Mercurial > libavcodec.hg
comparison mpegvideo.c @ 5836:0859108b4ae3 libavcodec
replace (disabled by default) assert(0) by abort() if the picture buffer
overflows due to a buggy codec
note, ive not checked if such overflows could have been exploitable before this
commit
| author | michael |
|---|---|
| date | Thu, 18 Oct 2007 11:11:33 +0000 |
| parents | 7b058e5183ab |
| children | da358b2602ce |
comparison
equal
deleted
inserted
replaced
| 5835:74db54e5f428 | 5836:0859108b4ae3 |
|---|---|
| 840 for(i=0; i<MAX_PICTURE_COUNT; i++){ | 840 for(i=0; i<MAX_PICTURE_COUNT; i++){ |
| 841 if(s->picture[i].data[0]==NULL) return i; | 841 if(s->picture[i].data[0]==NULL) return i; |
| 842 } | 842 } |
| 843 } | 843 } |
| 844 | 844 |
| 845 assert(0); | 845 av_log(s->avctx, AV_LOG_FATAL, "Internal error, picture buffer overflow\n"); |
| 846 /*we could return -1 but the codec would crash anyway, trying to draw | |
| 847 into, a non existing frame, this is safer than waiting for a random crash | |
| 848 also the return of this is never usefull, a encoder must only allocate | |
| 849 as many as allowed in the spec which has no relation to how many lavc | |
| 850 could allocate (and MAX_PICTURE_COUNT is always large enough for such | |
| 851 valid streams) | |
| 852 and a decoder has to check stream validity and remove frames if too many | |
| 853 reference frames are around. waiting for "OOM" is not correct at all, it | |
| 854 similarely has to replace missing reference frames by (interpolated/MC) | |
| 855 frames anything else is a bug in the codec ... | |
| 856 */ | |
| 857 abort(); | |
| 846 return -1; | 858 return -1; |
| 847 } | 859 } |
| 848 | 860 |
| 849 static void update_noise_reduction(MpegEncContext *s){ | 861 static void update_noise_reduction(MpegEncContext *s){ |
| 850 int intra, i; | 862 int intra, i; |