subject:"\[FFmpeg\-devel\] \[PATCH\] lavf\/mov.c\: Allocate buffer in case of long metadata entries."

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-20 Thread Thilo Borgmann

Am 17.10.14 17:03, schrieb Michael Niedermayer:
 [...]
 
 i think it would be simpler to always allocate with no str_small
 local buffer case.
 Also always allocating 2x the size should avoid the macro

Done  attached.

-Thilo

From e374fd065392f7e68fd3d951712a13008dc6fb2f Mon Sep 17 00:00:00 2001
From: Thilo Borgmann thilo.borgm...@mail.de
Date: Mon, 20 Oct 2014 13:42:28 +0200
Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

---
 libavformat/mov.c | 18 --
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 4ff46dd..fee76e7 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -261,10 +261,11 @@ static int mov_read_udta_string(MOVContext *c, 
AVIOContext *pb, MOVAtom atom)
 #ifdef MOV_EXPORT_ALL_METADATA
 char tmp_key[5];
 #endif
-char str[1024], key2[16], language[4] = {0};
+char key2[16], language[4] = {0};
+char *str = NULL;
 const char *key = NULL;
 uint16_t langcode = 0;
-uint32_t data_type = 0, str_size;
+uint32_t data_type = 0, str_size, str_size_alloc;
 int (*parse)(MOVContext*, AVIOContext*, unsigned, const char*) = NULL;
 
 switch (atom.type) {
@@ -353,18 +354,21 @@ static int mov_read_udta_string(MOVContext *c, 
AVIOContext *pb, MOVAtom atom)
 }
 #endif
 
+str_size_alloc = str_size  1; // worst-case requirement for output 
string in case of utf8 coded input
+str = av_malloc(str_size_alloc);
+if (!str)
+return AVERROR(ENOMEM);
+
 if (!key)
 return 0;
 if (atom.size  0)
 return AVERROR_INVALIDDATA;
 
-str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
-
 if (parse)
 parse(c, pb, str_size, key);
 else {
 if (data_type == 3 || (data_type == 0  (langcode  0x400 || langcode 
== 0x7fff))) { // MAC Encoded
-mov_read_mac_string(c, pb, str_size, str, sizeof(str));
+mov_read_mac_string(c, pb, str_size, str, str_size_alloc);
 } else {
 int ret = avio_read(pb, str, str_size);
 if (ret != str_size)
@@ -380,7 +384,9 @@ static int mov_read_udta_string(MOVContext *c, AVIOContext 
*pb, MOVAtom atom)
 }
 av_dlog(c-fc, lang \%3s\ , language);
 av_dlog(c-fc, tag \%s\ value \%s\ atom \%.4s\ %d %PRId64\n,
-key, str, (char*)atom.type, str_size, atom.size);
+key, str, (char*)atom.type, str_size_alloc, atom.size);
+
+av_freep(str);
 
 return 0;
 }
-- 
1.9.3 (Apple Git-50)

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-20 Thread Michael Niedermayer

On Mon, Oct 20, 2014 at 01:43:32PM +0200, Thilo Borgmann wrote:
 Am 17.10.14 17:03, schrieb Michael Niedermayer:
  [...]
  
  i think it would be simpler to always allocate with no str_small
  local buffer case.
  Also always allocating 2x the size should avoid the macro
 
 Done  attached.
 
 -Thilo
 

  mov.c |   18 --
  1 file changed, 12 insertions(+), 6 deletions(-)
 76e7a087fd36eac892308af02cc8d37c287c142f  
 0001-lavf-mov.c-Allocate-buffer-in-case-of-long-metadata-.patch
 From e374fd065392f7e68fd3d951712a13008dc6fb2f Mon Sep 17 00:00:00 2001
 From: Thilo Borgmann thilo.borgm...@mail.de
 Date: Mon, 20 Oct 2014 13:42:28 +0200
 Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

applied

thanks

[...]

