[Ffmpeg-devel] Maybe (?), robustness patch

[Mean]

Hi,
    While trying to create a correct avcC atom with lavformat/x264, i've 
made some (interestingly ?) broken mp4 files.
    One of them makes lavcodec crash hard, which is bad and uncommon.

    The problem is that in that case bit_length ends up being equal to 
-1, hence the crash a bit later
    I'm not sure it is a fix of great interest since such broken files 
should not exist at all, but anyway.

    The trivial check that avoids the hard crash is below

    One such funny file is available here
           
http://fixounet.free.fr/avidemux/win32/broken_h264_makes_lavcodec_crash.mp4
    No image, but no crash either.

Thanks.



    Index: h264.c
===================================================================
--- h264.c      (revision 1724)
+++ h264.c      (working copy)
@@ -7458,7 +7458,13 @@
         ptr= decode_nal(h, buf + buf_index, &dst_length, &consumed, 
h->is_avc ? nalsize : buf_size - buf_index);
         if(ptr[dst_length - 1] == 0) dst_length--;
         bit_length= 8*dst_length - decode_rbsp_trailing(ptr + 
dst_length - 1);
-
+       /* MEANX */
+       if(bit_length<=0)
+       {
+                av_log(h->s.avctx, AV_LOG_ERROR, "h264: bit length 
computing error, broken stream ? \n");
+               return -1;
+       }
+       /* /MEANX */
         if(s->avctx->debug&FF_DEBUG_STARTCODE){
             av_log(h->s.avctx, AV_LOG_DEBUG, "NAL %d at %d/%d length 
%d\n", h->nal_unit_type, buf_index, buf_size, dst_length);