[FFmpeg-cvslog] westwooddemuxer: Fix 1gb alloc

Reimar Döffinger Reimar.Doeffinger at gmx.de
Thu Dec 15 22:22:02 CET 2011


On Thu, Dec 15, 2011 at 09:44:15PM +0100, Michael Niedermayer wrote:
> ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Thu Dec 15 20:25:50 2011 +0100| [f68b19fc28df0a15fa6134726954365d70dec74f] | committer: Michael Niedermayer
> 
> westwooddemuxer: Fix 1gb alloc
> Fixes Ticket765
> Bug Found by: Diana Elena Muscalu
> 
> Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> 
> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f68b19fc28df0a15fa6134726954365d70dec74f
> ---
> 
>  libavformat/westwood.c |    7 +++++++
>  1 files changed, 7 insertions(+), 0 deletions(-)
> 
> diff --git a/libavformat/westwood.c b/libavformat/westwood.c
> index d39c4c6..5632650 100644
> --- a/libavformat/westwood.c
> +++ b/libavformat/westwood.c
> @@ -320,8 +320,15 @@ static int wsvqa_read_packet(AVFormatContext *s,
>      int skip_byte;
>  
>      while (avio_read(pb, preamble, VQA_PREAMBLE_SIZE) == VQA_PREAMBLE_SIZE) {
> +        int64_t filesize= avio_size(s->pb);
>          chunk_type = AV_RB32(&preamble[0]);
>          chunk_size = AV_RB32(&preamble[4]);
> +
> +        if(chunk_size > filesize){
> +            av_log(s, AV_LOG_ERROR, "Chunk with size %d truncated\n", chunk_size);
> +            chunk_size= filesize;

Even if it made sense in this case, requiring avio_size would
be a really bad practice to introduce IMO.
So this should well only be done for filesize > 0?


More information about the ffmpeg-cvslog mailing list