[FFmpeg-cvslog] nsvdec: don't ignore the return value of av_get_packet()
Sean McGovern
git at videolan.org
Tue Oct 24 02:00:01 EEST 2017
ffmpeg | branch: master | Sean McGovern <gseanmcg at gmail.com> | Fri Mar 24 13:36:51 2017 -0400| [fe6eea99efac66839052af547426518efd970b24] | committer: Sean McGovern
nsvdec: don't ignore the return value of av_get_packet()
Fixes invalid reads with corrupted files.
CC: libav-stable at libav.org
Bug-Id: 1039
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fe6eea99efac66839052af547426518efd970b24
---
libavformat/nsvdec.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
index c91d2a15dd..924c8694b1 100644
--- a/libavformat/nsvdec.c
+++ b/libavformat/nsvdec.c
@@ -520,6 +520,7 @@ static int nsv_read_chunk(AVFormatContext *s, int fill_header)
uint32_t vsize;
uint16_t asize;
uint16_t auxsize;
+ int ret;
if (nsv->ahead[0].data || nsv->ahead[1].data)
return 0; //-1; /* hey! eat what you've in your plate first! */
@@ -571,7 +572,8 @@ null_chunk_retry:
if (vsize && st[NSV_ST_VIDEO]) {
nst = st[NSV_ST_VIDEO]->priv_data;
pkt = &nsv->ahead[NSV_ST_VIDEO];
- av_get_packet(pb, pkt, vsize);
+ if ((ret = av_get_packet(pb, pkt, vsize)) < 0)
+ return ret;
pkt->stream_index = st[NSV_ST_VIDEO]->index;//NSV_ST_VIDEO;
pkt->dts = nst->frame_offset;
pkt->flags |= nsv->state == NSV_HAS_READ_NSVS ? AV_PKT_FLAG_KEY : 0; /* keyframe only likely on a sync frame */
@@ -615,7 +617,8 @@ null_chunk_retry:
bps, channels, samplerate);
}
}
- av_get_packet(pb, pkt, asize);
+ if ((ret = av_get_packet(pb, pkt, asize)) < 0)
+ return ret;
pkt->stream_index = st[NSV_ST_AUDIO]->index;//NSV_ST_AUDIO;
pkt->flags |= nsv->state == NSV_HAS_READ_NSVS ? AV_PKT_FLAG_KEY : 0; /* keyframe only likely on a sync frame */
if( nsv->state == NSV_HAS_READ_NSVS && st[NSV_ST_VIDEO] ) {
More information about the ffmpeg-cvslog
mailing list