[FFmpeg-devel] [PATCH] alsdec: error out if channel number changes

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Mon Jan 4 19:08:25 CET 2016


On 04.01.2016 16:29, Thilo Borgmann wrote:
> Am 04.01.16 um 16:18 schrieb Andreas Cadhalpun:
>> Supporting this would require re-initialization to change buffer sizes.
>>
>> This fixes out of bounds reads.
> 
> Can you upload a sample for this?

Unfortunately (or fortunately?) the sample doesn't trigger this problem when
using ffmpeg, it only happens with the simple program I use for fuzz testing.

I tracked down the difference:
My simple program tries to test a specific codec given on the command line
(like the '-c' option of ffmpeg). So it iterates over all streams and
uses the stream with a matching codec. However, if none is found it forces
the codec given on the command line for the first stream.

The difference to ffmpeg is that the latter calls avformat_find_stream_info
after forcing the codec, while my simple program did that beforehand.

Apparently the API isn't compatible with that as it now used the ac3 parser
together with the als decoder, which didn't work out well...

I find this a bit strange since avformat_find_stream_info could even find
new streams, whose codecs can't be changed, it seems.
Better documentation of this would be good.

On 04.01.2016 18:31, Derek Buitenhuis wrote:
> On 1/4/2016 3:18 PM, Andreas Cadhalpun wrote:
>> Supporting this would require re-initialization to change buffer sizes.
> 
> I may be mistaken, but don't we already support some codecs which do
> this, properly?

Probably, but that wouldn't have mattered for preventing out-of-bounds reads.

Anyway, consider this patch dropped.

Best regards,
Andreas


More information about the ffmpeg-devel mailing list