On Mon, Mar 02, 2015 at 04:10:26PM +0100, Andreas Cadhalpun wrote:
> On 01.03.2015 21:18, Diego Biurrun wrote:
> >On Sat, Feb 28, 2015 at 11:40:30PM +0100, Andreas Cadhalpun wrote:
> >>--- a/libavformat/rmenc.c
> >>+++ b/libavformat/rmenc.c
> >>@@ -396,6 +396,10 @@ static int rm_write_video(AVFormatContext *s, const
> >>uint8_t *buf, int size, int
> >> /* Well, I spent some time finding the meaning of these bits. I am
> >> not sure I understood everything, but it works !! */
> >> #if 1
> >>+ if (size > 0xFFFF - 7 - 4 - 12) {
> >
> >That looks slightly magicky ... What are those numbers?
>
> Well, 0xFFFF is the maximal size for avio_wb16 and then one has to subtract
> the maximal size of the header.
> The 7 and 4 come from:
> write_packet_header(s, stream, size + 7 + (size >= 0x4000)*4, key_frame);
So lots of magic numbers used all over the place. 0xFFFF is UINT16_MAX,
so there is at least one number you can demagic..
> And in write_packet_header there is the 12:
> avio_wb16(s,length + 12);
>
> >>+ av_log(s, AV_LOG_ERROR, "packet size %d too large\n", size);
> >>+ return AVERROR(EINVAL);
> >
> >INVALIDDATA
>
> Since the format could actually support such large frames, it's really
> AVERROR_PATCHWELCOME.
AVERROR_PATCHWELCOME should be paired with avpriv_report_missing_feature.
Diego
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
