[FFmpeg-devel] patch for mpegaudiodec.c to prevent buffer read-access overflow

Francois Oligny-Lemieux eucloid
Wed Mar 11 19:35:31 CET 2009

I identified a place in mpegaudiodec.c where a crash could (and in my case
was) happening from time to time. The crash will happen when the audio
header is corrupted. The original code was doing buf++ while searching for
the header without any consideration for the buffer end causing an overflow
and eventually a read-access violation. Also after a successful resync, the
code was not adjusting the buffer_size.

I attached a patch containing the fix I'm using for this problem, but feel
free to make your own changes to it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: mpegaudiodec.c.11mar2009.diff
Type: application/octet-stream
Size: 764 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090311/8dc86fa5/attachment.obj>

More information about the ffmpeg-devel mailing list