-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Asymptotically faster algorithms should always be preferred if you have
asymptotical amounts of data


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-17 Thread Thilo Borgmann

Am 16.10.14 04:47, schrieb Michael Niedermayer:
 On Mon, Oct 13, 2014 at 09:40:42AM +0200, Thilo Borgmann wrote:
 Am 11.10.14 16:19, schrieb Nicolas George:
 [...]

 all remarks applied.

 -Thilo

 
  mov.c |   16 
  1 file changed, 12 insertions(+), 4 deletions(-)
 cabb6e51de7f9329603561773f209b6a948478ce  
 0001-lavf-mov.c-Allocate-buffer-in-case-of-long-metadata-.patch
 From 5a14ef97ffc7d82dea5644c736e6dc2de2079e89 Mon Sep 17 00:00:00 2001
 From: Thilo Borgmann thilo.borgm...@mail.de
 Date: Mon, 13 Oct 2014 09:36:17 +0200
 Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata 
 entries.

 ---
  libavformat/mov.c | 16 
  1 file changed, 12 insertions(+), 4 deletions(-)

 diff --git a/libavformat/mov.c b/libavformat/mov.c
 index 4ff46dd..8d6d074 100644
 --- a/libavformat/mov.c
 +++ b/libavformat/mov.c
 @@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  #ifdef MOV_EXPORT_ALL_METADATA
  char tmp_key[5];
  #endif
 -char str[1024], key2[16], language[4] = {0};
 +char str_small[1024], key2[16], language[4] = {0};
 +char *str = str_small;
 +char *pstr = NULL;
  const char *key = NULL;
  uint16_t langcode = 0;
  uint32_t data_type = 0, str_size;
 @@ -358,13 +360,17 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  if (atom.size  0)
  return AVERROR_INVALIDDATA;
  
 -str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
 -
  if (parse)
  parse(c, pb, str_size, key);
  else {
 +if (str_size  sizeof(str_small)-1) { // allocate buffer for long 
 data field
 +pstr = str = av_malloc(str_size);
 +if (!pstr)
 +return AVERROR(ENOMEM);
 +}
 +
  if (data_type == 3 || (data_type == 0  (langcode  0x400 || 
 langcode == 0x7fff))) { // MAC Encoded
 -mov_read_mac_string(c, pb, str_size, str, sizeof(str));
 +mov_read_mac_string(c, pb, str_size, str, str_size);
 
 this seems to store UTF8, which can require more space than str_size

New patch attached using a worst-case size of twice the input string size if
the input is in utf8.

Tested only with non utf8 by now - I would appreciate it if someone could test
this with UTF8 metadata or tell me how to generate/where to get a suitable file.

-Thilo

From 1a59272e3d333c784e9f4857cd3aa6542ad28d6d Mon Sep 17 00:00:00 2001
From: Thilo Borgmann thilo.borgm...@mail.de
Date: Fri, 17 Oct 2014 14:30:30 +0200
Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

---
 libavformat/mov.c | 27 ++-
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 4ff46dd..a48877d 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, AVIOContext 
*pb, MOVAtom atom)
 #ifdef MOV_EXPORT_ALL_METADATA
 char tmp_key[5];
 #endif
-char str[1024], key2[16], language[4] = {0};
+char str_small[1024], key2[16], language[4] = {0};
+char *str = str_small;
+char *pstr = NULL;
 const char *key = NULL;
 uint16_t langcode = 0;
 uint32_t data_type = 0, str_size;
@@ -358,15 +360,28 @@ static int mov_read_udta_string(MOVContext *c, 
AVIOContext *pb, MOVAtom atom)
 if (atom.size  0)
 return AVERROR_INVALIDDATA;
 
