[FFmpeg-trac] #9185(avformat:new): ffmpeg flac decoder incorrectly finds junk frame

FFmpeg trac at avcodec.org
Thu Sep 30 16:02:49 EEST 2021 

#9185: ffmpeg flac decoder incorrectly finds junk frame
-------------------------------------+-------------------------------------
             Reporter:  Mattias      |                    Owner:  (none)
  Wadman                             |
                 Type:  defect       |                   Status:  new
             Priority:  important    |                Component:  avformat
              Version:  git-master   |               Resolution:
             Keywords:  flac         |               Blocked By:
  regression                         |
             Blocking:               |  Reproduced by developer:  1
Analyzed by developer:  0            |
-------------------------------------+-------------------------------------
Comment (by Mattias Wadman):

 Hello, spent some more time on this as i keep seeing files with this issue
 from time to time.

 Could a patch like this be ok to merge into ffmpeg? not perfect but fixes
 the issue for files i've seen. It peeks one byte into the first subframe
 and looks for valid configurations.

 {{{
 diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c
 index 3424583c49..de9651926b 100644
 --- a/libavcodec/flac_parser.c
 +++ b/libavcodec/flac_parser.c
 @@ -96,8 +96,34 @@ static int frame_header_is_valid(AVCodecContext *avctx,
 const uint8_t *buf,
                                   FLACFrameInfo *fi)
  {
      GetBitContext gb;
 -    init_get_bits(&gb, buf, MAX_FRAME_HEADER_SIZE * 8);
 -    return !ff_flac_decode_frame_header(avctx, &gb, fi, 127);
 +    uint8_t subframe_type;
 +
 +    // header plus one byte from first subframe
 +    init_get_bits(&gb, buf, MAX_FRAME_HEADER_SIZE * 8 + 8);
 +    if (ff_flac_decode_frame_header(avctx, &gb, fi, 127) != 0) {
 +        return 0;
 +    }
 +    // subframe zero bit
 +    if (get_bits1(&gb) != 0) {
 +        return 0;
 +    }
 +    // subframe subframe_type
 +    // 000000 : SUBFRAME_CONSTANT
 +    // 000001 : SUBFRAME_VERBATIM
 +    // 00001x : reserved
 +    // 0001xx : reserved
 +    // 001xxx : if(xxx <= 4) SUBFRAME_FIXED, xxx=order ; else reserved
 +    // 01xxxx : reserved
 +    // 1xxxxx : SUBFRAME_LPC, xxxxx=order-1
 +    subframe_type = get_bits(&gb, 6);
 +    if (!(subframe_type == 0 ||
 +          subframe_type == 1 ||
 +          ((subframe_type >= 8) && (subframe_type <= 12)) ||
 +          (subframe_type >= 32))) {
 +        return 0;
 +    }
 +
 +    return 1;
  }

  /**
 }}}
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/9185#comment:10>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list