On 12/13/2012 04:54 PM, Janne Grunau wrote: > On 2012-12-13 16:24:22 +0100, Luca Barbato wrote: >> Interlacing is not supported at all and mismanaged down the normal >> codepaths causing possible buffer management issues. >> >> CC: [email protected] >> --- >> >> Probably could be worth checking that we wouldn't have other way to trip >> into a doublefree-like situation, yet this is the simplest solution for >> now. >> >> libavcodec/vp6.c | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c >> index 826b777..c3428fe 100644 >> --- a/libavcodec/vp6.c >> +++ b/libavcodec/vp6.c >> @@ -64,8 +64,8 @@ static int vp6_parse_header(VP56Context *s, const uint8_t >> *buf, int buf_size, >> return 0; >> s->filter_header = buf[1] & 0x06; >> if (buf[1] & 1) { >> - av_log(s->avctx, AV_LOG_ERROR, "interlacing not supported\n"); >> - return 0; >> + av_log_missing_feature(s->avctx, "Interlacing", 0); >> + return AVERROR_PATCHWELCOME; >> } >> if (separated_coeff || !s->filter_header) { >> coeff_offset = AV_RB16(buf+2) - 2; > > It makes little sense to continue decoding if we know that the result > will probably look like decoding of random data. That said if you can > identify where the context gets so screwed up that it crashes later > please do since carefully crafted non-interlaced file could probably > cause the same crash.
I'll try to instrument our default buffer manager to track it soon. lu _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
