[FFmpeg-devel] [PATCHv4 4/7] vorbis: append data from tags together
Ben Boeckel
mathstuf at gmail.com
Mon Jan 13 04:19:29 CET 2014
On Wed, 20 Nov, 2013 at 17:21:12 GMT, Michael Niedermayer wrote:
>=2E/ffprobe tickets/1833/vorbis_chapter_extension_demo.ogg
>
> crashes with memory corruption
Sorry for the long delay; been busy and this stuff got lost in the
shuffle. The cause is that ogm_chapter stole a reference if it found a
chapter and tried to free the value if so. This failed since the value
passed in is one-off the actual block header to account for the
separator (and avoid a malloc/memmove if it is needed). Instead of
having it do that, I changed it to copy the data out and never steal the
memory. I looked through the other paths where vt is passed and nothing
else tries to steal it. Responsibility of free'ing the data passed to
ogm_chapter is now always the caller's job (only one instance).
Patch series incoming.
> I think this patchset could benefit from more testing
I ran ffprobe over all the ogg files on my system without a crash (and
tags look sane). The vast majority are from the OGG conversion of my
music library, but I also found files from games (Wesnoth, VVVVVV,
Bastion, PenumbraOverture, and other HumbleBundle games I have
installed) which worked fine.
> including zzuf
I ran:
zzuf -s 0:255 -r 0.001:0.05 -c ../build/ffprobe vorbis_chapter_extension_demo.ogg
without a crash.
--Ben
More information about the ffmpeg-devel
mailing list