[FFmpeg-cvslog] Check extradata_size before accessing extradata.
Reimar Döffinger
Reimar.Doeffinger at gmx.de
Wed Nov 9 19:25:22 CET 2011
On Wed, Nov 09, 2011 at 02:06:20PM +0100, Carl Eugen Hoyos wrote:
> ffmpeg | branch: master | Carl Eugen Hoyos <cehoyos at ag.or.at> | Wed Nov 9 14:04:22 2011 +0100| [367468f1482541d1e17ce3fdf1d496746a2de21b] | committer: Carl Eugen Hoyos
>
> Check extradata_size before accessing extradata.
>
> Fixes ticket #627.
>
> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=367468f1482541d1e17ce3fdf1d496746a2de21b
> ---
>
> libavcodec/flicvideo.c | 9 ++++++---
> 1 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/libavcodec/flicvideo.c b/libavcodec/flicvideo.c
> index 10ad270..2374d54 100644
> --- a/libavcodec/flicvideo.c
> +++ b/libavcodec/flicvideo.c
> @@ -81,6 +81,12 @@ static av_cold int flic_decode_init(AVCodecContext *avctx)
> unsigned char *fli_header = (unsigned char *)avctx->extradata;
WTF is up with that crazy casting?
> int depth;
>
> + if (avctx->extradata_size != 12 &&
> + avctx->extradata_size != 128) {
> + av_log(avctx, AV_LOG_ERROR, "Expected extradata of 12 or 128 bytes\n");
> + return AVERROR_INVALIDDATA;
> + }
> +
> s->avctx = avctx;
>
> s->fli_type = AV_RL16(&fli_header[4]); /* Might be overridden if a Magic Carpet FLC */
> @@ -90,9 +96,6 @@ static av_cold int flic_decode_init(AVCodecContext *avctx)
> /* special case for magic carpet FLIs */
> s->fli_type = FLC_MAGIC_CARPET_SYNTHETIC_TYPE_CODE;
> depth = 8;
> - } else if (s->avctx->extradata_size != 128) {
> - av_log(avctx, AV_LOG_ERROR, "Expected extradata of 12 or 128 bytes\n");
> - return -1;
That code is quite silly.
s->fli_type = AV_RL16(&fli_header[4]); is the reason it crashes.
However that read value is only used in the extradata_size == 128 case.
IMO the right solution is to change this code to:
1) if size is 128, read those two values from extradata
2) otherwise, use the defaults which are used for the size == 12 case,
if size is not 12 ask for sample.
More information about the ffmpeg-cvslog
mailing list