On Tue, 10 Dec 2013 15:42:27 +0100, Guillaume Martres <[email protected]> wrote: > From: Yusuke Nakamura <[email protected]> > > User may cut off a weird position and send a packet from there. > This avoids returning as invalid data immediately. > --- > libavcodec/hevc.c | 17 +++++++++-------- > 1 file changed, 9 insertions(+), 8 deletions(-) > > diff --git a/libavcodec/hevc.c b/libavcodec/hevc.c > index b7e7757..491bc57 100644 > --- a/libavcodec/hevc.c > +++ b/libavcodec/hevc.c > @@ -2689,14 +2689,15 @@ static int decode_nal_units(HEVCContext *s, const > uint8_t *buf, int length) > goto fail; > } > } else { > - if (buf[2] == 0) { > - length--; > - buf++; > - continue; > - } > - if (buf[0] != 0 || buf[1] != 0 || buf[2] != 1) { > - ret = AVERROR_INVALIDDATA; > - goto fail; > + /* search start code */ > + while (buf[0] != 0 || buf[1] != 0 || buf[2] != 1) { > + ++buf; > + --length; > + if (length < 4) { > + av_log(s->avctx, AV_LOG_ERROR, "No start code is > found.\n"); > + ret = AVERROR_INVALIDDATA; > + goto fail; > + } > } > > buf += 3; > -- > 1.8.3.2 >
I still think this belongs in the parser -- Anton Khirnov _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
