[FFmpeg-devel] [PATCH] avformat/mxfdec: Fix false positive in infinite loop detector
Michael Niedermayer
michaelni at gmx.at
Mon Oct 27 16:27:27 CET 2014
Fixes Ticket4040
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
---
libavformat/mxfdec.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index b01dd0c..a1abc34 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -2211,6 +2211,13 @@ end:
avio_seek(s->pb, mxf->run_in, SEEK_SET);
}
+static uint64_t loop_detection_state(AVFormatContext *s)
+{
+ MXFContext *mxf = s->priv_data;
+
+ return avio_tell(s->pb) + 0xA987654321*!mxf->current_partition;
+}
+
static int mxf_read_header(AVFormatContext *s)
{
MXFContext *mxf = s->priv_data;
@@ -2235,12 +2242,12 @@ static int mxf_read_header(AVFormatContext *s)
while (!avio_feof(s->pb)) {
const MXFMetadataReadTableEntry *metadata;
- if (avio_tell(s->pb) == last_pos) {
+ if (loop_detection_state(s) == last_pos) {
av_log(mxf->fc, AV_LOG_ERROR, "MXF structure loop detected\n");
return AVERROR_INVALIDDATA;
}
if ((1ULL<<61) % last_pos_index++ == 0)
- last_pos = avio_tell(s->pb);
+ last_pos = loop_detection_state(s);
if (klv_read_packet(&klv, s->pb) < 0) {
/* EOF - seek to previous partition or stop */
if(mxf_parse_handle_partition_or_eof(mxf) <= 0)
--
1.7.9.5
More information about the ffmpeg-devel
mailing list