[FFmpeg-devel] [PATCH 1/4] avcodec/ac3_parser: use a padded buffer in av_ac3_parse_header()
Andreas Rheinhardt
andreas.rheinhardt at outlook.com
Fri Jun 6 03:32:54 EEST 2025
James Almer:
> On 6/5/2025 9:29 PM, Andreas Rheinhardt wrote:
>> James Almer:
>>> The GetBitContext API requires the buffer to be padded, and the
>>> documentation for
>>> av_ac3_parse_header() does not specify it, so use a temporary local
>>> buffer.
>>>
>>> Signed-off-by: James Almer <jamrial at gmail.com>
>>> ---
>>> libavcodec/ac3_parser.c | 16 +++++++++++++---
>>> 1 file changed, 13 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c
>>> index 69989690dd..9065d700e2 100644
>>> --- a/libavcodec/ac3_parser.c
>>> +++ b/libavcodec/ac3_parser.c
>>> @@ -202,14 +202,24 @@ int av_ac3_parse_header(const uint8_t *buf,
>>> size_t size,
>>> {
>>> GetBitContext gb;
>>> AC3HeaderInfo hdr;
>>> + uint8_t *tmp = av_malloc(size + AV_INPUT_BUFFER_PADDING_SIZE);
>>> int err;
>>> - err = init_get_bits8(&gb, buf, size);
>>> - if (err < 0)
>>> + if (!tmp)
>>> + return AVERROR(ENOMEM);
>>> +
>>> + memcpy(tmp, buf, size);
>>> + memset(tmp + size, 0, AV_INPUT_BUFFER_PADDING_SIZE);
>>> + err = init_get_bits8(&gb, tmp, size);
>>> + if (err < 0) {
>>> + av_free(tmp);
>>> return AVERROR_INVALIDDATA;
>>> + }
>>> err = ff_ac3_parse_header(&gb, &hdr);
>>> - if (err < 0)
>>> + if (err < 0) {
>>> + av_free(tmp);
>>> return AVERROR_INVALIDDATA;
>>> + }
>>> *bitstream_id = hdr.bitstream_id;
>>> *frame_size = hdr.frame_size;
>>
>> There is no need for an allocation here; (E)AC-3 frames have a bounded
>> size and the number of bytes read by ff_ac3_parse_header() is even
>> smaller.
>
> What's the max size? Is there a define for it?
Not yet.
>
>> Anyway: The buffer leaks on success.
>
> I'm aware, i said as much in a reply :p
>
Should have read all your mails.
- Andreas
More information about the ffmpeg-devel
mailing list