[FFmpeg-devel] [PATCH 5/5 v2] avcodec/ac3_parser: improve false positive detection when parsing sync frames
James Almer
jamrial at gmail.com
Sun Oct 23 00:02:26 EEST 2022
A two byte sync word is not enough to ensure we got a real syncframe, nor are
all the range checks we do in the first seven bytes. Do therefore an integrity
check for the sync frame in order to prevent the parser from filling avctx with
bogus information.
Signed-off-by: James Almer <jamrial at gmail.com>
---
libavcodec/aac_ac3_parser.c | 4 ++++
libavcodec/aac_ac3_parser.h | 2 ++
libavcodec/ac3_parser.c | 1 +
3 files changed, 7 insertions(+)
diff --git a/libavcodec/aac_ac3_parser.c b/libavcodec/aac_ac3_parser.c
index e89b12baf9..2b0ee61b6d 100644
--- a/libavcodec/aac_ac3_parser.c
+++ b/libavcodec/aac_ac3_parser.c
@@ -113,6 +113,10 @@ get_next:
buf_size -= hdr.frame_size;
continue;
}
+ /* Check for false positives since the syncword is not enough.
+ See section 6.1.2 of A/52. */
+ if (av_crc(s->crc_ctx, 0, buf + 2, hdr.frame_size - 2))
+ return i;
break;
}
diff --git a/libavcodec/aac_ac3_parser.h b/libavcodec/aac_ac3_parser.h
index 560bba54f5..bc16181a19 100644
--- a/libavcodec/aac_ac3_parser.h
+++ b/libavcodec/aac_ac3_parser.h
@@ -24,6 +24,7 @@
#define AVCODEC_AAC_AC3_PARSER_H
#include <stdint.h>
+#include "libavutil/crc.h"
#include "avcodec.h"
#include "parser.h"
@@ -42,6 +43,7 @@ typedef struct AACAC3ParseContext {
int header_size;
int (*sync)(uint64_t state, int *need_next_header, int *new_frame_start);
+ const AVCRC *crc_ctx;
int remaining_size;
uint64_t state;
diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c
index 8885e1c72e..13b8d3b7d8 100644
--- a/libavcodec/ac3_parser.c
+++ b/libavcodec/ac3_parser.c
@@ -246,6 +246,7 @@ static av_cold int ac3_parse_init(AVCodecParserContext *s1)
{
AACAC3ParseContext *s = s1->priv_data;
s->header_size = AC3_HEADER_SIZE;
+ s->crc_ctx = av_crc_get_table(AV_CRC_16_ANSI);
s->sync = ac3_sync;
return 0;
}
--
2.37.3
More information about the ffmpeg-devel
mailing list