[FFmpeg-devel] [Patch] fix ffprobe crash #3603

anshul anshul.ffmpeg at gmail.com
Wed May 7 10:22:20 CEST 2014


On 05/07/2014 01:31 PM, Clément Boesch wrote:
> On Wed, May 07, 2014 at 01:28:40PM +0530, anshul wrote:
>> On 05/07/2014 12:48 PM, anshul wrote:
>>> On 05/07/2014 11:56 AM, anshul wrote:
>>>> ffprobe crashes since number of stream increased in the attched video
>>>> at #3603 from 3 to 6 which were not taken in account in commit
>>>> 29b9aee4.
>>>>
>>>> so this line need extra guard
>>>> nb_streams_frames[pkt.stream_index]++;
>>>>
>>>> Thanks
>>>> Anshul
>>> Ignore this patch it have lot of flaws, will send another soon
>>> -Anshul
>> I have attached new patch for same problem
>>
>> -Anshul
>>  From 08eaf8857ffab170baa5079ade50c5d2dafb4b1c Mon Sep 17 00:00:00 2001
>> From: Anshul Maheshwari <er.anshul.maheshwari at gmail.com>
>> Date: Wed, 7 May 2014 13:27:43 +0530
>> Subject: [PATCH] Fix #3603 crashes in ffprobe
>>
> mark the fix in the description, and describe the fix in the title
>
>> ---
>>   ffprobe.c | 15 +++++++++++++--
>>   1 file changed, 13 insertions(+), 2 deletions(-)
>>
>> diff --git a/ffprobe.c b/ffprobe.c
>> index c6e0469..11a946c 100644
>> --- a/ffprobe.c
>> +++ b/ffprobe.c
>> @@ -191,6 +191,7 @@ static const char unit_hertz_str[]          = "Hz"   ;
>>   static const char unit_byte_str[]           = "byte" ;
>>   static const char unit_bit_per_second_str[] = "bit/s";
>>   
>> +static int nb_streams;
>>   static uint64_t *nb_streams_packets;
>>   static uint64_t *nb_streams_frames;
>>   static int *selected_streams;
>> @@ -1920,7 +1921,17 @@ static int read_interval_packets(WriterContext *w, AVFormatContext *fmt_ctx,
>>               if (do_read_packets) {
>>                   if (do_show_packets)
>>                       show_packet(w, fmt_ctx, &pkt, i++);
>> -                nb_streams_packets[pkt.stream_index]++;
>> +                if(nb_streams_packets)
>> +                {
>> +                    if(pkt.stream_index >= nb_streams)
>> +                    {
> please use a consistent style
>
>> +                        nb_streams_frames  = av_realloc(nb_streams_frames,fmt_ctx->nb_streams* sizeof(*nb_streams_frames));
>> +                        nb_streams_packets = av_realloc(nb_streams_packets,fmt_ctx->nb_streams* sizeof(*nb_streams_packets));
>> +                        selected_streams   = av_realloc(selected_streams,fmt_ctx->nb_streams* sizeof(*selected_streams));
> av_realloc() is not compatible with av_calloc()
>
>> +                        nb_streams = fmt_ctx->nb_streams;
> trailing whitespace
>
>> +                    }
>> +                    nb_streams_packets[pkt.stream_index]++;
>> +                }
>>               }
>>               if (do_read_frames) {
>>                   pkt1 = pkt;
>> @@ -2373,7 +2384,7 @@ static int probe_file(WriterContext *wctx, const char *filename)
>>           return ret;
>>   
>>   #define CHECK_END if (ret < 0) goto end
>> -
>> +    nb_streams = fmt_ctx->nb_streams;
>>       nb_streams_frames  = av_calloc(fmt_ctx->nb_streams, sizeof(*nb_streams_frames));
>>       nb_streams_packets = av_calloc(fmt_ctx->nb_streams, sizeof(*nb_streams_packets));
> so use it here too
>
>>       selected_streams   = av_calloc(fmt_ctx->nb_streams, sizeof(*selected_streams));
>> -- 
>> 1.8.1.4
>>
>> _______________________________________________
>> ffmpeg-devel mailing list
>> ffmpeg-devel at ffmpeg.org
>> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
>
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Thanks Clément Boesch
New patch attached.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-3603-crashes-in-ffprobe.patch
Type: text/x-patch
Size: 2549 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140507/b3658299/attachment.bin>


More information about the ffmpeg-devel mailing list