[Ffmpeg-devel] [PATCH] fix segment fault in h264_parse if buf_size is zero

Michael Niedermayer michaelni
Wed Apr 11 09:17:50 CEST 2007


Hi

On Wed, Apr 11, 2007 at 02:38:38PM +0800, Limin Wang wrote:
> Hi,
> 
> > > > > Index: libavcodec/h264.c
> > > > > ===================================================================
> > > > > --- libavcodec/h264.c	(revision 8688)
> > > > > +++ libavcodec/h264.c	(working copy)
> > > > > @@ -8059,7 +8059,7 @@
> > > > >              return buf_size;
> > > > >          }
> > > > >  
> > > > > -        if(next<0){
> > > > > +        if(next<0 && pc->last_index+next > 0){
> > > > 
> > > > i think the check should rather be next<0 && next != END_NOT_FOUND
> > > 
> > > It's OK for the file end case, however anybody can make sure in these
> > > condition, pc->last_index + next>=0? The logic isn't clear and difficult
> > > to maintain.
> > 
> > if pc->last_index+next < 0 and next != END_NOT_FOUND then theres a bug
> > somewhere and that has to be fixed not hidden, feel free to add assert()
> > if you like
> 
> OK, update patch attached. 

looks ok


> One question is now the assert will do nothing
> for NDEBUG is defined.

it will do nothing either way as the condition wont be true

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Those who are too smart to engage in politics are punished by being
governed by those who are dumber. -- Plato 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070411/997c513a/attachment.pgp>



More information about the ffmpeg-devel mailing list