On Tue, Aug 03, 2021 at 10:07:34AM -0400, Sergio M. Ammirata, Ph.D. wrote: > PES packet with too much padding trigger unlimited error > messages "PES packet size mismatch" because the code that > corrects the length is wrong. > Here is a sample file: http://99.93.62.129/smpte2038.ts > PID 300 is the one triggering the errors. > I am attaching a patch that fixes the problem. >
> mpegts.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> 8f8c73a5e78d7c740958054764defa3571979fc4
> 0001-Fix-setting-the-correct-size-for-PES-packets-with-to.patch
> From 3a2760d42b38023c73f9a3ab18de01a44526dbc9 Mon Sep 17 00:00:00 2001
> From: Sergio Ammirata <ser...@ammirata.net>
> Date: Tue, 3 Aug 2021 13:43:44 +0000
> Subject: [PATCH] Fix setting the correct size for PES packets with too much
> padding
>
> ---
> libavformat/mpegts.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavformat/mpegts.c b/libavformat/mpegts.c
> index 640c9afa5d..40439c26c0 100644
> --- a/libavformat/mpegts.c
> +++ b/libavformat/mpegts.c
> @@ -1355,7 +1355,7 @@ skip:
> buf_size > pes->total_size) {
> // pes packet size is < ts size packet and pes data is
> padded with 0xff
> // not sure if this is legal in ts but see issue #2392
> - buf_size = pes->total_size;
> + buf_size = PES_START_SIZE + pes->total_size -
> pes->pes_header_size;
> }
> memcpy(pes->buffer->data + pes->data_index, p, buf_size);
> pes->data_index += buf_size;
This causes segfaults
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I have often repented speaking, but never of holding my tongue.
-- Xenocrates
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
