[FFmpeg-devel] [PATCH 2/4] mov: check for positive sample->size

Michael Niedermayer michaelni at gmx.at
Sun May 24 19:23:36 CEST 2015 

On Sun, May 24, 2015 at 03:21:25PM +0200, Andreas Cadhalpun wrote:
> On 24.05.2015 00:46, Michael Niedermayer wrote:
> > On Sun, May 24, 2015 at 12:04:23AM +0200, Andreas Cadhalpun wrote:
> 
> >> +    if (!sample->size) {
> >> +        av_log(s, AV_LOG_ERROR, "sample size is zero\n");
> >> +        return AVERROR_INVALIDDATA;
> >> +    }
> > 
> > this would cause failure to demux future packets, i think its
> > better to skip this but continue without failing
> 
> On 24.05.2015 09:21, Yusuke Nakamura wrote:
> > 14496-12 does not prohibit sample_size = 0.
> >
> > See ISO/IEC 14496-12:2012 Corrected ver. 8.7.3.1 Definition.
> >
> > NOTE A sample size of zero is not prohibited in general, but it must be
> > valid and defined for the coding
> > system, as defined by the sample entry, that the sample belongs to.
> 
> OK, that was a bad idea.
> 
> Attached patch fixes the problem in a better way.
> 
> Best regards,
> Andreas

>  mov.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 199a14800f0d79aa85b8dc01c2c1dc2743c3fb0d  0001-mov-check-for-negative-stsc-count.patch
> From 1d66ce9f96ccd4e130837a5e38885109f26bb4f6 Mon Sep 17 00:00:00 2001
> From: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
> Date: Sun, 24 May 2015 15:14:23 +0200
> Subject: [PATCH] mov: check for negative stsc count
> 
> A negative stsc count can cause the mov demuxer to return a large
> number of empty packets.

ISO/IEC 14496-12:2012(E) says the field is unsigned so it cannot be
negative

8.7.4.2   Syntax
aligned(8) class SampleToChunkBox
    extends FullBox("stsc", version = 0, 0) {
    unsigned int(32) entry_count;
    for (i=1; i <= entry_count; i++) {
        unsigned int(32) first_chunk;
        unsigned int(32) samples_per_chunk;
        unsigned int(32) sample_description_index;
    }
}

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Good people do not need laws to tell them to act responsibly, while bad
people will find a way around the laws. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20150524/a7d27f74/attachment.asc>

More information about the ffmpeg-devel mailing list