On 21.02.2015 22:35, Gilles Chanteperdrix wrote:
On Sat, Feb 21, 2015 at 04:54:12PM +0100, Thomas Volkert wrote:
+ if (len < data->au_headers[0].size) {
+ av_log(ctx, AV_LOG_ERROR, "First AU larger than packet size\n");
Can this really happen?
In the lines above you already check for the case that data is missing while
you have already received the last packet of the frame.
The first test tests for
data->nb_au_headers == 1 && len < data->au_headers[0].size
We could still have:
data->nb_au_headers >= 2 && len < data->au_headers[0].size
Which is illegal per the RFC (a packet contains either a piece of a
fragmented frame, or one or several entire frames, but never both),
but some malformed packets could happen.
I was misled by the formatting of the patch and saw left parenthesis
where there was none (was from the old code).
Your patch is okay for me - thanks.
Best regards,
Thomas.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
