ffmpeg | branch: master | James Zern <jz...@google.com> | Fri Oct 16 15:28:55 2015 -0700| [7b4367d93ea2a34baeab2c734630df5e0f11d4c1] | committer: James Zern
vp9_parser: fix endless loop w/0-sized frame treat this the same as an over-sized superframe packet to break out of the parser loop and allow the decoder to fail. Reviewed-by: Ronald S. Bultje <rsbul...@gmail.com> Signed-off-by: James Zern <jz...@google.com> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7b4367d93ea2a34baeab2c734630df5e0f11d4c1 --- libavcodec/vp9_parser.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/vp9_parser.c b/libavcodec/vp9_parser.c index f1f7e35..0437097 100644 --- a/libavcodec/vp9_parser.c +++ b/libavcodec/vp9_parser.c @@ -111,12 +111,12 @@ static int parse(AVCodecParserContext *ctx, while (n_frames--) { \ unsigned sz = rd; \ idx += a; \ - if (sz > size) { \ + if (sz == 0 || sz > size) { \ s->n_frames = 0; \ *out_size = size; \ *out_data = data; \ av_log(avctx, AV_LOG_ERROR, \ - "Superframe packet size too big: %u > %d\n", \ + "Invalid superframe packet size: %u frame size: %d\n", \ sz, size); \ return full_size; \ } \ _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
