[FFmpeg-devel] [RFC/PATCH]Avoid huge allocations from asf demuxer
Michael Niedermayer
michaelni at gmx.at
Sat Mar 2 18:30:41 CET 2013
On Sat, Mar 02, 2013 at 05:36:15PM +0100, Carl Eugen Hoyos wrote:
> Hi!
>
> Using the command line from ticket #1888, asf_read_frame_header() first fills
> asf->packet_obj_size with 0xda327c93, this value is later passed to
> av_new_packet() but av_malloc() refuses to alloc anything.
> Next value for asf->packet_obj_size is 0x7ef0fec0, av_malloc allocates
> 2129723088 bytes.
> Attached patch avoids this and fixes ticket #1888, I don't know enough about
> the asf demuxer to judge if this is an acceptable solution.
>
> Please comment, Carl Eugen
> asfdec.c | 1 +
> 1 file changed, 1 insertion(+)
> 821839d9e2e01c68a5f4eb86af44cdd7558620aa patchasfpacket.diff
> diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c
> index 233b6ca..38f46a6 100644
> --- a/libavformat/asfdec.c
> +++ b/libavformat/asfdec.c
> @@ -1011,6 +1011,7 @@ static int asf_read_frame_header(AVFormatContext *s, AVIOContext *pb)
> asf->packet_obj_size = avio_rl32(pb);
> if (asf->packet_obj_size >= (1 << 24) || asf->packet_obj_size <= 0) {
> av_log(s, AV_LOG_ERROR, "packet_obj_size invalid\n");
> + asf->packet_obj_size = 0;
> return AVERROR_INVALIDDATA;
> }
LGTM
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Rewriting code that is poorly written but fully understood is good.
Rewriting code that one doesnt understand is a sign that one is less smart
then the original author, trying to rewrite it will not make it better.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20130302/2fbb9d9f/attachment.asc>
More information about the ffmpeg-devel
mailing list