[FFmpeg-devel,3/3] avcodec/mpeg4_unpack_bframes_bsf: Improve DivX userdata check

Submitted by Andreas Rheinhardt on Feb. 2, 2019, 7:34 p.m.

Details

Message ID 20190202193412.572-3-andreas.rheinhardt@googlemail.com
State New
Headers show

Commit Message

Andreas Rheinhardt Feb. 2, 2019, 7:34 p.m.
The earlier version didn't really check that the 'p' of a "p\0" is
actually part of a DivX user_data section, instead it treated the first
"p\0" after the start of a user_data section as end of a DivX user_data
section if it is close enough to the beginning of the user_data section;
it actually needn't be part of a user_data section at all.

Furthermore, the code worked under the assumption that there is a 0x00
after the 'p' although this might not be true for extradata if the DivX
user_data unit is at the end of the extradata.

Both of these flaws have been fixed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@googlemail.com>
---
 libavcodec/mpeg4_unpack_bframes_bsf.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

Comments

Michael Niedermayer Feb. 4, 2019, 6:43 p.m.
On Sat, Feb 02, 2019 at 08:34:12PM +0100, Andreas Rheinhardt wrote:
> The earlier version didn't really check that the 'p' of a "p\0" is
> actually part of a DivX user_data section, instead it treated the first
> "p\0" after the start of a user_data section as end of a DivX user_data
> section if it is close enough to the beginning of the user_data section;
> it actually needn't be part of a user_data section at all.
> 
> Furthermore, the code worked under the assumption that there is a 0x00
> after the 'p' although this might not be true for extradata if the DivX
> user_data unit is at the end of the extradata.
> 
> Both of these flaws have been fixed.

The absence of a check for DivX was intentional so other codecs could
also generate packed bitstreams and be supported.

extradata generally has 0 value padding bytes at the end. But yes it
would be better to avoid depending on that.

Thanks


[...]

Patch hide | download patch | download mbox

diff --git a/libavcodec/mpeg4_unpack_bframes_bsf.c b/libavcodec/mpeg4_unpack_bframes_bsf.c
index 1daf133ce5..20d3e39c00 100644
--- a/libavcodec/mpeg4_unpack_bframes_bsf.c
+++ b/libavcodec/mpeg4_unpack_bframes_bsf.c
@@ -41,10 +41,13 @@  static void scan_buffer(const uint8_t *buf, int buf_size,
 
         if (startcode == USER_DATA_STARTCODE && pos_p) {
             /* check if the (DivX) userdata string ends with 'p' (packed) */
-            for (int i = 0; i < 255 && pos + i + 1 < end; i++) {
-                if (pos[i] == 'p' && pos[i + 1] == '\0') {
-                    *pos_p = pos + i - buf;
-                    break;
+            if (!memcmp(pos, "DivX", 4)) {
+                for (int i = 4; i < 255 && pos + i < end; i++) {
+                    if (pos[i] == 'p' && (pos + i + 1 == end || pos[i + 1] == '\0')) {
+                        *pos_p = pos + i - buf;
+                        break;
+                    } else if (pos[i] == 0)
+                        break;
                 }
             }
         } else if (startcode == VOP_STARTCODE && nb_vop) {