ffmpeg | branch: master | Clément Bœsch <cboe...@gopro.com> | Tue Jan 31 17:17:21 2017 +0100| [4039076dc39a530f29969b6f42083a03215c6aa5] | committer: Clément Bœsch
Merge commit '76f7e70aa04fc5dbef5242b11cbf8fe4499f61d4' * commit '76f7e70aa04fc5dbef5242b11cbf8fe4499f61d4': h264dec: handle zero-sized NAL units in get_last_needed_nal() See 641dccc2aa5e0bf6b3c06998f9a7f24a5cf725e7 Merged-by: Clément Bœsch <cboe...@gopro.com> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4039076dc39a530f29969b6f42083a03215c6aa5 --- libavcodec/h264dec.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/libavcodec/h264dec.c b/libavcodec/h264dec.c index 0994b83..41c0964 100644 --- a/libavcodec/h264dec.c +++ b/libavcodec/h264dec.c @@ -537,8 +537,7 @@ static int get_last_needed_nal(H264Context *h) { int nals_needed = 0; int first_slice = 0; - int i; - int ret; + int i, ret; for (i = 0; i < h->pkt.nb_nals; i++) { H2645NAL *nal = &h->pkt.nals[i]; @@ -556,9 +555,14 @@ static int get_last_needed_nal(H264Context *h) case H264_NAL_DPA: case H264_NAL_IDR_SLICE: case H264_NAL_SLICE: - ret = init_get_bits8(&gb, nal->data + 1, (nal->size - 1)); - if (ret < 0) - return ret; + ret = init_get_bits8(&gb, nal->data + 1, nal->size - 1); + if (ret < 0) { + av_log(h->avctx, AV_LOG_ERROR, "Invalid zero-sized VCL NAL unit\n"); + if (h->avctx->err_recognition & AV_EF_EXPLODE) + return ret; + + break; + } if (!get_ue_golomb_long(&gb) || // first_mb_in_slice !first_slice || first_slice != nal->type) ====================================================================== diff --cc libavcodec/h264dec.c index 0994b83,4d1702e..41c0964 --- a/libavcodec/h264dec.c +++ b/libavcodec/h264dec.c @@@ -536,9 -478,7 +536,8 @@@ static const uint8_t start_code[] = { 0 static int get_last_needed_nal(H264Context *h) { int nals_needed = 0; + int first_slice = 0; - int i; - int ret; + int i, ret; for (i = 0; i < h->pkt.nb_nals; i++) { H2645NAL *nal = &h->pkt.nals[i]; @@@ -556,15 -496,16 +555,20 @@@ case H264_NAL_DPA: case H264_NAL_IDR_SLICE: case H264_NAL_SLICE: - ret = init_get_bits8(&gb, nal->data + 1, (nal->size - 1)); - if (ret < 0) - return ret; + ret = init_get_bits8(&gb, nal->data + 1, nal->size - 1); + if (ret < 0) { + av_log(h->avctx, AV_LOG_ERROR, "Invalid zero-sized VCL NAL unit\n"); + if (h->avctx->err_recognition & AV_EF_EXPLODE) + return ret; + + break; + } - if (!get_ue_golomb(&gb)) + if (!get_ue_golomb_long(&gb) || // first_mb_in_slice + !first_slice || + first_slice != nal->type) nals_needed = i; + if (!first_slice) + first_slice = nal->type; } } _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
