[FFmpeg-devel] [PATCH 1/2] avcodec/wrapped_avframe: implement wrapped_avframe decoder

Michael Niedermayer michael at niedermayer.cc
Tue Nov 10 14:31:26 CET 2015 

On Tue, Nov 10, 2015 at 04:54:17PM +0700, Muhammad Faiz wrote:
> On Mon, Nov 9, 2015 at 11:22 PM, wm4 <nfxjfg at googlemail.com> wrote:
> > On Mon, 9 Nov 2015 08:03:54 -0800
> > Muhammad Faiz <mfcc64 at gmail.com> wrote:
> >
> >> From 4dcbda2e585404d2d79d5afcdc13fcb699f6f158 Mon Sep 17 00:00:00 2001
> >> From: Muhammad Faiz <mfcc64 at gmail.com>
> >> Date: Mon, 9 Nov 2015 15:55:13 +0700
> >> Subject: [PATCH 1/2] avcodec/wrapped_avframe: implement wrapped_avframe
> >>  decoder
> >>
> >> fix ticket #4985
> >> for use in avdevice/lavfi
> >> ---
> >>  libavcodec/Makefile          |  1 +
> >>  libavcodec/allcodecs.c       |  2 +-
> >>  libavcodec/version.h         |  2 +-
> >>  libavcodec/wrapped_avframe.c | 32 ++++++++++++++++++++++++++++++++
> >>  4 files changed, 35 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/libavcodec/Makefile b/libavcodec/Makefile
> >> index 68a573f..c60d512 100644
> >> --- a/libavcodec/Makefile
> >> +++ b/libavcodec/Makefile
> >> @@ -577,6 +577,7 @@ OBJS-$(CONFIG_WMV2_ENCODER)            += wmv2enc.o wmv2.o \
> >>                                            msmpeg4.o msmpeg4enc.o msmpeg4data.o
> >>  OBJS-$(CONFIG_WNV1_DECODER)            += wnv1.o
> >>  OBJS-$(CONFIG_WS_SND1_DECODER)         += ws-snd1.o
> >> +OBJS-$(CONFIG_WRAPPED_AVFRAME_DECODER) += wrapped_avframe.o
> >>  OBJS-$(CONFIG_WRAPPED_AVFRAME_ENCODER) += wrapped_avframe.o
> >>  OBJS-$(CONFIG_XAN_DPCM_DECODER)        += dpcm.o
> >>  OBJS-$(CONFIG_XAN_WC3_DECODER)         += xan.o
> >> diff --git a/libavcodec/allcodecs.c b/libavcodec/allcodecs.c
> >> index 9f60d7c..3260927 100644
> >> --- a/libavcodec/allcodecs.c
> >> +++ b/libavcodec/allcodecs.c
> >> @@ -342,7 +342,7 @@ void avcodec_register_all(void)
> >>      REGISTER_DECODER(VP9,               vp9);
> >>      REGISTER_DECODER(VQA,               vqa);
> >>      REGISTER_DECODER(WEBP,              webp);
> >> -    REGISTER_ENCODER(WRAPPED_AVFRAME,   wrapped_avframe);
> >> +    REGISTER_ENCDEC (WRAPPED_AVFRAME,   wrapped_avframe);
> >>      REGISTER_ENCDEC (WMV1,              wmv1);
> >>      REGISTER_ENCDEC (WMV2,              wmv2);
> >>      REGISTER_DECODER(WMV3,              wmv3);
> >> diff --git a/libavcodec/version.h b/libavcodec/version.h
> >> index 1e21f15..5eecf5b 100644
> >> --- a/libavcodec/version.h
> >> +++ b/libavcodec/version.h
> >> @@ -29,7 +29,7 @@
> >>  #include "libavutil/version.h"
> >>
> >>  #define LIBAVCODEC_VERSION_MAJOR  57
> >> -#define LIBAVCODEC_VERSION_MINOR  15
> >> +#define LIBAVCODEC_VERSION_MINOR  16
> >>  #define LIBAVCODEC_VERSION_MICRO 100
> >>
> >>  #define LIBAVCODEC_VERSION_INT  AV_VERSION_INT(LIBAVCODEC_VERSION_MAJOR, \
> >> diff --git a/libavcodec/wrapped_avframe.c b/libavcodec/wrapped_avframe.c
> >> index 13c8d8a..185a1a2 100644
> >> --- a/libavcodec/wrapped_avframe.c
> >> +++ b/libavcodec/wrapped_avframe.c
> >> @@ -32,6 +32,8 @@
> >>  #include "libavutil/buffer.h"
> >>  #include "libavutil/pixdesc.h"
> >>
> >> +#if CONFIG_WRAPPED_AVFRAME_ENCODER
> >> +
> >>  static void wrapped_avframe_release_buffer(void *unused, uint8_t *data)
> >>  {
> >>      AVFrame *frame = (AVFrame *)data;
> >> @@ -71,3 +73,33 @@ AVCodec ff_wrapped_avframe_encoder = {
> >>      .encode2        = wrapped_avframe_encode,
> >>      .caps_internal  = FF_CODEC_CAP_INIT_THREADSAFE,
> >>  };
> >> +
> >> +#endif
> >> +
> >> +#if CONFIG_WRAPPED_AVFRAME_DECODER
> >> +
> >> +static int wrapped_avframe_decode(AVCodecContext *avctx, void *data,
> >> +                                  int *got_frame, AVPacket *avpkt)
> >> +{
> >> +    int ret;
> >> +
> >> +    if (avpkt->size != sizeof(AVFrame))
> >> +        return AVERROR(EINVAL);
> >> +
> >> +    if ((ret = av_frame_ref((AVFrame *) data, (AVFrame *) avpkt->data)) < 0)
> >> +        return ret;
> >> +
> >> +    *got_frame = 1;
> >> +    return avpkt->size;
> >> +}
> >> +
> >> +AVCodec ff_wrapped_avframe_decoder = {
> >> +    .name           = "wrapped_avframe",
> >> +    .long_name      = NULL_IF_CONFIG_SMALL("AVFrame to AVPacket passthrough"),
> >> +    .type           = AVMEDIA_TYPE_VIDEO,
> >> +    .id             = AV_CODEC_ID_WRAPPED_AVFRAME,
> >> +    .decode         = wrapped_avframe_decode,
> >> +    .caps_internal  = FF_CODEC_CAP_INIT_THREADSAFE,
> >> +};
> >> +
> >> +#endif
> >
> > This is very dangerous. You get potentially security relevant bad
> > behavior if you get anyone to force a demuxer/decoder on an untrusted
> > input file.
> 
> OK, this makes segfault on my machine (120 = sizeof(AVFrame)/4 on my machine)
> ffmpeg -codec wrapped_avframe  -pixel_format rgba -f rawvideo -s 120x1
> -i input.mkv -f null -y /dev/null

maybe in addition to any other saftey features
"-codec wrapped_avframe" could be checked for and forbidden in
libavformat, or does this have any safe use ?


[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

What does censorship reveal? It reveals fear. -- Julian Assange
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20151110/3ba0ad55/attachment.sig>

More information about the ffmpeg-devel mailing list