Re: [FFmpeg-devel] [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

2016-09-09 Thread Matthieu Bouron 
On Fri, Sep 09, 2016 at 02:36:20AM +0200, Michael Niedermayer wrote:
> On Thu, Sep 08, 2016 at 04:18:26PM +0200, Matthieu Bouron wrote:
> > On Thu, Sep 8, 2016 at 2:28 PM, Michael Niedermayer 
> > wrote:
> > 
> > > On Wed, Sep 07, 2016 at 04:53:53PM +0200, Matthieu Bouron wrote:
> > > > From: Matthieu Bouron 
> > > >
> > > > ---
> > > >  libavcodec/hevc.h|  9 +
> > > >  libavcodec/hevc_ps.c | 27 +++
> > > >  2 files changed, 36 insertions(+)
> > > >
> > > > diff --git a/libavcodec/hevc.h b/libavcodec/hevc.h
> > > > index be91010..6a3c750 100644
> > > > --- a/libavcodec/hevc.h
> > > > +++ b/libavcodec/hevc.h
> > > > @@ -387,6 +387,9 @@ typedef struct HEVCVPS {
> > > >  uint8_t vps_poc_proportional_to_timing_flag;
> > > >  int vps_num_ticks_poc_diff_one; ///< 
> > > > vps_num_ticks_poc_diff_one_minus1
> > > + 1
> > > >  int vps_num_hrd_parameters;
> > > > +
> > > > +uint8_t data[4096];
> > > > +int data_size;
> > > >  } HEVCVPS;
> > > >
> > > >  typedef struct ScalingList {
> > > > @@ -483,6 +486,9 @@ typedef struct HEVCSPS {
> > > >  int vshift[3];
> > > >
> > > >  int qp_bd_offset;
> > > > +
> > > > +uint8_t data[4096];
> > > > +int data_size;
> > > >  } HEVCSPS;
> > > >
> > > >  typedef struct HEVCPPS {
> > > > @@ -557,6 +563,9 @@ typedef struct HEVCPPS {
> > > >  int *tile_pos_rs;   ///< TilePosRS
> > > >  int *min_tb_addr_zs;///< MinTbAddrZS
> > > >  int *min_tb_addr_zs_tab;///< MinTbAddrZS
> > > > +
> > > > +uint8_t data[4096];
> > > > +int data_size;
> > > >  } HEVCPPS;
> > > >
> > > >  typedef struct HEVCParamSets {
> > > > diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
> > > > index 83f2ec2..629e454 100644
> > > > --- a/libavcodec/hevc_ps.c
> > > > +++ b/libavcodec/hevc_ps.c
> > > > @@ -408,6 +408,15 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb,
> > > AVCodecContext *avctx,
> > > >
> > > >  av_log(avctx, AV_LOG_DEBUG, "Decoding VPS\n");
> > > >
> > > > +vps->data_size = gb->buffer_end - gb->buffer;
> > >
> > > This theoretically could overflow, data_size is only an int the pointer
> > > difference might be larger
> > >
> > 
> > Updated patch attached.
> > 
> > [...]
> 
> >  hevc.h|9 +
> >  hevc_ps.c |   36 
> >  2 files changed, 45 insertions(+)
> > 74a311a04fc12daab6f9dc4dc228d3e2d574b12f  
> > 0001-lavc-hevc-store-VPS-SPS-PPS-data.patch
> > From e25cc9920accb43dd4af152358b78160e85d64a2 Mon Sep 17 00:00:00 2001
> > From: Matthieu Bouron 
> > Date: Wed, 7 Sep 2016 11:36:10 +0200
> > Subject: [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data
> 
> LGTM
> 
> thx

Pushed. Thanks.

