[FFmpeg-soc] [soc]: r3855 - dirac/libavcodec/diracdec.c
conrad
subversion at mplayerhq.hu
Thu Dec 4 22:10:17 CET 2008
Author: conrad
Date: Thu Dec 4 22:10:17 2008
New Revision: 3855
Log:
Check the BBCD prefix and enforce a minimum size for a packet, to avoid an infinite loop on the eos packet
Modified:
dirac/libavcodec/diracdec.c
Modified: dirac/libavcodec/diracdec.c
==============================================================================
--- dirac/libavcodec/diracdec.c (original)
+++ dirac/libavcodec/diracdec.c Thu Dec 4 22:10:17 2008
@@ -871,13 +871,18 @@ int dirac_decode_frame(AVCodecContext *a
// read through data units until we find a picture
while (buf_read < buf_size) {
+ if (buf[0] != 'B' || buf[1] != 'B' || buf[2] != 'C' || buf[3] != 'D') {
+ buf++;
+ buf_read++;
+ continue;
+ }
parse_code = buf[4];
- data_unit_size = AV_RB32(buf+5);
+ data_unit_size = FFMAX(AV_RB32(buf+5), 13);
if (data_unit_size > buf_size - buf_read)
return -1;
dprintf(avctx, "Decoding frame: size=%d head=%c%c%c%c parse=%02x\n",
- buf_size, buf[0], buf[1], buf[2], buf[3], buf[4]);
+ data_unit_size, buf[0], buf[1], buf[2], buf[3], buf[4]);
init_get_bits(&s->gb, &buf[13], (data_unit_size - 13) * 8);
s->avctx = avctx;
More information about the FFmpeg-soc
mailing list