generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

vp9_parser: fix endless loop w/0-sized frame

Browse Source 
treat this the same as an over-sized superframe packet to break out of
the parser loop and allow the decoder to fail.

Reviewed-by: Ronald S. Bultje <rsbultje@gmail.com>
Signed-off-by: James Zern <jzern@google.com>
This commit is contained in:
James Zern 2015-10-16 15:28:55 -07:00
parent b0bb1dc62d
commit 7b4367d93e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libavcodec/vp9_parser.c
View File

@ -111,12 +111,12 @@ static int parse(AVCodecParserContext *ctx,
while (n_frames--) { \ while (n_frames--) { \
unsigned sz = rd; \ unsigned sz = rd; \
idx += a; \ idx += a; \
if (sz > size) { \ if (sz == 0 || sz > size) { \
s->n_frames = 0; \ s->n_frames = 0; \
*out_size = size; \ *out_size = size; \
*out_data = data; \ *out_data = data; \
av_log(avctx, AV_LOG_ERROR, \ av_log(avctx, AV_LOG_ERROR, \
"Superframe packet size too big: %u > %d\n", \ "Invalid superframe packet size: %u frame size: %d\n", \
sz, size); \ sz, size); \
return full_size; \ return full_size; \
} \ } \