[FFmpeg-devel] [PATCH]lavc/h264_ps: Check chroma_location limits
Ronald S. Bultje
rsbultje at gmail.com
Fri Mar 24 16:16:42 EET 2017
Hi,
On Fri, Mar 24, 2017 at 10:05 AM, Clément Bœsch <u at pkh.me> wrote:
> On Fri, Mar 24, 2017 at 10:40:21AM +0100, Carl Eugen Hoyos wrote:
> > Hi!
> >
> > Attached patch fixes #6255.
> >
> > Please comment, Carl Eugen
>
> > From 1c249440c62271565be12112f321ad9aa6a922fb Mon Sep 17 00:00:00 2001
> > From: Carl Eugen Hoyos <cehoyos at ag.or.at>
> > Date: Fri, 24 Mar 2017 10:38:22 +0100
> > Subject: [PATCH] lavc/h264_ps: Check that chroma_location is within
> limits.
> >
> > Fixes ticket #6255.
> > ---
> > libavcodec/h264_ps.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/libavcodec/h264_ps.c b/libavcodec/h264_ps.c
> > index b78ad25..55e6a6e 100644
> > --- a/libavcodec/h264_ps.c
> > +++ b/libavcodec/h264_ps.c
> > @@ -181,6 +181,8 @@ static inline int decode_vui_parameters(GetBitContext
> *gb, AVCodecContext *avctx
> > if (get_bits1(gb)) {
> > /* chroma_sample_location_type_top_field */
> > avctx->chroma_sample_location = get_ue_golomb(gb) + 1;
> > + if (avctx->chroma_sample_location >= AVCHROMA_LOC_NB)
> > + avctx->chroma_sample_location = AVCHROMA_LOC_UNSPECIFIED;
>
> if (av_chroma_location_name(...)) ...
Looking at the bug report mentioned, I wonder why we have this
inconsistency in our code:
s = av_get_colorspace_name(par->color_space);
if (s) print_str ("color_space", s);
else print_str_opt("color_space", "unknown");
[..]
if (par->chroma_location != AVCHROMA_LOC_UNSPECIFIED)
print_str("chroma_location",
av_chroma_location_name(par->chroma_location));
else
print_str_opt("chroma_location",
av_chroma_location_name(par->chroma_location));
This seems inconsistent. Making the second (chroma location printing)
behave like the first (colorspace printing: print "unknown" for invalid
entries) would make the above unnecessary.
There is also the risk with the initial patch that compiling libavcodec
against a newer libavutil but then runtime linking it with another (older)
one would lead to crashes. Clement's idea prevents that, but leads to loss
of information. (I'm not saying the current approach of returning a
potentially out-of-range value and expecting the end user to check/clip is
any better, since some are likely to forget leading to crashes, but we need
to think this through and make behaviour of the above code consistent with
whatever we come up with.)
Ronald
More information about the ffmpeg-devel
mailing list