[FFmpeg-devel] [PATCH] Fix ALAC crashes

Justin Ruggles justin.ruggles
Fri Oct 8 00:17:25 CEST 2010


Hi,

Jason Garrett-Glaser wrote:

> For some bizarre reason, ALAC initializes from extradata in the decode
> loop instead of init loop.  I don't know why, and I don't want to
> change it without clearance from someone who knows why it was done
> this way.

I don't see any reason why that was put in alac_decode_frame().  I'd say
move it to init and test a few files.  There is no specified maintainer
for alacdec.c.  I tried to find the discussion prior to it being
committed in March 2005, but the ffmpeg-devel archive only goes back to
April 2005.

> But because of this, if ALAC extradata is corrupt, the ALAC decoder
> will return success but not set the sample format, causing a crash
> (divide by zero) in ffmpeg.c because "bps" is zero.
> 
> This patch fixes this by returning failure.  However, it doesn't make
> decoding terminate like it should; instead, ffmpeg still tries to
> decode the whole stream and spams a massive sequence of errors:
> 
> Error while decoding stream #0.0mes
> Error while decoding stream #0.0mes
> Error while decoding stream #0.0mes
> Error while decoding stream #0.0mes
>     Last message repeated 455 times
> 
> So this should be fixed separately, IMO.
> 
> On a vaguely related note, this problem is caused by this CAF file (
> http://www.mediafire.com/?ieepkh09s1q5ven ), which demonstrates that
> the CAF demuxer isn't demuxing the extradata for ALAC correctly.

Could you create a bug report for this sample?

-Justin



More information about the ffmpeg-devel mailing list