[FFmpeg-cvslog] asfdec: fix parsing of packets that overrun into padding.
Ronald S. Bultje
git at videolan.org
Thu May 5 03:30:44 CEST 2011
ffmpeg | branch: master | Ronald S. Bultje <rbultje at google.com> | Wed Apr 27 15:42:16 2011 -0700| [f8b1245922cf4c7692750e9198cf57598f9647d5] | committer: Ronald S. Bultje
asfdec: fix parsing of packets that overrun into padding.
Signed-off-by: Ronald S. Bultje <rsbultje at gmail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f8b1245922cf4c7692750e9198cf57598f9647d5
---
libavformat/asfdec.c | 10 ++++++++--
1 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c
index 8e10d68..637ceed 100644
--- a/libavformat/asfdec.c
+++ b/libavformat/asfdec.c
@@ -853,8 +853,14 @@ static int asf_read_frame_header(AVFormatContext *s, AVIOContext *pb){
if (asf->packet_flags & 0x01) {
DO_2BITS(asf->packet_segsizetype >> 6, asf->packet_frag_size, 0); // 0 is illegal
if(asf->packet_frag_size > asf->packet_size_left - rsize){
- av_log(s, AV_LOG_ERROR, "packet_frag_size is invalid\n");
- return -1;
+ if (asf->packet_frag_size > asf->packet_size_left - rsize + asf->packet_padsize) {
+ av_log(s, AV_LOG_ERROR, "packet_frag_size is invalid (%d-%d)\n", asf->packet_size_left, rsize);
+ return -1;
+ } else {
+ int diff = asf->packet_frag_size - (asf->packet_size_left - rsize);
+ asf->packet_size_left += diff;
+ asf->packet_padsize -= diff;
+ }
}
//printf("Fragsize %d\n", asf->packet_frag_size);
} else {
More information about the ffmpeg-cvslog
mailing list