On Wed, Oct 17, 2018 at 7:23 AM Michael Niedermayer
<mich...@niedermayer.cc> wrote:
>
> On Mon, Oct 15, 2018 at 10:03:59PM +0800, Jun Zhao wrote:
> > case 1:
> > use the hexdump -C SMM0005.rcv get:
> > size skip (size - 4)
> > | |
> > V V
> > 00000000 18 00 00 c5 05 00 00 00 4d f1 0a 11 00 e0 01 00
> > 00000010 00 d0 02 00 00 0c 00 00 00 88 13 00 00 c0 65 52
> > ^
> > |
> > size + 16
> > case 2:
> > same the command for SMM0015.rcv get:
> > size
> > |
> > V
> > 00000000 19 00 00 c5 04 00 00 00 41 f3 80 01 40 02 00 00
> > 00000010 d0 02 00 00 0c 00 00 00 00 00 00 10 00 00 00 00
> > ^
> > |
> > size + 16
> >
> > There are different the RCV file format for VC-1, vc1test
> > just handle the case 2 now, this fix will support the case 1.
> > (Both of test clips come from: SMPTE Recommended Practice -
> > VC-1 Decoder and Bitstream Conformance). And I think I got
> > a older VC-1 test clip in the case 1.
> >
> > Reviewed-by: Carl Eugen Hoyos <ceffm...@gmail.com>
> > Reviewed-by: Jerome Borsboom <jerome.borsb...@carpalis.nl>
> > Reviewed-by: Michael Niedermayer <mich...@niedermayer.cc>
> > Signed-off-by: Jun Zhao <jun.z...@intel.com>
> > Signed-off-by: Yan, FengX <fengx....@intel.com>
> > ---
> > libavformat/vc1test.c | 12 ++++++++++--
> > 1 files changed, 10 insertions(+), 2 deletions(-)
> >
> > diff --git a/libavformat/vc1test.c b/libavformat/vc1test.c
> > index a801f4b..2427660 100644
> > --- a/libavformat/vc1test.c
> > +++ b/libavformat/vc1test.c
> > @@ -34,9 +34,14 @@
> >
> > static int vc1t_probe(AVProbeData *p)
> > {
> > + int size;
> > +
> > if (p->buf_size < 24)
> > return 0;
> > - if (p->buf[3] != 0xC5 || AV_RL32(&p->buf[4]) != 4 ||
> > AV_RL32(&p->buf[20]) != 0xC)
> > +
> > + size = AV_RL32(&p->buf[4]);
> > + if (p->buf[3] != 0xC5 || size < 4 || size+16 > p->buf_size ||
>
> size + 16 is undefined here as it can overflow the int range
>
>
Update V5 patch
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