-str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
-
 if (parse)
 parse(c, pb, str_size, key);
 else {
+#define LONG_META_ALLOC() {   \
+if (str_size  sizeof(str_small)-1) { \
+pstr = str = av_malloc(str_size); \
+if (!pstr)\
+return AVERROR(ENOMEM);   \
+} \
+}
+
 if (data_type == 3 || (data_type == 0  (langcode  0x400 || langcode 
== 0x7fff))) { // MAC Encoded
-mov_read_mac_string(c, pb, str_size, str, sizeof(str));
+int str_size_in = str_size;
+str_size = 1; // worst-case requirement for output string in 
case of utf8 coded input
+// allocate buffer for long data field if necessary
+LONG_META_ALLOC();
+mov_read_mac_string(c, pb, str_size_in, str, str_size);
 } else {
-int ret = avio_read(pb, str, str_size);
+int ret;
+// allocate buffer for long data field if necessary
+LONG_META_ALLOC();
+ret = avio_read(pb, str, str_size);
 if (ret != str_size)
 return ret  0 ? ret : AVERROR_INVALIDDATA;
 str[str_size] = 0;
@@ -382,6 +397,8 @@ static int mov_read_udta_string(MOVContext *c, AVIOContext 
*pb, MOVAtom atom)
 av_dlog(c-fc, tag \%s\ value \%s\ atom \%.4s\ %d %PRId64\n,
 key, str, (char*)atom.type, str_size, atom.size);
 
+av_freep(pstr);
+
 return 0;
 }
 
--

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-17 Thread Michael Niedermayer

On Fri, Oct 17, 2014 at 02:33:27PM +0200, Thilo Borgmann wrote:
 Am 16.10.14 04:47, schrieb Michael Niedermayer:
  On Mon, Oct 13, 2014 at 09:40:42AM +0200, Thilo Borgmann wrote:
  Am 11.10.14 16:19, schrieb Nicolas George:
  [...]
 
  all remarks applied.
 
  -Thilo
 
  
   mov.c |   16 
   1 file changed, 12 insertions(+), 4 deletions(-)
  cabb6e51de7f9329603561773f209b6a948478ce  
  0001-lavf-mov.c-Allocate-buffer-in-case-of-long-metadata-.patch
  From 5a14ef97ffc7d82dea5644c736e6dc2de2079e89 Mon Sep 17 00:00:00 2001
  From: Thilo Borgmann thilo.borgm...@mail.de
  Date: Mon, 13 Oct 2014 09:36:17 +0200
  Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata 
  entries.
 
  ---
   libavformat/mov.c | 16 
   1 file changed, 12 insertions(+), 4 deletions(-)
 
  diff --git a/libavformat/mov.c b/libavformat/mov.c
  index 4ff46dd..8d6d074 100644
  --- a/libavformat/mov.c
  +++ b/libavformat/mov.c
  @@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, 
  AVIOContext *pb, MOVAtom atom)
   #ifdef MOV_EXPORT_ALL_METADATA
   char tmp_key[5];
   #endif
  -char str[1024], key2[16], language[4] = {0};
  +char str_small[1024], key2[16], language[4] = {0};
  +char *str = str_small;
  +char *pstr = NULL;
   const char *key = NULL;
   uint16_t langcode = 0;
   uint32_t data_type = 0, str_size;
  @@ -358,13 +360,17 @@ static int mov_read_udta_string(MOVContext *c, 
  AVIOContext *pb, MOVAtom atom)
   if (atom.size  0)
   return AVERROR_INVALIDDATA;
   
  -str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
  -
   if (parse)
   parse(c, pb, str_size, key);
   else {
  +if (str_size  sizeof(str_small)-1) { // allocate buffer for long 
  data field
  +pstr = str = av_malloc(str_size);
  +if (!pstr)
  +return AVERROR(ENOMEM);
  +}
  +
   if (data_type == 3 || (data_type == 0  (langcode  0x400 || 
  langcode == 0x7fff))) { // MAC Encoded
  -mov_read_mac_string(c, pb, str_size, str, sizeof(str));
  +mov_read_mac_string(c, pb, str_size, str, str_size);
  
  this seems to store UTF8, which can require more space than str_size
 
 New patch attached using a worst-case size of twice the input string size if
 the input is in utf8.
 
