[FFmpeg-devel] [PATCH 4/4] lavc/decode: validate frames output by decoders
Anton Khirnov
anton at khirnov.net
Thu Jan 5 13:07:56 EET 2023
Make sure no frames with invalid parameters will be seen by the caller.
---
libavcodec/decode.c | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
diff --git a/libavcodec/decode.c b/libavcodec/decode.c
index 56ba06d5d5..0abc88737b 100644
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@@ -667,6 +667,33 @@ static int apply_cropping(AVCodecContext *avctx, AVFrame *frame)
AV_FRAME_CROP_UNALIGNED : 0);
}
+// make sure frames returned to the caller are valid
+static int frame_validate(AVCodecContext *avctx, AVFrame *frame)
+{
+ if (!frame->buf[0] || frame->format < 0)
+ goto fail;
+
+ switch (avctx->codec_type) {
+ case AVMEDIA_TYPE_VIDEO:
+ if (frame->width <= 0 || frame->height <= 0)
+ goto fail;
+ break;
+ case AVMEDIA_TYPE_AUDIO:
+ if (!av_channel_layout_check(&frame->ch_layout) ||
+ frame->sample_rate <= 0)
+ goto fail;
+
+ break;
+ default: av_assert0(0);
+ }
+
+ return 0;
+fail:
+ av_log(avctx, AV_LOG_ERROR, "An invalid frame was output by a decoder. "
+ "This is a bug, please report it.\n");
+ return AVERROR_BUG;
+}
+
int ff_decode_receive_frame(AVCodecContext *avctx, AVFrame *frame)
{
AVCodecInternal *avci = avctx->internal;
@@ -683,6 +710,10 @@ int ff_decode_receive_frame(AVCodecContext *avctx, AVFrame *frame)
return ret;
}
+ ret = frame_validate(avctx, frame);
+ if (ret < 0)
+ goto fail;
+
if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) {
ret = apply_cropping(avctx, frame);
if (ret < 0)
--
2.35.1
More information about the ffmpeg-devel
mailing list