Bug 1289280 - Check the input frame sizes for being consistent. r=jya, a=abillings
authorMichael Niedermayer <michael@niedermayer.cc>
Mon, 01 Aug 2016 13:50:21 +0200
changeset 342380 144875f1f75ba3384346a24915114d2da6269d26
parent 342379 11354102d2d26ead3459bade1f6e01393fd8448c
child 342381 82fb58bffbe5aad535db6117d54f2058ac789349
push id1183
push userraliiev@mozilla.com
push dateMon, 05 Sep 2016 20:01:49 +0000
treeherdermozilla-release@3148731bed45 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjya, abillings
bugs1289280
milestone49.0
Bug 1289280 - Check the input frame sizes for being consistent. r=jya, a=abillings Imported from: https://github.com/FFmpeg/FFmpeg/commit/77b0f3f26d33d4f46f274896e0583ad1f5936b7c Suggested-by: BBB Fixed-by: BBB Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> MozReview-Commit-ID: DmBS93ydeuT
media/ffvpx/libavcodec/vp9_parser.c
--- a/media/ffvpx/libavcodec/vp9_parser.c
+++ b/media/ffvpx/libavcodec/vp9_parser.c
@@ -23,16 +23,17 @@
 
 #include "libavutil/intreadwrite.h"
 #include "libavcodec/get_bits.h"
 #include "parser.h"
 
 typedef struct VP9ParseContext {
     int n_frames; // 1-8
     int size[8];
+    int marker_size;
     int64_t pts;
 } VP9ParseContext;
 
 static int parse_frame(AVCodecParserContext *ctx, const uint8_t *buf, int size)
 {
     VP9ParseContext *s = ctx->priv_data;
     GetBitContext gb;
     int res, profile, keyframe, invisible;
@@ -84,16 +85,31 @@ static int parse(AVCodecParserContext *c
     if (size <= 0) {
         *out_size = 0;
         *out_data = data;
 
         return 0;
     }
 
     if (s->n_frames > 0) {
+        int i;
+        int size_sum = 0;
+
+        for (i = 0; i < s->n_frames ;i++)
+            size_sum += s->size[i];
+        size_sum += s->marker_size;
+
+        if (size_sum != size) {
+            av_log(avctx, AV_LOG_ERROR, "Inconsistent input frame sizes %d %d\n",
+                   size_sum, size);
+            s->n_frames = 0;
+        }
+    }
+
+    if (s->n_frames > 0) {
         *out_data = data;
         *out_size = s->size[--s->n_frames];
         parse_frame(ctx, *out_data, *out_size);
 
         return s->n_frames > 0 ? *out_size : size /* i.e. include idx tail */;
     }
 
     marker = data[size - 1];
@@ -126,16 +142,17 @@ static int parse(AVCodecParserContext *c
                         *out_size = sz; \
                         s->n_frames = n_frames; \
                     } else { \
                         s->size[n_frames] = sz; \
                     } \
                     data += sz; \
                     size -= sz; \
                 } \
+                s->marker_size = size; \
                 parse_frame(ctx, *out_data, *out_size); \
                 return s->n_frames > 0 ? *out_size : full_size
 
                 case_n(1, *idx);
                 case_n(2, AV_RL16(idx));
                 case_n(3, AV_RL24(idx));
                 case_n(4, AV_RL32(idx));
             }