[MPlayer-dev-eng] endless loop in mov_check_file()
Steven M. Schultz
sms at 2BSD.COM
Wed Mar 20 00:48:25 CET 2002
Hello -
I think I have stumbled across a problem in libmpdemux/demux_mov.c
If 'len' is 0 then the routine mov_check_file() goes into an endless
look of:
while(1){
int skipped=8;
off_t len=stream_read_dword(demuxer->stream);
if(stream_eof(demuxer->stream)) break; // EOF
if (len == 1) /* real size is 64bits - cjb */
{
...
}
else if (len == 0) /* deleted chunk */
{
/* XXX: CJB! is this right? - alex */
goto skip_chunk;
}
else if(len<8) break; // invalid chunk
...
skip_chunk:
if(!stream_skip(demuxer->stream,len-skipped)) break;
...
}
This happened when I tried to play a SVCD, first 'AVI' was tried,
then 'Y4M', 'ASF", 'NUV'. When 'MOV' was checked (by calling
mov_check_file()) - the "Checking for MOV" never returned and mplayer
went into an endless loop.
The check for 'deleted chunk' is what appears to be causing the
problem. If I comment that section out the endless loop problem
goes away:
--- libmpdemux/demux_mov.c.dist Tue Mar 19 15:43:58 2002
+++ libmpdemux/demux_mov.c Tue Mar 19 14:17:04 2002
@@ -223,11 +223,13 @@
#endif
skipped += 8;
}
+#ifdef notnow
else if (len == 0) /* deleted chunk */
{
/* XXX: CJB! is this right? - alex */
goto skip_chunk;
}
+#endif
else if(len<8) break; // invalid chunk
switch(id){
If 'len' becomes 0 the loop becomes "read_dword", "seek back",
"read_dword", "seek back", ...
Is "goto skip_chunk;" the correct thing to do? The comment suggests
that there were doubts about doing that.
Thanks.
Steven Schultz
sms at 2bsd.com
More information about the MPlayer-dev-eng
mailing list