Bug 1180101 - Skip four bytes when we hit a zero length box; r=jya
authorAnthony Jones <ajones@mozilla.com>
Wed, 26 Aug 2015 18:12:59 +1200
changeset 259367 27c19242c9605ca6c14d225100dd6dfe894a1321
parent 259366 2b1e524fee81f41ca11fafe1d18f4be1bcea4a54
child 259368 3db89a9ca18a469aed47abdce6df62a0615eb898
push id29277
push userryanvm@gmail.com
push dateWed, 26 Aug 2015 18:32:23 +0000
treeherdermozilla-central@fea87cbeaa6b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjya
bugs1180101
milestone43.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1180101 - Skip four bytes when we hit a zero length box; r=jya
media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp
--- a/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp
+++ b/media/libstagefright/frameworks/av/media/libstagefright/MPEG4Extractor.cpp
@@ -739,17 +739,24 @@ static bool ValidInputSize(int32_t size)
   // frame. This is a reasonable cut-off for a lossy codec,
   // combined with the current Firefox limit to 5k video.
   return (size > 0 && size <= 4 * (1920 * 1080) * 3 / 2);
 }
 
 status_t MPEG4Extractor::parseChunk(off64_t *offset, int depth) {
     ALOGV("entering parseChunk %lld/%d", *offset, depth);
     uint32_t hdr[2];
-    if (mDataSource->readAt(*offset, hdr, 8) < 8) {
+    ssize_t nbytes;
+    if ((nbytes = mDataSource->readAt(*offset, hdr, 8)) < 8) {
+        if (nbytes == 4) {
+          if (!hdr[0]) {
+            *offset += 4;
+            return OK;
+          }
+        }
         return ERROR_IO;
     }
     uint64_t chunk_size = ntohl(hdr[0]);
     uint32_t chunk_type = ntohl(hdr[1]);
     off64_t data_offset = *offset + 8;
 
     if (chunk_size == 1) {
         if (mDataSource->readAt(*offset + 8, &chunk_size, 8) < 8) {