[FFmpeg-devel] [PATCH 7/7] cbs_mpeg2: Drop fragments containing zero-sized units
Andreas Rheinhardt
andreas.rheinhardt at gmail.com
Mon Jul 29 22:56:58 EEST 2019
They are invalid and can be easily detected, so discard them.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
---
libavcodec/cbs_mpeg2.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/libavcodec/cbs_mpeg2.c b/libavcodec/cbs_mpeg2.c
index 559793dc98..eb0e2c7ba9 100644
--- a/libavcodec/cbs_mpeg2.c
+++ b/libavcodec/cbs_mpeg2.c
@@ -207,6 +207,12 @@ static int cbs_mpeg2_split_fragment(CodedBitstreamContext *ctx,
final = 1;
}
+ if (unit_size == 0) {
+ // This can only happen if frag->data contained data like
+ // 0x00 00 01 00 00 01 xy, which is treated as two start codes.
+ return AVERROR_INVALIDDATA;
+ }
+
if (unit_type == MPEG2_START_EXTENSION && unit_size >= 4 &&
start[1] >> 4 == MPEG2_EXTENSION_PICTURE_CODING) {
// The values f_code[0][1], f_code[1][1] are used to derive
--
2.21.0
More information about the ffmpeg-devel
mailing list