[FFmpeg-devel] [PATCH 1/4] avcodec/ac3_parser: use a padded buffer in av_ac3_parse_header()

[Andreas Rheinhardt]

James Almer:
> The GetBitContext API requires the buffer to be padded, and the documentation for
> av_ac3_parse_header() does not specify it, so use a temporary local buffer.
> 
> Signed-off-by: James Almer <jamrial at gmail.com>
> ---
>  libavcodec/ac3_parser.c | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)
> 
> diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c
> index 69989690dd..9065d700e2 100644
> --- a/libavcodec/ac3_parser.c
> +++ b/libavcodec/ac3_parser.c
> @@ -202,14 +202,24 @@ int av_ac3_parse_header(const uint8_t *buf, size_t size,
>  {
>      GetBitContext gb;
>      AC3HeaderInfo hdr;
> +    uint8_t *tmp = av_malloc(size + AV_INPUT_BUFFER_PADDING_SIZE);
>      int err;
>  
> -    err = init_get_bits8(&gb, buf, size);
> -    if (err < 0)
> +    if (!tmp)
> +        return AVERROR(ENOMEM);
> +
> +    memcpy(tmp, buf, size);
> +    memset(tmp + size, 0, AV_INPUT_BUFFER_PADDING_SIZE);
> +    err = init_get_bits8(&gb, tmp, size);
> +    if (err < 0) {
> +        av_free(tmp);
>          return AVERROR_INVALIDDATA;
> +    }
>      err = ff_ac3_parse_header(&gb, &hdr);
> -    if (err < 0)
> +    if (err < 0) {
> +        av_free(tmp);
>          return AVERROR_INVALIDDATA;
> +    }
>  
>      *bitstream_id = hdr.bitstream_id;
>      *frame_size   = hdr.frame_size;

There is no need for an allocation here; (E)AC-3 frames have a bounded
size and the number of bytes read by ff_ac3_parse_header() is even smaller.
Anyway: The buffer leaks on success.

- Andreas