[FFmpeg-devel] [PATCH] Fix decoding crash on some trashed interlaced MPEG2 streams. This fixes issue 2367.
Måns Rullgård
mans
Fri Feb 18 17:38:06 CET 2011
Anatoly Nenashev <anatoly.nenashev at ovsoft.ru> writes:
> On 18.02.2011 18:38, M?ns Rullg?rd wrote:
>> Anatoly Nenashev<anatoly.nenashev at ovsoft.ru> writes:
>>
>>
>>> On 18.02.2011 15:26, M?ns Rullg?rd wrote:
>>>
>>>> What is the actual problem you are trying to detect? Missing reference
>>>> picture?
>>>>
>>>>
>>>>
>>> The problem is available when second field of first decoded interlaced
>>> picture has P-type. In this case inter prediction can be done from the
>>> first field of current picture (works fine) or from the second field
>>> of previous picture (crashes decoder). Sample exploit attached to
>>> issue 2367. This sample was specially prepared to show the problem.
>>>
>> Couldn't that be checked per frame instead of per MB? Sure, doing it
>> per MB might allow decoding some blocks, but is that really worth it?
>>
>>
> I don't know how to made this check per frame because there may be
> some macroblocks predicted from the first field of current picture and
> the other predicted from the second field of previous picture. I can't
> find this information without decoding each macroblock.
Two possibilities:
- ditch the entire frame if any possible references are missing
- substitute a dummy picture for missing references
The second of these is equivalent to your patch with less per-MB
overhead for undamaged files.
--
M?ns Rullg?rd
mans at mansr.com
More information about the ffmpeg-devel
mailing list