[FFmpeg-cvslog] avcodec/mjpeg_parser: Make parser a bit more robust with unclean input

Michael Niedermayer git at videolan.org
Sat Nov 16 23:45:19 EET 2019


ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Thu Oct 10 22:23:41 2019 +0200| [ec3d8a0e6945fe015d16cd98a1e7dbb4be815c15] | committer: Michael Niedermayer

avcodec/mjpeg_parser: Make parser a bit more robust with unclean input

Helps: test_roman.mjpeg (note this is not really just mjpeg)

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ec3d8a0e6945fe015d16cd98a1e7dbb4be815c15
---

 libavcodec/mjpeg_parser.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/libavcodec/mjpeg_parser.c b/libavcodec/mjpeg_parser.c
index 07a6b2bdc6..c642b2ecbc 100644
--- a/libavcodec/mjpeg_parser.c
+++ b/libavcodec/mjpeg_parser.c
@@ -50,7 +50,7 @@ static int find_frame_end(MJPEGParserContext *m, const uint8_t *buf, int buf_siz
         for(i=0; i<buf_size;){
             state= (state<<8) | buf[i];
             if(state>=0xFFC00000 && state<=0xFFFEFFFF){
-                if(state>=0xFFD80000 && state<=0xFFD8FFFF){
+                if(state>=0xFFD8FFC0 && state<=0xFFD8FFFF){
                     i++;
                     vop_found=1;
                     break;
@@ -76,12 +76,14 @@ static int find_frame_end(MJPEGParserContext *m, const uint8_t *buf, int buf_siz
         for(; i<buf_size;){
             state= (state<<8) | buf[i];
             if(state>=0xFFC00000 && state<=0xFFFEFFFF){
-                if(state>=0xFFD80000 && state<=0xFFD8FFFF){
+                if(state>=0xFFD8FFC0 && state<=0xFFD8FFFF){
                     pc->frame_start_found=0;
                     pc->state=0;
                     return i-3;
                 } else if(state<0xFFD00000 || state>0xFFD9FFFF){
                     m->size= (state&0xFFFF)-1;
+                    if (m->size >= 0x8000)
+                        m->size = 0;
                 }
             }
             if(m->size>0){



More information about the ffmpeg-cvslog mailing list