Andreas Rheinhardt (12020-09-20): > The tedcaptions demuxer uses an AVBPrint whose string is not restricted > to its internal buffer; it therefore needs to be cleaned up, yet this is > not done on error, as parse_file() returned simply returned directly. > This is fixed by going to fail first in such cases. > Furthermore, there is also a second way how this string can leak: By > having more than one subtitle per subtitle block, as the new one simply > overwrites the old one in this case as the AVBPrint is initialized each > time upon encountering a subtitle line. The code has been modified to > simply append the new subtitle to the old one, so that the old one can't > leak any more. > > Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com> > --- > libavformat/tedcaptionsdec.c | 73 ++++++++++++++++++------------------ > 1 file changed, 36 insertions(+), 37 deletions(-)
Should be ok. I notice that the code calls ff_subtitles_queue_insert() without checking if the buffer is truncated. It should be fixed too, but that is separate from this patch. Regards, -- Nicolas George
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
