[FFmpeg-devel] [PATCH] libavformat aviobuf: Fixed dst pointer initialization in fill_buffer
Rob Meyers
robertmeyers at google.com
Mon May 15 20:55:28 EEST 2017
Of course.
We noticed when reading data from a named pipe the first 10 bytes would get
dropped. I traced this to the affected code in fill_buffer(). The
assignment of "dst" was always set to the beginning of the buffer, and if
it hadn't been consumed yet the data would be overwritten. We could
reproduce this by setting up a server that writes to the named pipe in two
small (6 byte) messages with a 1 second gap between. Without the gap, or if
the data is sent as one message, there's no problem. It's in the
accumulation of data between messages to fulfill a read that this bug is
triggered.
On Mon, May 15, 2017 at 10:49 AM Hendrik Leppkes <h.leppkes at gmail.com>
wrote:
> On Mon, May 15, 2017 at 6:47 PM, Rob Meyers
> <robertmeyers-at-google.com at ffmpeg.org> wrote:
> > ---
> > libavformat/aviobuf.c | 4 +---
> > 1 file changed, 1 insertion(+), 3 deletions(-)
> >
>
> Commit messages that say "fixed <thing>" are usually not quite
> informative. Can you elaborate whats the problem, how it exhibits and
> can be tested and how this is fixed?
>
> - Hendrik
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
More information about the ffmpeg-devel
mailing list