Also make sure the existing length check can't overflow.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This makes sure that it doesn't try to free an AVBuffer belonging
to an earlier packet when we free the local packet at the end.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This avoids divisions by zero later.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
If the height is zero, the decompression will probably end up
failing due to not fitting into the allocated buffer later
anyway, so this doesn't need any more elaborate check.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This is similar to the fix in 35cbc98b.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
The init function reads one byte of extradata.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Null buffers are useful for simulating writing to a real buffer
for the sake of measuring how many bytes are written.
Signed-off-by: Martin Storsjö <martin@martin.st>
ASF markers only have a start time, so we lose the chapter end times,
but that is ASF for you
Signed-off-by: Vladimir Pantelic <vladoman@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
this was forgotten when we changed ASF to not output the preroll time
Signed-off-by: Vladimir Pantelic <vladoman@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Abort if it is invalid if strict error checking has been requested.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This makes the output fragments independent of their position in
the output stream, making the output work better when streamed.
QuickTime Player doesn't support fragmented mp4 without the base
data offset, though.
Signed-off-by: Martin Storsjö <martin@martin.st>
This is a bit more work, but avoids having to fill in
the data offset field afterwards instead of directly when
the rest of the trun atom is written.
This simplifies future cases where this field needs to be set to
something different.
Signed-off-by: Martin Storsjö <martin@martin.st>
This is required, since invalid parameters actually could
pass the switch check below.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
A given packet won't always come in contiguously; sometimes
they may be broken up on chunk boundaries by packets of another
channel.
This support primarily involves tracking information about the
data that's been read, so the reader can pick up where it left
off for a given channel.
As a side effect, we no longer over-report the bytes read if
(toread = MIN(size, chunk_size)) == size
Signed-off-by: Martin Storsjö <martin@martin.st>
Since the number of channels is multiplied by 36 and assigned to
to a uint16_t, make sure this calculation didn't overflow. (In
certain cases the calculation could overflow leaving the
truncated block_align at 0, leading to divisions by zero later.)
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
A change in framesize caused a perpetual loss of synchronization.
So read (and use) the frame size from the frame header instead of
setting it only once.
Signed-off-by: Diego Biurrun <diego@biurrun.de>
This avoids crashes when initializing the range coder for
the first slice context.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This is similar to an existing check for the second-last frame
from 062421e3.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This avoids a potential division by zero.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Some files have the duration set to -1 in the mdhd atom, more
or less legitimately. (We produce such files ourselves, for the
initial duration in fragmented mp4 files.)
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Also return a proper error code.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Also pass on any returned error code.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
This more closely corresponds to the usage of the field.
Its usage here is unrelated to the channel ID.
Signed-off-by: Martin Storsjö <martin@martin.st>
Channel 4 is typically used by the Flash player to transmit
audio, channel 6 for video, and various stream-specific invokes
get sent over channel 8, which is designated the source channel.
This more closely matches the behavior of the Flash player,
including the transmission of play requests over channel 8.
Signed-off-by: Martin Storsjö <martin@martin.st>