 Tested only with non utf8 by now - I would appreciate it if someone could test
 this with UTF8 metadata or tell me how to generate/where to get a suitable 
 file.
 
 -Thilo
 

  mov.c |   27 ++-
  1 file changed, 22 insertions(+), 5 deletions(-)
 c6706cd53f0c804d993ba5dec8112faf1b9e84e5  
 0001-lavf-mov.c-Allocate-buffer-in-case-of-long-metadata-.patch
 From 1a59272e3d333c784e9f4857cd3aa6542ad28d6d Mon Sep 17 00:00:00 2001
 From: Thilo Borgmann thilo.borgm...@mail.de
 Date: Fri, 17 Oct 2014 14:30:30 +0200
 Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.
 
 ---
  libavformat/mov.c | 27 ++-
  1 file changed, 22 insertions(+), 5 deletions(-)
 
 diff --git a/libavformat/mov.c b/libavformat/mov.c
 index 4ff46dd..a48877d 100644
 --- a/libavformat/mov.c
 +++ b/libavformat/mov.c
 @@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  #ifdef MOV_EXPORT_ALL_METADATA
  char tmp_key[5];
  #endif
 -char str[1024], key2[16], language[4] = {0};
 +char str_small[1024], key2[16], language[4] = {0};
 +char *str = str_small;
 +char *pstr = NULL;
  const char *key = NULL;
  uint16_t langcode = 0;
  uint32_t data_type = 0, str_size;
 @@ -358,15 +360,28 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  if (atom.size  0)
  return AVERROR_INVALIDDATA;
  
 -str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
 -
  if (parse)
  parse(c, pb, str_size, key);
  else {
 +#define LONG_META_ALLOC() {   \
 +if (str_size  sizeof(str_small)-1) { \
 +pstr = str = av_malloc(str_size); \
 +if (!pstr)\
 +return AVERROR(ENOMEM);   \
 +} \
 +}
 +
  if (data_type == 3 || (data_type == 0  (langcode  0x400 || 
 langcode == 0x7fff))) { // MAC Encoded
 -mov_read_mac_string(c, pb, str_size, str, sizeof(str));
 +int str_size_in = str_size;
 +str_size = 1; // worst-case requirement for output string in 
 case of utf8 coded input
 +// allocate buffer for long data field if necessary
 +LONG_META_ALLOC();
 +mov_read_mac_string(c, pb, str_size_in, str, str_size);
  } else {
 -int ret = avio_read(pb, str, str_size);
 +int ret;
 +// allocate buffer for long data field if necessary
 +LONG_META_ALLOC();
 +ret = avio_read(pb, str, str_size);

i

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-15 Thread Thilo Borgmann

Am 13.10.14 13:08, schrieb Nicolas George:
 Le duodi 22 vendémiaire, an CCXXIII, Reimar Döffinger a écrit :
 Uh, wouldn't that be undefined behaviour?
 You're not allowed to compare pointers from different allocations as far
 as I know, even if it usually works.
 
 The spec says:
 
 # Two pointers compare equal if and only if both are null pointers, both are
 # pointers to the same object (including a pointer to an object and a
 # subobject at its beginning) or function, both are pointers to one past the
 # last element of the same array object, or one is a pointer to one past the
 # end of one array object and the other is a pointer to the start of a
 # different array object that happens to immediately follow the first array
 # object in the address space.)
 
 If I read this correctly, the and only if means that comparing pointers
 from different allocations is valid and returns false.
 
 I suspect you are generalising the issue with  and : for these operators,
 comparing pointers to different objects is invalid.

Ping. The pointer issue does not apply to the current patch.

-Thilo

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-15 Thread Michael Niedermayer

On Mon, Oct 13, 2014 at 09:40:42AM +0200, Thilo Borgmann wrote:
 Am 11.10.14 16:19, schrieb Nicolas George:
  [...]
 
 all remarks applied.
 
