[FFmpeg-devel] [PATCH] vp9: fix mt-related hang a parser infinite loop.
Ronald S. Bultje
rsbultje at gmail.com
Sat Jan 11 03:38:38 CET 2014
Fixes trac ticket 3274.
---
libavcodec/vp9.c | 8 ++++++--
libavcodec/vp9_parser.c | 2 +-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/libavcodec/vp9.c b/libavcodec/vp9.c
index b4e8d4e..3db4177 100644
--- a/libavcodec/vp9.c
+++ b/libavcodec/vp9.c
@@ -3592,11 +3592,15 @@ static int vp9_decode_frame(AVCodecContext *ctx, void *frame,
data += 4;
size -= 4;
}
- if (tile_size > size)
+ if (tile_size > size) {
+ ff_thread_report_progress(&s->frames[CUR_FRAME].tf, INT_MAX, 0);
return AVERROR_INVALIDDATA;
+ }
ff_vp56_init_range_decoder(&s->c_b[tile_col], data, tile_size);
- if (vp56_rac_get_prob_branchy(&s->c_b[tile_col], 128)) // marker bit
+ if (vp56_rac_get_prob_branchy(&s->c_b[tile_col], 128)) { // marker bit
+ ff_thread_report_progress(&s->frames[CUR_FRAME].tf, INT_MAX, 0);
return AVERROR_INVALIDDATA;
+ }
data += tile_size;
size -= tile_size;
}
diff --git a/libavcodec/vp9_parser.c b/libavcodec/vp9_parser.c
index c34febf..2de8937 100644
--- a/libavcodec/vp9_parser.c
+++ b/libavcodec/vp9_parser.c
@@ -80,7 +80,7 @@ static int parse(AVCodecParserContext *ctx,
av_log(avctx, AV_LOG_ERROR, \
"Superframe packet size too big: %d > %d\n", \
sz, size); \
- return AVERROR_INVALIDDATA; \
+ return size; \
} \
if (first) { \
first = 0; \
--
1.8.4
More information about the ffmpeg-devel
mailing list