[Ffmpeg-devel] [patch] h264.c, dont go beyond buffer in h264_decode_nal_unit
Michael Niedermayer
michaelni
Sun Apr 29 11:15:58 CEST 2007
Hi
On Sun, Apr 29, 2007 at 11:09:48AM +0200, Mean wrote:
> That one is a bit better, it does not complain when there is nothing to
> complain about :)
>
> Thanks
>
> Index: h264.c
> ===================================================================
> --- h264.c (revision 2980)
> +++ h264.c (working copy)
> @@ -8075,16 +8075,21 @@
> int i, nalsize = 0;
>
> if(h->is_avc) {
> - if(buf_index >= buf_size) break;
> + if(buf_index==buf_size) break;
how can these differ?
> + if(buf_index +h->nal_length_size>= buf_size)
> + {
{ placement missmatches the rest of the file
also this check is unneeded the buffer is a few bytes larger
and nal_length_size is limited to 2 or 4
[...]
> - if(nalsize <= 1 || nalsize > buf_size){
> + if(nalsize <= 1 || (nalsize+buf_index > buf_size)){
> if(nalsize == 1){
> buf_index++;
> continue;
> }else{
> - av_log(h->s.avctx, AV_LOG_ERROR, "AVC: nal size %d\n", nalsize);
> + av_log(h->s.avctx, AV_LOG_ERROR, "AVC: nal does not fit in buffer, need %d\n", nalsize);
> break;
this change is ok
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Democracy is the form of government in which you can choose your dictator
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070429/4382cd82/attachment.pgp>
More information about the ffmpeg-devel
mailing list