[FFmpeg-devel] [Patch] fix ffprobe crash #3603

Clément Bœsch u at pkh.me
Fri May 9 09:17:42 CEST 2014 

On Fri, May 09, 2014 at 09:15:53AM +0200, Clément Bœsch wrote:
> On Fri, May 09, 2014 at 12:33:36PM +0530, anshul wrote:
> > On 05/09/2014 06:15 AM, Michael Niedermayer wrote:
> > >>this patch consider all three things.
> > >did you intend to attach anoter patch ?
> > >iam asking as there was no patch attached to your last mail
> > >
> > >
> > yes, I am sorry for that.
> > 
> > -Anshul
> 
> > From 3ee1e369b42f0baa29706739f0b328615d20ebee Mon Sep 17 00:00:00 2001
> > From: Anshul Maheshwari <er.anshul.maheshwari at gmail.com>
> > Date: Thu, 8 May 2014 12:23:26 +0530
> > Subject: [PATCH] ffprobe: fix crash because of new streams occuring
> > 
> > Fix ticket #3603
> > ---
> >  ffprobe.c | 19 ++++++++++++++-----
> >  1 file changed, 14 insertions(+), 5 deletions(-)
> > 
> > diff --git a/ffprobe.c b/ffprobe.c
> > index c6e0469..5d6bf01 100644
> > --- a/ffprobe.c
> > +++ b/ffprobe.c
> > @@ -191,6 +191,7 @@ static const char unit_hertz_str[]          = "Hz"   ;
> >  static const char unit_byte_str[]           = "byte" ;
> >  static const char unit_bit_per_second_str[] = "bit/s";
> >  
> > +static int nb_streams;
> >  static uint64_t *nb_streams_packets;
> >  static uint64_t *nb_streams_frames;
> >  static int *selected_streams;
> > @@ -1893,6 +1894,12 @@ static int read_interval_packets(WriterContext *w, AVFormatContext *fmt_ctx,
> >          goto end;
> >      }
> >      while (!av_read_frame(fmt_ctx, &pkt)) {
> > +        if(fmt_ctx->nb_streams >= nb_streams) {
> > +            nb_streams_frames  = av_realloc(nb_streams_frames,fmt_ctx->nb_streams* sizeof(*nb_streams_frames));
> > +            nb_streams_packets = av_realloc(nb_streams_packets,fmt_ctx->nb_streams* sizeof(*nb_streams_packets));
> > +            selected_streams   = av_realloc(selected_streams,fmt_ctx->nb_streams* sizeof(*selected_streams));
> 
> space after ,

> space before *

for the mult obviously

And speaking of this, you should use av_realloc_array for the overflow
check.

> space before (
> 

for the if

[...]

-- 
Clément B.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140509/42b9c6c4/attachment.asc>

More information about the ffmpeg-devel mailing list