[Ffmpeg-devel] crash on broken avcC
Derk-Jan Hartman
hartman
Thu Aug 24 16:46:25 CEST 2006
This sample:
http://veda.student.utwente.nl/~hartman/vlc-udp-ts-(h264-bframes0-
mp3)-to-vlc-file-mp4-open-crash-nal-decode.mp4
The avcC atom is size 15, but indicates 0 SPS and PPS (from VLC debug)
[00000530] mp4 private debug: read box: "avcC" version=1 profile=0x4d
level=0x33 length size=4 sps=0 pps=0
But this makes libavcodec crash in
static void decode_scaling_matrices(H264Context *h, SPS *sps, PPS
*pps, int is_sps,
uint8_t (*scaling_matrix4)[16],
uint8_t (*scaling_matrix8)[64]){
On line:
int fallback_sps = !is_sps && sps->scaling_matrix_present;
where i_sps is 0 and sps != NULL
This quite old file is definitely broken and the result of early
development of H264 in VLC, but none the less it should not crash if
it indicates 0 SPS and PPS, on a value of sps->scaling_matrix_present
I suspect uninitialized variables or something ? The decoder doesn't
seem to like missing SPS/PPS in general btw. The nal parser will
almost always crash eventually in that case.
DJ
More information about the ffmpeg-devel
mailing list