[FFmpeg-cvslog] Fixed segfault on corrupted sega streams in the demuxer.
Laurent Aimar
git at videolan.org
Fri Oct 7 03:49:15 CEST 2011
ffmpeg | branch: master | Laurent Aimar <fenrir at videolan.org> | Sun Sep 11 19:17:41 2011 +0200| [790f4dd5c96f948a637a90899b5f6af34ccb3942] | committer: Janne Grunau
Fixed segfault on corrupted sega streams in the demuxer.
Signed-off-by: Janne Grunau <janne-libav at jannau.net>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=790f4dd5c96f948a637a90899b5f6af34ccb3942
---
libavformat/segafilm.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/libavformat/segafilm.c b/libavformat/segafilm.c
index 81f04c6..32a979f 100644
--- a/libavformat/segafilm.c
+++ b/libavformat/segafilm.c
@@ -176,6 +176,8 @@ static int film_read_header(AVFormatContext *s,
if(film->sample_count >= UINT_MAX / sizeof(film_sample))
return -1;
film->sample_table = av_malloc(film->sample_count * sizeof(film_sample));
+ if (!film->sample_table)
+ return AVERROR(ENOMEM);
for(i=0; i<s->nb_streams; i++)
av_set_pts_info(s->streams[i], 33, 1, film->base_clock);
@@ -199,7 +201,7 @@ static int film_read_header(AVFormatContext *s,
if (film->audio_type == CODEC_ID_ADPCM_ADX)
audio_frame_counter += (film->sample_table[i].sample_size * 32 /
(18 * film->audio_channels));
- else
+ else if (film->audio_type != CODEC_ID_NONE)
audio_frame_counter += (film->sample_table[i].sample_size /
(film->audio_channels * film->audio_bits / 8));
} else {
More information about the ffmpeg-cvslog
mailing list