[FFmpeg-devel] [PATCH 2/2] avcodec/dvdsubdec: reject some broken packets

wm4 nfxjfg at googlemail.com
Tue Sep 22 09:41:39 CEST 2015


On Mon, 21 Sep 2015 23:33:16 +0200
Michael Niedermayer <michaelni at gmx.at> wrote:

> On Mon, Sep 21, 2015 at 06:25:31PM +0200, wm4 wrote:
> > If cmd_pos is broken, this would just keep accumulating packets in the
> > reassembly buffer, until it fails and flushes the buffer on overflow.
> > Since packets are usually rather small, this will take a lot of subtitle
> > packets. The perceived effect is that subtitles are not displayed
> > anymore after the faulty packet was passed to the decoder.
> > 
> > I'm not terribly sure about this, but on the other hand this code is
> > active only when fragmented packets need to be reassembled.
> > 
> > Fixes sample file in trac issue #4872.
> > ---
> > Oh, by the way, the sample was supposedly created by mencoder. Playing
> > directly from DVD doesn't show the issue.
> > ---
> >  libavcodec/dvdsubdec.c | 9 ++++++++-
> >  1 file changed, 8 insertions(+), 1 deletion(-)
> > 
> > diff --git a/libavcodec/dvdsubdec.c b/libavcodec/dvdsubdec.c
> > index 57eafbf..1264e86 100644
> > --- a/libavcodec/dvdsubdec.c
> > +++ b/libavcodec/dvdsubdec.c
> > @@ -227,6 +227,7 @@ static int decode_dvd_subtitles(DVDSubContext *ctx, AVSubtitle *sub_header,
> >      int date;
> >      int i;
> >      int is_menu = 0;
> > +    uint32_t size;
> >  
> >      if (buf_size < 10)
> >          return -1;
> 
> > @@ -241,10 +242,16 @@ static int decode_dvd_subtitles(DVDSubContext *ctx, AVSubtitle *sub_header,
> >          cmd_pos = 2;
> >      }
> >  
> > +    size = READ_OFFSET(buf);
> 
> is this correct for the big_offsets == 1 case ?
> iam asking as big_offsets == 1 implies that AV_RB16(buf) == 0

Good point. Likely it does have a 4 byte command offset, but starting
at byte 2. Does anyone have a HD sample?

> also does someone have a link to a specification or something?

From what I've gathered, the DVD spec exists only in printed form, and
was never leaked.


More information about the ffmpeg-devel mailing list