[FFmpeg-devel] [PATCH] initialize pkt->data and pkt->size to NULL and zero

Michael Niedermayer michaelni
Mon May 3 19:07:46 CEST 2010

On Fri, Apr 30, 2010 at 09:57:07AM -0700, Thierry Foucu wrote:
> Here is the issue I found when debugging a AVI file:
> The line number are based on SVN 22976
> in av_find_stream_info (ic=0xf358020) at libavformat/utils.c:2210
>    We are calling av_read_frame_internal with pkt1 which is a variable on
> the stack (not initialize)
> in av_read_frame_internal (s=0xf358020, pkt=0xffffcb64) at
> libavformat/utils.c:1070
>   When we enter av_read_frame_internal, we call  av_init_packet, which does
> does set the pkt->data and pkt->size to zero
>   Then we call av_read_packet with the same AVpacket.
> in av_read_packet (s=0xf358020, pkt=0xffffc654) at libavformat/utils.c:638
>   we are calling avi_read_packet with the same AVPacket pointer, which still
> does not have the data and size set to
> in avi_read_packet (s=0xf358020, pkt=0xffffc654) at libavformat/avidec.c:890
>   Here we are adding to ast->frame_offset the pkt->size, which in this case,
> it was not initialize. The pkt->data is NULL
>   This will cause the ast->frame_offset for a audio packet to be wrong and
> because we are using it for setting the DTS, we can get some first PTS value
> to be 100% garbage.
> By applying the patch, the ast->frame_offset will not be incremented by some
> garbage value.
> But not sure if this will be the right fix for this problem.

probably the code should use size instead of pkt->size in avidec
a patch changing this with is welcome
a testcase is welcome as well thogh due to below not required
(note a testcase will likely require to chnage AVStream.discard midstream
 for this corruption to become user vissible)

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

I have never wished to cater to the crowd; for what I know they do not
approve, and what they approve I do not know. -- Epicurus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20100503/2f9ae11f/attachment.pgp>

More information about the ffmpeg-devel mailing list