[FFmpeg-devel] [PATCH] Fix segfault when opening empty file
Vitor Sessak
vitor1001
Sat Oct 17 22:22:30 CEST 2009
Michael Niedermayer wrote:
> On Sat, Oct 17, 2009 at 01:55:14AM +0200, Vitor Sessak wrote:
>> $subj, to reproduce
>>
>> $ touch /tmp/file
>> $ ffmpeg -i /tmp/file
>>
>> -Vitor
>
>> utils.c | 6 ++++++
>> 1 file changed, 6 insertions(+)
>> a0e169553dcd39a60c329e8b67342afe6cee9e8b empty_file_crash.diff
>> Index: libavformat/utils.c
>> ===================================================================
>> --- libavformat/utils.c (revision 20260)
>> +++ libavformat/utils.c (working copy)
>> @@ -469,6 +469,12 @@
>> /* read probe data */
>> pd->buf= av_realloc(pd->buf, probe_size + AVPROBE_PADDING_SIZE);
>> pd->buf_size = get_buffer(pb, pd->buf, probe_size);
>> +
>> + if (pd->buf_size < 0) {
>> + err = pd->buf_size;
>> + goto fail;
>> + }
>
> if its done like that, then AVProbeData.buf_size needs a comment making it
> clear that buf_size must stay signed, or some "size signedness cleanup"
> would break this
Good point. Attached is slightly more ugly but more robust.
-Vitor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: empty_file_crash2.diff
Type: text/x-diff
Size: 917 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20091017/87eb8963/attachment.diff>
More information about the ffmpeg-devel
mailing list