[...]
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

2016-09-08 Thread Michael Niedermayer 
On Thu, Sep 08, 2016 at 04:18:26PM +0200, Matthieu Bouron wrote:
> On Thu, Sep 8, 2016 at 2:28 PM, Michael Niedermayer 
> wrote:
> 
> > On Wed, Sep 07, 2016 at 04:53:53PM +0200, Matthieu Bouron wrote:
> > > From: Matthieu Bouron 
> > >
> > > ---
> > >  libavcodec/hevc.h|  9 +
> > >  libavcodec/hevc_ps.c | 27 +++
> > >  2 files changed, 36 insertions(+)
> > >
> > > diff --git a/libavcodec/hevc.h b/libavcodec/hevc.h
> > > index be91010..6a3c750 100644
> > > --- a/libavcodec/hevc.h
> > > +++ b/libavcodec/hevc.h
> > > @@ -387,6 +387,9 @@ typedef struct HEVCVPS {
> > >  uint8_t vps_poc_proportional_to_timing_flag;
> > >  int vps_num_ticks_poc_diff_one; ///< 
> > > vps_num_ticks_poc_diff_one_minus1
> > + 1
> > >  int vps_num_hrd_parameters;
> > > +
> > > +uint8_t data[4096];
> > > +int data_size;
> > >  } HEVCVPS;
> > >
> > >  typedef struct ScalingList {
> > > @@ -483,6 +486,9 @@ typedef struct HEVCSPS {
> > >  int vshift[3];
> > >
> > >  int qp_bd_offset;
> > > +
> > > +uint8_t data[4096];
> > > +int data_size;
> > >  } HEVCSPS;
> > >
> > >  typedef struct HEVCPPS {
> > > @@ -557,6 +563,9 @@ typedef struct HEVCPPS {
> > >  int *tile_pos_rs;   ///< TilePosRS
> > >  int *min_tb_addr_zs;///< MinTbAddrZS
> > >  int *min_tb_addr_zs_tab;///< MinTbAddrZS
> > > +
> > > +uint8_t data[4096];
> > > +int data_size;
> > >  } HEVCPPS;
> > >
> > >  typedef struct HEVCParamSets {
> > > diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
> > > index 83f2ec2..629e454 100644
> > > --- a/libavcodec/hevc_ps.c
> > > +++ b/libavcodec/hevc_ps.c
> > > @@ -408,6 +408,15 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb,
> > AVCodecContext *avctx,
> > >
> > >  av_log(avctx, AV_LOG_DEBUG, "Decoding VPS\n");
> > >
> > > +vps->data_size = gb->buffer_end - gb->buffer;
> >
> > This theoretically could overflow, data_size is only an int the pointer
> > difference might be larger
> >
> 
> Updated patch attached.
> 
> [...]

>  hevc.h|9 +
>  hevc_ps.c |   36 
>  2 files changed, 45 insertions(+)
> 74a311a04fc12daab6f9dc4dc228d3e2d574b12f  
> 0001-lavc-hevc-store-VPS-SPS-PPS-data.patch
> From e25cc9920accb43dd4af152358b78160e85d64a2 Mon Sep 17 00:00:00 2001
> From: Matthieu Bouron 
> Date: Wed, 7 Sep 2016 11:36:10 +0200
> Subject: [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

LGTM

thx

[...]

-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

It is what and why we do it that matters, not just one of them.


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

2016-09-08 Thread Matthieu Bouron 
On Thu, Sep 8, 2016 at 2:28 PM, Michael Niedermayer 
wrote:

