[FFmpeg-devel] [PATCH] Fix interlaced MPEG2 decoder crash (issue2367)

Anatoly Nenashev anatoly.nenashev
Thu Dec 23 00:16:21 CET 2010


Hi!
Full problem description available on https://roundup.ffmpeg.org/issue2367.
After some research I've found that sample file(exploit.bin) conflicts 
with specification in the following lines:

"In the case that a P field picture is used as the second field of a 
frame in which the first field is an I field
picture a series of semantic restrictions apply. These ensure that 
prediction is only made from the I field
picture. These restrictions are;
?        There shall be no macroblocks that are coded with 
macroblock_motion_forward zero and
          macroblock_intra zero.
?        Dual prime prediction shall not be used.
?        Field prediction in which motion_vertical_field_select 
indicates the same parity as the field
          being predicted shall not be used.
?        There shall be no skipped macroblocks."

So it looks like first and third restrictions are broken in sample file. 
Attached patch contains check for this situation.

Regards,
Anatoly.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: interlaced_mpeg.patch
Type: text/x-patch
Size: 854 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20101223/d8be6b57/attachment.bin>



More information about the ffmpeg-devel mailing list