Mercurial > libavformat.hg
changeset 1206:e60bf67d9bf8 libavformat
The reader ignores the size of the ASF data object and keeps on
reading even beyond it.
Therefore if the ASF file includes an index object at its end, the
reader will treat the index like data, but of course will fail since
it thinks that the data is corrupted.
When reading an asf file with an index object, ffmpeg will
complain at the end of the file that it read an invalid header.
Patch by Kohn Emil Dan, < emild A cs P technion P ac P il >
Original thead:
Date: Apr 18, 2006 4:11 PM
Subject: [Ffmpeg-devel] Two ASF related bugs and fixes
| author | gpoirier |
|---|---|
| date | Sat, 29 Jul 2006 16:07:19 +0000 |
| parents | eded59682d47 |
| children | 633aaf52d0c2 |
| files | asf.c asf.h |
| diffstat | 2 files changed, 13 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/asf.c Sat Jul 29 15:36:13 2006 +0000 +++ b/asf.c Sat Jul 29 16:07:19 2006 +0000 @@ -327,6 +327,12 @@ pos2 = url_ftell(pb); url_fskip(pb, gsize - (pos2 - pos1 + 24)); } else if (!memcmp(&g, &data_header, sizeof(GUID))) { + asf->data_object_offset = url_ftell(pb); + if (gsize != (uint64_t)-1 && gsize >= 24) { + asf->data_object_size = gsize - 24; + } else { + asf->data_object_size = (uint64_t)-1; + } break; } else if (!memcmp(&g, &comment_header, sizeof(GUID))) { int len1, len2, len3, len4, len5; @@ -552,6 +558,9 @@ /* fail safe */ url_fskip(pb, ret); asf->packet_pos= url_ftell(&s->pb); + if (asf->data_object_size != (uint64_t)-1 && + (asf->packet_pos - asf->data_object_offset >= asf->data_object_size)) + return AVERROR_IO; /* Do not exceed the size of the data object */ ret = asf_get_packet(s); //printf("READ ASF PACKET %d r:%d c:%d\n", ret, asf->packet_size_left, pc++); if (ret < 0 || url_feof(pb))
--- a/asf.h Sat Jul 29 15:36:13 2006 +0000 +++ b/asf.h Sat Jul 29 16:07:19 2006 +0000 @@ -32,7 +32,7 @@ int ds_data_size; int ds_silence_data; - int packet_pos; + int64_t packet_pos; } ASFStream; @@ -98,6 +98,8 @@ ByteIOContext pb; /* only for reading */ uint64_t data_offset; /* begining of the first data packet */ + uint64_t data_object_offset; /* data object offset (excl. GUID & size)*/ + uint64_t data_object_size; /* size of the data object */ ASFMainHeader hdr; @@ -117,7 +119,7 @@ int packet_obj_size; int packet_time_delta; int packet_time_start; - int packet_pos; + int64_t packet_pos; int stream_index;