> On Wed, Sep 07, 2016 at 04:53:53PM +0200, Matthieu Bouron wrote:
> > From: Matthieu Bouron 
> >
> > ---
> >  libavcodec/hevc.h|  9 +
> >  libavcodec/hevc_ps.c | 27 +++
> >  2 files changed, 36 insertions(+)
> >
> > diff --git a/libavcodec/hevc.h b/libavcodec/hevc.h
> > index be91010..6a3c750 100644
> > --- a/libavcodec/hevc.h
> > +++ b/libavcodec/hevc.h
> > @@ -387,6 +387,9 @@ typedef struct HEVCVPS {
> >  uint8_t vps_poc_proportional_to_timing_flag;
> >  int vps_num_ticks_poc_diff_one; ///< vps_num_ticks_poc_diff_one_minus1
> + 1
> >  int vps_num_hrd_parameters;
> > +
> > +uint8_t data[4096];
> > +int data_size;
> >  } HEVCVPS;
> >
> >  typedef struct ScalingList {
> > @@ -483,6 +486,9 @@ typedef struct HEVCSPS {
> >  int vshift[3];
> >
> >  int qp_bd_offset;
> > +
> > +uint8_t data[4096];
> > +int data_size;
> >  } HEVCSPS;
> >
> >  typedef struct HEVCPPS {
> > @@ -557,6 +563,9 @@ typedef struct HEVCPPS {
> >  int *tile_pos_rs;   ///< TilePosRS
> >  int *min_tb_addr_zs;///< MinTbAddrZS
> >  int *min_tb_addr_zs_tab;///< MinTbAddrZS
> > +
> > +uint8_t data[4096];
> > +int data_size;
> >  } HEVCPPS;
> >
> >  typedef struct HEVCParamSets {
> > diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
> > index 83f2ec2..629e454 100644
> > --- a/libavcodec/hevc_ps.c
> > +++ b/libavcodec/hevc_ps.c
> > @@ -408,6 +408,15 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb,
> AVCodecContext *avctx,
> >
> >  av_log(avctx, AV_LOG_DEBUG, "Decoding VPS\n");
> >
> > +vps->data_size = gb->buffer_end - gb->buffer;
>
> This theoretically could overflow, data_size is only an int the pointer
> difference might be larger
>

Updated patch attached.

[...]
From e25cc9920accb43dd4af152358b78160e85d64a2 Mon Sep 17 00:00:00 2001
From: Matthieu Bouron 
Date: Wed, 7 Sep 2016 11:36:10 +0200
Subject: [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

---
 libavcodec/hevc.h|  9 +
 libavcodec/hevc_ps.c | 36 
 2 files changed, 45 insertions(+)

diff --git a/libavcodec/hevc.h b/libavcodec/hevc.h
index be91010..6a3c750 100644
--- a/libavcodec/hevc.h
+++ b/libavcodec/hevc.h
@@ -387,6 +387,9 @@ typedef struct HEVCVPS {
 uint8_t vps_poc_proportional_to_timing_flag;
 int vps_num_ticks_poc_diff_one; ///< vps_num_ticks_poc_diff_one_minus1 + 1
 int vps_num_hrd_parameters;
+
+uint8_t data[4096];
+int data_size;
 } HEVCVPS;
 
 typedef struct ScalingList {
@@ -483,6 +486,9 @@ typedef struct HEVCSPS {
 int vshift[3];
 
 int qp_bd_offset;
+
+uint8_t data[4096];
+int data_size;
 } HEVCSPS;
 
 typedef struct HEVCPPS {
@@ -557,6 +563,9 @@ typedef struct HEVCPPS {
 int *tile_pos_rs;   ///< TilePosRS
 int *min_tb_addr_zs;///< MinTbAddrZS
 int *min_tb_addr_zs_tab;///< MinTbAddrZS
+
+uint8_t data[4096];
+int data_size;
 } HEVCPPS;
 
 typedef struct HEVCParamSets {
diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
index 83f2ec2..d08ba34 100644
--- a/libavcodec/hevc_ps.c
+++ b/libavcodec/hevc_ps.c
@@ -399,6 +399,7 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb, AVCodecContext *avctx,
 {
 int i,j;
 int vps_id = 0;
+ptrdiff_t nal_size;
 HEVCVPS *vps;
 AVBufferRef *vps_buf = av_buffer_allocz(sizeof(*vps));
 
@@ -408,6 +409,17 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb, AVCodecContext *avctx,
 
 av_log(avctx, AV_LOG_DEBUG, "Decoding VPS\n");
 
