Navigation

Changeset be3c7a5f8ca2b7189f3176dbcdf32c5c06ff9af1

Timestamp:

03/31/08 10:17:53 (5 months ago)

Author:

Jean-Paul Saman <jpsaman@videolan.org>

git-committer:

Jean-Paul Saman <jpsaman@videolan.org> 1206951473 +0200

git-parent:

[cf34ca7b9307806bedb90f37e40e03de8a84e35b]

git-author:

Rafaël Carré <funman@videolan.org> 1206950834 +0200

Message:

h264 packetizer : do not trust the input data in p_extra

Files:

rcf34ca7	rbe3c7a5
224	224	for( i = 0; i < i_sps; i++ )
225	225	{
226		int i_length = GetWBE( p );
227		block_t *p_sps = nal_get_annexeb( p_dec, p + 2, i_length );
228
	226	uint16_t i_length = GetWBE( p ); p += 2;
	227	if( i_length >
	228	(uint8_t*)p_dec->fmt_in.p_extra + p_dec->fmt_in.i_extra - p )
	229	{
	230	return VLC_EGENERIC;
	231	}
	232	block_t *p_sps = nal_get_annexeb( p_dec, p, i_length );
	233	if( !p_sps )
	234	return VLC_EGENERIC;
229	235	p_sys->p_sps = block_Duplicate( p_sps );
230	236	p_sps->i_pts = p_sps->i_dts = mdate();
231	237	ParseNALBlock( p_dec, p_sps );
232		p += ~~2 +~~ i_length;
	238	p += i_length;
233	239	}
234	240	/* Read PPS */
…	…
236	242	for( i = 0; i < i_pps; i++ )
237	243	{
238		int i_length = GetWBE( p );
239		block_t *p_pps = nal_get_annexeb( p_dec, p + 2, i_length );
240
	244	uint16_t i_length = GetWBE( p ); p += 2;
	245	if( i_length >
	246	(uint8_t*)p_dec->fmt_in.p_extra + p_dec->fmt_in.i_extra - p )
	247	{
	248	return VLC_EGENERIC;
	249	}
	250	block_t *p_pps = nal_get_annexeb( p_dec, p, i_length );
	251	if( !p_pps )
	252	return VLC_EGENERIC;
241	253	p_sys->p_pps = block_Duplicate( p_pps );
242	254	p_pps->i_pts = p_pps->i_dts = mdate();
243	255	ParseNALBlock( p_dec, p_pps );
244		p += ~~2 +~~ i_length;
	256	p += i_length;
245	257	}
246	258	msg_Dbg( p_dec, "avcC length size=%d, sps=%d, pps=%d",