Mercurial > libavcodec.hg

annotate xiph.c @ 6656:b1049dd41dd4 libavcodec

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add checks to ff_split_xiph_headers to ensure that returned header_len and header_start values are always valid. Fixes a crash with http://samples.mplayerhq.hu/ogg/mmw-deadzy.ogg (still does not play though).
author reimar
date Sun, 20 Apr 2008 23:33:49 +0000
parents 7595ead28402
children 2574def95b50
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
1 /*
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
2 * Copyright (C) 2007 FFmpeg Project
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
3 *
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
4 * This file is part of FFmpeg.
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
5 *
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
6 * FFmpeg is free software; you can redistribute it and/or
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
7 * modify it under the terms of the GNU Lesser General Public
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
8 * License as published by the Free Software Foundation; either
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
9 * version 2.1 of the License, or (at your option) any later version.
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
10 *
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
11 * FFmpeg is distributed in the hope that it will be useful,
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
14 * Lesser General Public License for more details.
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
15 *
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
16 * You should have received a copy of the GNU Lesser General Public
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
17 * License along with FFmpeg; if not, write to the Free Software
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
19 */
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
20
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
21 #include "xiph.h"
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
22
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
23 int ff_split_xiph_headers(uint8_t *extradata, int extradata_size,
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
24 int first_header_size, uint8_t *header_start[3],
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
25 int header_len[3])
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
26 {
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
27 int i, j;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
28
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
29 if (extradata_size >= 6 && AV_RB16(extradata) == first_header_size) {
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
30 int overall_len = 6;
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
31 for (i=0; i<3; i++) {
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
32 header_len[i] = AV_RB16(extradata);
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
33 extradata += 2;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
34 header_start[i] = extradata;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
35 extradata += header_len[i];
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
36 if (overall_len > extradata_size - header_len[i])
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
37 return -1;
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
38 overall_len += header_len[i];
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
39 }
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
40 } else if (extradata_size >= 3 && extradata_size < INT_MAX - 0x1ff && extradata[0] == 2) {
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
41 int overall_len = 3;
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
42 for (i=0,j=1; i<2; i++,j++) {
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
43 header_len[i] = 0;
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
44 for (; overall_len < extradata_size && extradata[j]==0xff; j++) {
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
45 header_len[i] += 0xff;
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
46 overall_len += 0xff + 1;
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
47 }
6656
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
48 overall_len += extradata[j];
b1049dd41dd4 Add checks to ff_split_xiph_headers to ensure that returned header_len and
reimar
parents: 4722
diff changeset
49 if (overall_len > extradata_size)
4722
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
50 return -1;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
51
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
52 header_len[i] += extradata[j];
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
53 }
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
54 header_len[2] = extradata_size - header_len[0] - header_len[1] - j;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
55 extradata += j;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
56 header_start[0] = extradata;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
57 header_start[1] = header_start[0] + header_len[0];
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
58 header_start[2] = header_start[1] + header_len[1];
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
59 } else {
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
60 return -1;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
61 }
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
62 return 0;
7595ead28402 extract vorbis header spliting code into a reusable function
aurel
parents:
diff changeset
63 }