+nal_size = gb->buffer_end - gb->buffer;
+if (nal_size > sizeof(vps->data)) {
+av_log(avctx, AV_LOG_WARNING, "Truncating likely oversized VPS "
+   "(%"PTRDIFF_SPECIFIER" > %"SIZE_SPECIFIER")\n",
+   nal_size, sizeof(vps->data));
+vps->data_size = sizeof(vps->data);
+} else {
+vps->data_size = nal_size;
+}
+memcpy(vps->data, gb->buffer, vps->data_size);
+
 vps_id = get_bits(gb, 4);
 if (vps_id >= MAX_VPS_COUNT) {
 av_log(avctx, AV_LOG_ERROR, "VPS id out of range: %d\n", vps_id);
@@ -1177,6 +1189,7 @@ int ff_hevc_decode_nal_sps(GetBitContext *gb, AVCodecContext *avctx,
 AVBufferRef *sps_buf = av_buffer_allocz(sizeof(*sps));
 unsigned int sps_id;
 int ret;
+ptrdiff_t nal_size;
 
 if (!sps_buf)
 return AVERROR(ENOMEM);
@@ -1184,6 +1197,17 @@ int ff_hevc_decode_nal_sps(GetBitContext *gb, AVCodecContext *avctx,
 
 av_log(avctx, AV_LOG_DEBUG, "Decoding SPS\n");
 
+nal_size = gb->buffer_end - gb->buffer;
+if (nal_size > sizeof(sps->data)) {
+av_log(avctx, AV_LOG_WARNING, "Truncating likely oversized SPS "
+   "(%"PTRDIFF_SPECIFIER" > %"SIZE_SPECIFIER")\n",
+   nal_size, sizeof(sps->data));
+sps->data_size = sizeof(sps->data);
+} else {
+sps->data_size = nal_size;
+

Re: [FFmpeg-devel] [PATCH 1/2] lavc/hevc: store VPS/SPS/PPS data

2016-09-08 Thread Michael Niedermayer 
On Wed, Sep 07, 2016 at 04:53:53PM +0200, Matthieu Bouron wrote:
> From: Matthieu Bouron 
> 
> ---
>  libavcodec/hevc.h|  9 +
>  libavcodec/hevc_ps.c | 27 +++
>  2 files changed, 36 insertions(+)
> 
> diff --git a/libavcodec/hevc.h b/libavcodec/hevc.h
> index be91010..6a3c750 100644
> --- a/libavcodec/hevc.h
> +++ b/libavcodec/hevc.h
> @@ -387,6 +387,9 @@ typedef struct HEVCVPS {
>  uint8_t vps_poc_proportional_to_timing_flag;
>  int vps_num_ticks_poc_diff_one; ///< vps_num_ticks_poc_diff_one_minus1 + 
> 1
>  int vps_num_hrd_parameters;
> +
> +uint8_t data[4096];
> +int data_size;
>  } HEVCVPS;
>  
>  typedef struct ScalingList {
> @@ -483,6 +486,9 @@ typedef struct HEVCSPS {
>  int vshift[3];
>  
>  int qp_bd_offset;
> +
> +uint8_t data[4096];
> +int data_size;
>  } HEVCSPS;
>  
>  typedef struct HEVCPPS {
> @@ -557,6 +563,9 @@ typedef struct HEVCPPS {
>  int *tile_pos_rs;   ///< TilePosRS
>  int *min_tb_addr_zs;///< MinTbAddrZS
>  int *min_tb_addr_zs_tab;///< MinTbAddrZS
> +
> +uint8_t data[4096];
> +int data_size;
>  } HEVCPPS;
>  
>  typedef struct HEVCParamSets {
> diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
> index 83f2ec2..629e454 100644
> --- a/libavcodec/hevc_ps.c
> +++ b/libavcodec/hevc_ps.c
> @@ -408,6 +408,15 @@ int ff_hevc_decode_nal_vps(GetBitContext *gb, 
> AVCodecContext *avctx,
>  
>  av_log(avctx, AV_LOG_DEBUG, "Decoding VPS\n");
>  
> +vps->data_size = gb->buffer_end - gb->buffer;

This theoretically could overflow, data_size is only an int the pointer
difference might be larger

[...]
-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Avoid a single point of failure, be that a person or equipment.


signature.asc
Description: Digital signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel