[MPlayer-dev-eng] [PATCH 1/3] Fix segfault when mplayer -v -v -v is ran on some large MOV files

Petr Baudis pasky at ucw.cz
Sun May 28 16:36:12 CEST 2006 

  Hi,

> On Wed, May 24, 2006 at 02:58:31AM +0200, Petr Baudis wrote:
> > mplayer -v -v -v on a MOV file with generic tracks will dump them to files
> > by loading them all to memory first and then writing them at once - that's
> > not a stellar way how to do it, but it's -v -v -v and only in few special
> > cases so it doesn't matter much.
> 
> This was discussed on IRC, and the conclusion was that it is completely
> unacceptable for a demuxer to write files to the disk.
> Thus the "right" solution is to change the #if 1 to #if 0 to completely
> disable this code.

  I agree, it was really very surprising. :-)

  Still, the hack is extremely useful for debugging MOV files so if the
developer enables it in the source, let's provide something actually
working. This bundles both the #if 0 and the original fix:

diff --git a/libmpdemux/demux_mov.c b/libmpdemux/demux_mov.c
index 9835f80..91b01d5 100644
--- a/libmpdemux/demux_mov.c
+++ b/libmpdemux/demux_mov.c
@@ -1824,7 +1824,7 @@ static demuxer_t* mov_read_header(demuxe
 	}
     }
 
-#if 1
+#if 0
     if( mp_msg_test(MSGT_DEMUX,MSGL_DBG3) ){
 	for(t_no=0;t_no<priv->track_db;t_no++){
 	    mov_track_t* trak=priv->tracks[t_no];
@@ -1836,11 +1836,12 @@ #if 1
 		for (i=0; i<trak->samples_size; i++)
 		{
 		    int len=trak->samples[i].size;
-		    char buf[len];
+		    char *buf = malloc(len);
 		    stream_seek(demuxer->stream, trak->samples[i].pos);
 		    snprintf(name, 20, "t%02d-s%03d.%s", t_no,i,
 			(trak->media_handler==MOV_FOURCC('f','l','s','h')) ?
 			    "swf":"dump");
+		    mp_msg(MSGT_DEMUX, MSGL_INFO, "MOV: Saving sample %d to file %s ...\n",i,name);
 		    fd = open(name, O_CREAT|O_WRONLY);
 //		    { int j;
 //			for(j=0;j<trak->stdata_len-3; j++)
@@ -1855,7 +1856,7 @@ #ifdef HAVE_ZLIB
 			// unzip:
 			z_stream zstrm;
 			int zret;
-			char buf2[newlen];
+			char *buf2 = malloc(newlen);
 
 			len-=4;
 			stream_read(demuxer->stream, buf, len);
@@ -1874,6 +1875,7 @@ #ifdef HAVE_ZLIB
 	    		    mp_msg(MSGT_DEMUX, MSGL_WARN, "Warning! unzipped frame size differs hdr: %d  zlib: %ld\n",newlen,zstrm.total_out);
 			
 			write(fd, buf2, newlen);
+			free(buf2);
 		    } else {
 #else
 			len-=4;
@@ -1885,6 +1887,7 @@ #endif
 			write(fd, buf, len);
 		    }
 		    close(fd);
+		    free(buf);
 		}
 	    }
 	}

-- 
				Petr "Pasky" Baudis
Stuff: http://pasky.or.cz/
A person is just about as big as the things that make them angry.

More information about the MPlayer-dev-eng mailing list