[FFmpeg-devel] [PATCH] prevent segfault when parsing corrupt DV
Dan Dennedy
dan
Sun Jan 4 21:57:24 CET 2009
I have a sample capture.dv file that is ~18MB if needed, but it is an
obvious problem. dv_demux->sys is often assigned when
dv_produce_packet gets called just below the code in the patch below.
If the stream is very corrupt, it may be set NULL in
dv_produce_packets and then used here.
Index: libavformat/dv.c
===================================================================
--- libavformat/dv.c (revision 16313)
+++ libavformat/dv.c (working copy)
@@ -430,6 +430,8 @@
size = dv_get_packet(c->dv_demux, pkt);
if (size < 0) {
+ if (!c->dv_demux->sys)
+ return AVERROR(EIO);
size = c->dv_demux->sys->frame_size;
if (get_buffer(s->pb, c->buf, size) <= 0)
return AVERROR(EIO);
More information about the ffmpeg-devel
mailing list