 -Thilo
 

  mov.c |   16 
  1 file changed, 12 insertions(+), 4 deletions(-)
 cabb6e51de7f9329603561773f209b6a948478ce  
 0001-lavf-mov.c-Allocate-buffer-in-case-of-long-metadata-.patch
 From 5a14ef97ffc7d82dea5644c736e6dc2de2079e89 Mon Sep 17 00:00:00 2001
 From: Thilo Borgmann thilo.borgm...@mail.de
 Date: Mon, 13 Oct 2014 09:36:17 +0200
 Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.
 
 ---
  libavformat/mov.c | 16 
  1 file changed, 12 insertions(+), 4 deletions(-)
 
 diff --git a/libavformat/mov.c b/libavformat/mov.c
 index 4ff46dd..8d6d074 100644
 --- a/libavformat/mov.c
 +++ b/libavformat/mov.c
 @@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  #ifdef MOV_EXPORT_ALL_METADATA
  char tmp_key[5];
  #endif
 -char str[1024], key2[16], language[4] = {0};
 +char str_small[1024], key2[16], language[4] = {0};
 +char *str = str_small;
 +char *pstr = NULL;
  const char *key = NULL;
  uint16_t langcode = 0;
  uint32_t data_type = 0, str_size;
 @@ -358,13 +360,17 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  if (atom.size  0)
  return AVERROR_INVALIDDATA;
  
 -str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
 -
  if (parse)
  parse(c, pb, str_size, key);
  else {
 +if (str_size  sizeof(str_small)-1) { // allocate buffer for long 
 data field
 +pstr = str = av_malloc(str_size);
 +if (!pstr)
 +return AVERROR(ENOMEM);
 +}
 +
  if (data_type == 3 || (data_type == 0  (langcode  0x400 || 
 langcode == 0x7fff))) { // MAC Encoded
 -mov_read_mac_string(c, pb, str_size, str, sizeof(str));
 +mov_read_mac_string(c, pb, str_size, str, str_size);

this seems to store UTF8, which can require more space than str_size


[...]

-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

He who knows, does not speak. He who speaks, does not know. -- Lao Tsu


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-13 Thread Thilo Borgmann

Am 11.10.14 16:19, schrieb Nicolas George:
 [...]

all remarks applied.

-Thilo

From 5a14ef97ffc7d82dea5644c736e6dc2de2079e89 Mon Sep 17 00:00:00 2001
From: Thilo Borgmann thilo.borgm...@mail.de
Date: Mon, 13 Oct 2014 09:36:17 +0200
Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

---
 libavformat/mov.c | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 4ff46dd..8d6d074 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -261,7 +261,9 @@ static int mov_read_udta_string(MOVContext *c, AVIOContext 
*pb, MOVAtom atom)
 #ifdef MOV_EXPORT_ALL_METADATA
 char tmp_key[5];
 #endif
-char str[1024], key2[16], language[4] = {0};
+char str_small[1024], key2[16], language[4] = {0};
+char *str = str_small;
+char *pstr = NULL;
 const char *key = NULL;
 uint16_t langcode = 0;
 uint32_t data_type = 0, str_size;
@@ -358,13 +360,17 @@ static int mov_read_udta_string(MOVContext *c, 
AVIOContext *pb, MOVAtom atom)
 if (atom.size  0)
 return AVERROR_INVALIDDATA;
 
-str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
-
 if (parse)
 parse(c, pb, str_size, key);
 else {
+if (str_size  sizeof(str_small)-1) { // allocate buffer for long data 
field
+pstr = str = av_malloc(str_size);
+if (!pstr)
+return AVERROR(ENOMEM);
+}
+
 if (data_type == 3 || (data_type == 0  (langcode  0x400 || langcode 
== 0x7fff))) { // MAC Encoded
-mov_read_mac_string(c, pb, str_size, str, sizeof(str));
+mov_read_mac_string(c, pb, str_size, str, str_size);
 } else {
 int ret = avio_read(pb, str, str_size);
 if (ret != str_size)
@@ -382,6 +388,8 @@ static int mov_read_udta_string(MOVContext *c, AVIOContext 
*pb, MOVAtom atom)
 av_dlog(c-fc, tag \%s\ value \%s\ atom \%.4s\ %d %PRId64\n,
 key, str, (char*)atom.type, str_size, atom.size);
 
+av_freep(pstr);
+
 return 0;
 }
 
-- 
1.9.3 (Apple Git-50)

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-13 Thread Thilo Borgmann

Am 13.10.14 09:57, schrieb Reimar Döffinger:
 On 11.10.2014, at 16:19, Nicolas George geo...@nsup.org wrote:
 +if (str_size  sizeof(str)-1) { // free buffer for long data field
 +av_freep(pstr);

 I think if (pstr != str) would be more robust.
 
 Uh, wouldn't that be undefined behaviour?
 You're not allowed to compare pointers from different allocations as far as I 
 know, even if it usually works.

The original comparison is still in the patch and no pointers are compared.
Which does not mean I'm sure about the comparing issue you mention.

-Thilo

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-13 Thread Nicolas George

Le duodi 22 vendémiaire, an CCXXIII, Reimar Döffinger a écrit :
 Uh, wouldn't that be undefined behaviour?
 You're not allowed to compare pointers from different allocations as far
 as I know, even if it usually works.

The spec says:

# Two pointers compare equal if and only if both are null pointers, both are
# pointers to the same object (including a pointer to an object and a
# subobject at its beginning) or function, both are pointers to one past the
# last element of the same array object, or one is a pointer to one past the
# end of one array object and the other is a pointer to the start of a
# different array object that happens to immediately follow the first array
# object in the address space.)

If I read this correctly, the and only if means that comparing pointers
from different allocations is valid and returns false.

I suspect you are generalising the issue with  and : for these operators,
comparing pointers to different objects is invalid.

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-11 Thread Thilo Borgmann

Hi,

trying to fix ticket #4018.

Metadata in mov is silently truncated to 1023 bytes.
This patch allocated a buffer in case of entries found that exceed 1023 bytes.
Fixes ticket #4018 for me.

Maybe check str_size against an upper limit?

-Thilo
From 365bec36b3b7f1925cfa2310d979a63ef8e3a7e8 Mon Sep 17 00:00:00 2001
From: Thilo Borgmann thilo.borgm...@mail.de
Date: Sat, 11 Oct 2014 16:09:07 +0200
Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

---
 libavformat/mov.c | 23 ---
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 4ff46dd..136b1d5 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -358,24 +358,33 @@ static int mov_read_udta_string(MOVContext *c, 
AVIOContext *pb, MOVAtom atom)
 if (atom.size  0)
 return AVERROR_INVALIDDATA;
 
-str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
-
 if (parse)
 parse(c, pb, str_size, key);
 else {
+char *pstr = str;
+if (str_size  sizeof(str)-1) { // allocate buffer for long data field
+pstr = av_malloc(str_size);
+if (!pstr)
+return AVERROR(ENOMEM);
+}
+
 if (data_type == 3 || (data_type == 0  (langcode  0x400 || langcode 
== 0x7fff))) { // MAC Encoded
-mov_read_mac_string(c, pb, str_size, str, sizeof(str));
+mov_read_mac_string(c, pb, str_size, pstr, str_size);
 } else {
-int ret = avio_read(pb, str, str_size);
+int ret = avio_read(pb, pstr, str_size);
 if (ret != str_size)
 return ret  0 ? ret : AVERROR_INVALIDDATA;
-str[str_size] = 0;
+pstr[str_size] = 0;
 }
 c-fc-event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
-av_dict_set(c-fc-metadata, key, str, 0);
+av_dict_set(c-fc-metadata, key, pstr, 0);
 if (*language  strcmp(language, und)) {
 snprintf(key2, sizeof(key2), %s-%s, key, language);
-av_dict_set(c-fc-metadata, key2, str, 0);
+av_dict_set(c-fc-metadata, key2, pstr, 0);
+}
+
+if (str_size  sizeof(str)-1) { // free buffer for long data field
+av_freep(pstr);
 }
 }
 av_dlog(c-fc, lang \%3s\ , language);
-- 
1.9.3 (Apple Git-50)

