[Ffmpeg-devel] [PATCH] fix segment fault in h264_parse if buf_size is zero
Michael Niedermayer
michaelni
Wed Apr 11 03:47:17 CEST 2007
Hi
On Wed, Apr 11, 2007 at 09:33:20AM +0800, Limin Wang wrote:
> Hi,
>
> > > Index: libavcodec/h264.c
> > > ===================================================================
> > > --- libavcodec/h264.c (revision 8688)
> > > +++ libavcodec/h264.c (working copy)
> > > @@ -8059,7 +8059,7 @@
> > > return buf_size;
> > > }
> > >
> > > - if(next<0){
> > > + if(next<0 && pc->last_index+next > 0){
> >
> > i think the check should rather be next<0 && next != END_NOT_FOUND
>
> It's OK for the file end case, however anybody can make sure in these
> condition, pc->last_index + next>=0? The logic isn't clear and difficult
> to maintain.
if pc->last_index+next < 0 and next != END_NOT_FOUND then theres a bug
somewhere and that has to be fixed not hidden, feel free to add assert()
if you like
>
> Only h264 parser will find_frame_end again if next<0, by the comment, the
> author want to update state, who can explain further? Any fault if remove the
> next 3 line code?
yes the parser will fail, i guess simply decoding all the h.264 reference
bitstreams and checking their md5 will give you an example stream where the
3 lines are needed
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
While the State exists there can be no freedom; when there is freedom there
will be no State. -- Vladimir Lenin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070411/6f2062aa/attachment.pgp>
More information about the ffmpeg-devel
mailing list