[FFmpeg-devel] [Patch] fix ffprobe crash #3603

Michael Niedermayer michaelni at gmx.at
Fri May 9 02:45:41 CEST 2014 

On Thu, May 08, 2014 at 12:41:18PM +0530, anshul wrote:
> On 05/07/2014 05:01 PM, anshul wrote:
> >On 05/07/2014 01:31 PM, Clément Boesch wrote:
> >>On Wed, May 07, 2014 at 01:28:40PM +0530, anshul wrote:
> >>>On 05/07/2014 12:48 PM, anshul wrote:
> >>>>On 05/07/2014 11:56 AM, anshul wrote:
> >>>>>ffprobe crashes since number of stream increased in the attched video
> >>>>>at #3603 from 3 to 6 which were not taken in account in commit
> >>>>>29b9aee4.
> >>>>>
> >>>>>so this line need extra guard
> >>>>>nb_streams_frames[pkt.stream_index]++;
> >>>>>
> >>>>>Thanks
> >>>>>Anshul
> >>>>Ignore this patch it have lot of flaws, will send another soon
> >>>>-Anshul
> >>>I have attached new patch for same problem
> >>>
> >>>-Anshul
> >>> From 08eaf8857ffab170baa5079ade50c5d2dafb4b1c Mon Sep 17 00:00:00 2001
> >>>From: Anshul Maheshwari<er.anshul.maheshwari at gmail.com>
> >>>Date: Wed, 7 May 2014 13:27:43 +0530
> >>>Subject: [PATCH] Fix #3603 crashes in ffprobe
> >>>
> >>mark the fix in the description, and describe the fix in the title
> >>
> >>>---
> >>>  ffprobe.c | 15 +++++++++++++--
> >>>  1 file changed, 13 insertions(+), 2 deletions(-)
> >>>
> >>>diff --git a/ffprobe.c b/ffprobe.c
> >>>index c6e0469..11a946c 100644
> >>>--- a/ffprobe.c
> >>>+++ b/ffprobe.c
> >>>@@ -191,6 +191,7 @@ static const char unit_hertz_str[]          = "Hz"   ;
> >>>  static const char unit_byte_str[]           = "byte" ;
> >>>  static const char unit_bit_per_second_str[] = "bit/s";
> >>>+static int nb_streams;
> >>>  static uint64_t *nb_streams_packets;
> >>>  static uint64_t *nb_streams_frames;
> >>>  static int *selected_streams;
> >>>@@ -1920,7 +1921,17 @@ static int read_interval_packets(WriterContext *w, AVFormatContext *fmt_ctx,
> >>>              if (do_read_packets) {
> >>>                  if (do_show_packets)
> >>>                      show_packet(w, fmt_ctx, &pkt, i++);
> >>>-                nb_streams_packets[pkt.stream_index]++;
> >>>+                if(nb_streams_packets)
> >>>+                {
> >>>+                    if(pkt.stream_index >= nb_streams)
> >>>+                    {
> >>please use a consistent style
> >>
> >>>+                        nb_streams_frames  = av_realloc(nb_streams_frames,fmt_ctx->nb_streams* sizeof(*nb_streams_frames));
> >>>+                        nb_streams_packets = av_realloc(nb_streams_packets,fmt_ctx->nb_streams* sizeof(*nb_streams_packets));
> >>>+                        selected_streams   = av_realloc(selected_streams,fmt_ctx->nb_streams* sizeof(*selected_streams));
> >>av_realloc() is not compatible with av_calloc()
> >>
> >>>+                        nb_streams = fmt_ctx->nb_streams;
> >>trailing whitespace
> >>
> >>>+                    }
> >>>+                    nb_streams_packets[pkt.stream_index]++;
> >>>+                }
> >>>              }
> >>>              if (do_read_frames) {
> >>>                  pkt1 = pkt;
> >>>@@ -2373,7 +2384,7 @@ static int probe_file(WriterContext *wctx, const char *filename)
> >>>          return ret;
> >>>  #define CHECK_END if (ret < 0) goto end
> >>>-
> >>>+    nb_streams = fmt_ctx->nb_streams;
> >>>      nb_streams_frames  = av_calloc(fmt_ctx->nb_streams, sizeof(*nb_streams_frames));
> >>>      nb_streams_packets = av_calloc(fmt_ctx->nb_streams, sizeof(*nb_streams_packets));
> >>so use it here too
> >>
> >>>      selected_streams   = av_calloc(fmt_ctx->nb_streams, sizeof(*selected_streams));
> >>>-- 
> >>>1.8.1.4
> >>>
> >>>_______________________________________________
> >>>ffmpeg-devel mailing list
> >>>ffmpeg-devel at ffmpeg.org
> >>>http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >>
> >>
> >>_______________________________________________
> >>ffmpeg-devel mailing list
> >>ffmpeg-devel at ffmpeg.org
> >>http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >I have attached new patch with some more indentation.
> >
> >
> >Thanks
> >Anshul
> my previous patch was not considering  nb_streams_frames and
> selected_streams if number of stream increased after
> avformat_open_input,

> this patch consider all three things.

did you intend to attach anoter patch ?
iam asking as there was no patch attached to your last mail


[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Dictatorship naturally arises out of democracy, and the most aggravated
form of tyranny and slavery out of the most extreme liberty. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140509/97bfb58c/attachment.asc>

More information about the ffmpeg-devel mailing list