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

2014-10-11 Thread Nicolas George

Le decadi 20 vendémiaire, an CCXXIII, Thilo Borgmann a écrit :
 Hi,
 
 trying to fix ticket #4018.
 
 Metadata in mov is silently truncated to 1023 bytes.
 This patch allocated a buffer in case of entries found that exceed 1023 bytes.
 Fixes ticket #4018 for me.
 
 Maybe check str_size against an upper limit?
 
 -Thilo

 From 365bec36b3b7f1925cfa2310d979a63ef8e3a7e8 Mon Sep 17 00:00:00 2001
 From: Thilo Borgmann thilo.borgm...@mail.de
 Date: Sat, 11 Oct 2014 16:09:07 +0200
 Subject: [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.
 
 ---
  libavformat/mov.c | 23 ---
  1 file changed, 16 insertions(+), 7 deletions(-)
 
 diff --git a/libavformat/mov.c b/libavformat/mov.c
 index 4ff46dd..136b1d5 100644
 --- a/libavformat/mov.c
 +++ b/libavformat/mov.c
 @@ -358,24 +358,33 @@ static int mov_read_udta_string(MOVContext *c, 
 AVIOContext *pb, MOVAtom atom)
  if (atom.size  0)
  return AVERROR_INVALIDDATA;
  
 -str_size = FFMIN3(sizeof(str)-1, str_size, atom.size);
 -
  if (parse)
  parse(c, pb, str_size, key);
  else {

 +char *pstr = str;

If you rename str (maybe str_small) and call pstr str instead, I believe
that makes the patch simpler.

 +if (str_size  sizeof(str)-1) { // allocate buffer for long data 
 field
 +pstr = av_malloc(str_size);
 +if (!pstr)
 +return AVERROR(ENOMEM);
 +}
 +
  if (data_type == 3 || (data_type == 0  (langcode  0x400 || 
 langcode == 0x7fff))) { // MAC Encoded
 -mov_read_mac_string(c, pb, str_size, str, sizeof(str));
 +mov_read_mac_string(c, pb, str_size, pstr, str_size);
  } else {
 -int ret = avio_read(pb, str, str_size);
 +int ret = avio_read(pb, pstr, str_size);
  if (ret != str_size)
  return ret  0 ? ret : AVERROR_INVALIDDATA;
 -str[str_size] = 0;
 +pstr[str_size] = 0;
  }
  c-fc-event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
 -av_dict_set(c-fc-metadata, key, str, 0);
 +av_dict_set(c-fc-metadata, key, pstr, 0);
  if (*language  strcmp(language, und)) {
  snprintf(key2, sizeof(key2), %s-%s, key, language);
 -av_dict_set(c-fc-metadata, key2, str, 0);
 +av_dict_set(c-fc-metadata, key2, pstr, 0);
 +}
 +

 +if (str_size  sizeof(str)-1) { // free buffer for long data field
 +av_freep(pstr);

I think if (pstr != str) would be more robust.

Even more robust, if a bit more verbose:

char *pstr = str, *alloc_str = NULL;
if (...) {
pstr = alloc_str = malloc(...);
}
...
av_freep(alloc_str); // unconditionnal

  }
  }
  av_dlog(c-fc, lang \%3s\ , language);

Regards,

-- 
  Nicolas George


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

[FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

Re: [FFmpeg-devel] [PATCH] lavf/mov.c: Allocate buffer in case of long metadata entries.

11 matches

Site Navigation

Mail list logo

Footer information