[FFmpeg-devel] [PATCH] Add support for large boxes(>32 bit)

Philip Langdale philipl at overt.org
Wed May 20 20:11:10 CEST 2015


On 2015-05-20 11:06, Niklesh Lalwani wrote:
> I have done tracksize += 8 if there is a large box. This should account 
> for
> it?

I see you did, but that's not a good idea. Previously, tracksize was 
accurate,
in that it reflected adding tsmb_size each time. Now you're adding 8 
that's
already included in tsmb_size, so you'll end up failing the avpkt->size 
check
even if the track is valid.

> On 20-May-2015 11:17 PM, "Philip Langdale" <philipl at overt.org> wrote:
> 
>> On 2015-05-20 07:40, Niklesh Lalwani wrote:
>> 
>>> From: Niklesh <niklesh.lalwani at iitb.ac.in>
>>> 
>>> This patch is to be applied over the previous patch to fix movtext
>>> crashes (which is yet to be committed)
>>> Signed-off-by: Niklesh <niklesh.lalwani at iitb.ac.in>
>>> ---
>>>  libavcodec/movtextdec.c | 11 ++++++++++-
>>>  1 file changed, 10 insertions(+), 1 deletion(-)
>>> 
>>> diff --git a/libavcodec/movtextdec.c b/libavcodec/movtextdec.c
>>> index 53ffef0..1a7c811 100644
>>> --- a/libavcodec/movtextdec.c
>>> +++ b/libavcodec/movtextdec.c
>>> @@ -96,7 +96,8 @@ static int mov_text_decode_frame(AVCodecContext 
>>> *avctx,
>>>      char *ptr = avpkt->data;
>>>      char *end;
>>>      //char *ptr_temp;
>>> -    int text_length, tsmb_type, style_entries, tsmb_size, tracksize;
>>> +    int text_length, tsmb_type, style_entries;
>>> +    uint64_t tsmb_size, tracksize;
>>>      int **style_start = {0,};
>>>      int **style_end = {0,};
>>>      int **style_flags = {0,};
>>> @@ -147,6 +148,14 @@ static int mov_text_decode_frame(AVCodecContext
>>> *avctx,
>>>              tsmb_type = AV_RB32(tsmb);
>>>              tsmb += 4;
>>> 
>>> +            if (tsmb_size == 1) {
>>> +                if (tracksize + 16 > avpkt->size)
>>> +                    break;
>>> 
>> 
>> You will need to adjust the "tracksize + 10" check for the style entry
>> count as well.
>> 
>>  +                tsmb_size = AV_RB64(tsmb);
>>> +                tsmb += 8;
>>> +                tracksize += 8;
>>> +            }
>>> +
>>>              if (tracksize + tsmb_size > avpkt->size)
>>>                  break;
>>> 
>> 
>> 
>> --phil
>> _______________________________________________
>> ffmpeg-devel mailing list
>> ffmpeg-devel at ffmpeg.org
>> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>> 
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

-- 
--phil


More information about the ffmpeg-devel mailing list