[FFmpeg-devel] MOV: fix crash when 'meta' occurs before first 'trak'

Alex Converse alex.converse
Tue Mar 3 08:40:09 CET 2009 

On Tue, Mar 3, 2009 at 2:26 AM, Baptiste Coudurier
<baptiste.coudurier at gmail.com> wrote:
> Hi Alex,
>
> On 3/2/2009 9:21 PM, Alex Converse wrote:
>> Hi,
>>
>> $subj.
>>
>> An example of such a file is 12_metas.mp4 from the Amd. 24 conformance
>> streams. [1]
>>
>> Regards,
>> Alex Converse
>>
>> [1] http://standards.iso.org/ittf/PubliclyAvailableStandards/c046294_ISO_IEC_14496-4_2004_Amd_24_2008_Conformance_Testing.zip
>>
>>
>> ------------------------------------------------------------------------
>>
>> diff --git a/libavformat/mov.c b/libavformat/mov.c
>> index b34326c..c9d5fdc 100644
>> --- a/libavformat/mov.c
>> +++ b/libavformat/mov.c
>> @@ -21,7 +21,8 @@
>>
>> ?#include <limits.h>
>>
>> -//#define DEBUG
>> +#define DEBUG
>> +#undef NDEBUG
>>
>> ?#include "libavutil/intreadwrite.h"
>> ?#include "libavutil/avstring.h"
>
> Forgotten hunk
>
>> @@ -308,10 +309,12 @@ static int mov_read_dref(MOVContext *c, ByteIOContext *pb, MOVAtom atom)
>>
>> ?static int mov_read_hdlr(MOVContext *c, ByteIOContext *pb, MOVAtom atom)
>> ?{
>> - ? ?AVStream *st = c->fc->streams[c->fc->nb_streams-1];
>> + ? ?AVStream *st = NULL;
>> ? ? ?uint32_t type;
>> ? ? ?uint32_t ctype;
>>
>> + ? ?if (c->fc->nb_streams > 0)
>> + ? ? ? ?st = c->fc->streams[c->fc->nb_streams-1];
>> ? ? ?get_byte(pb); /* version */
>> ? ? ?get_be24(pb); /* flags */
>>
>> @@ -325,6 +328,7 @@ static int mov_read_hdlr(MOVContext *c, ByteIOContext *pb, MOVAtom atom)
>> ? ? ? ? ? ? ?*((char *)&type), ((char *)&type)[1], ((char *)&type)[2], ((char *)&type)[3]);
>> ? ? ?if(!ctype)
>> ? ? ? ? ?c->isom = 1;
>> + ? ?if(st) {
>> ? ? ?if ? ? (type == MKTAG('v','i','d','e'))
>> ? ? ? ? ?st->codec->codec_type = CODEC_TYPE_VIDEO;
>> ? ? ?else if(type == MKTAG('s','o','u','n'))
>> @@ -334,6 +338,7 @@ static int mov_read_hdlr(MOVContext *c, ByteIOContext *pb, MOVAtom atom)
>> ? ? ?else if(type == MKTAG('s','u','b','p')) {
>> ? ? ? ? ?st->codec->codec_type = CODEC_TYPE_SUBTITLE;
>> ? ? ?}
>> + ? ?}
>> ? ? ?get_be32(pb); /* component ?manufacture */
>> ? ? ?get_be32(pb); /* component flags */
>> ? ? ?get_be32(pb); /* component flags mask */
>>
>
> Does
>
> if (c->fc->nb_streams < 1) // meta before first trak
> ? ?return 0;
>
> work ?
>
> like in mov_read_extradata ? If so I prefer this.
>

Yes, that appears to work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mov-meta-before-first-trak.diff
Type: text/x-diff
Size: 615 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090303/b90dfe6f/attachment.diff>

More information about the ffmpeg-devel mailing list