-devel mailing list