From patchwork Mon Feb 11 01:06:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Jan_Ekstr=C3=B6m?= X-Patchwork-Id: 12037 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id E836D449037 for ; Mon, 11 Feb 2019 03:07:03 +0200 (EET) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id C535D689CAC; Mon, 11 Feb 2019 03:07:03 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-lf1-f45.google.com (mail-lf1-f45.google.com [209.85.167.45]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 90104689CAC for ; Mon, 11 Feb 2019 03:06:57 +0200 (EET) Received: by mail-lf1-f45.google.com with SMTP id u21so987532lfu.1 for ; Sun, 10 Feb 2019 17:06:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=1y1R33m4/XXjJL12aMM96p50AjEawcW/6FT0I4aRDOM=; b=s8Cx6mJ0PMmCVDbvDWNZIRQ9YUH4eKJl0+vPZSqOvXO1SWC7Tk6DO+0CG0vwmaukPw 4Rxvi7AkyqFiQge9Nv/antmW+fp2pxvuZhA/ijEVpKhGwtGBUbtrwbmFUULf4UrAl6KP a8XA2mrCr7oY5sTEAQOAm5bNLg8miSzOqRNk2xAoi/R9HfguqtrHbWQ9oHD7MvpdUP/Y oNjFuOdCU4y9fB64c8Z+RhtcGHtH1yTNxh8jJMhzTEfzzZUMZNWwRqfLK81EIIT7fPUz zok1CvMqMGb1T+CXw43eltoJC9rsEvdhk1KMgwRGOZF26ET79zkD3AvPddPh3PN6KrDV +H3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=1y1R33m4/XXjJL12aMM96p50AjEawcW/6FT0I4aRDOM=; b=kpVcQmeoBf4munR6t+BO9ldjTPYNIXD6rpt0hFqPe6vhLwCWIKiQxZ4JRhzgRvdFNt /SyHu89VCSGVZXvrDNvgNUL/bFHXH1MA756xJOZ/DgZn9HnP4apQXHWIYTSXfnDR5hLU 46I8gYqmlo88ewOC2BJ31rnuq00zFZOrT0dIDOjlPv4Y3c80DNJXkc/u//FqQNE8ePvL 5ZrG4gnVAmS4/hoLZqe2WLYhBjnzKJTIpMatjl/scVusxBoQM9J28PxG4U75nB/qZUYQ Bb7hajjWy6udaEd86gyW3IoqEwZmlhYbl1ebf0/DL0aGvn7yqmsO1jrCMAf5nB/RtP07 D+lg== X-Gm-Message-State: AHQUAuYyI6p2oJI37R3MD4XSgUY5Fhas8NN8zR8A6Qnr039NKQDRZynU bIgTV9ICeEjFeDAFioCz7MZ++VyZ X-Google-Smtp-Source: AHgI3IY3j4w/SPKS2jCj3LA0Xg1sx5TAuGDcDq+02Rti4ne++ceAsvmX7zSQ3CVtUhOJSdckWnbYpA== X-Received: by 2002:ac2:5593:: with SMTP id v19mr19555363lfg.60.1549847216312; Sun, 10 Feb 2019 17:06:56 -0800 (PST) Received: from localhost.localdomain (91-159-194-103.elisa-laajakaista.fi. [91.159.194.103]) by smtp.gmail.com with ESMTPSA id e132sm1970363lfg.22.2019.02.10.17.06.55 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 10 Feb 2019 17:06:55 -0800 (PST) From: =?UTF-8?q?Jan=20Ekstr=C3=B6m?= To: ffmpeg-devel@ffmpeg.org Date: Mon, 11 Feb 2019 03:06:51 +0200 Message-Id: <20190211010654.24762-1-jeebjp@gmail.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 1/4] lavc/libaribb24: add error handling to region handling X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Fixes some rather embarrassing mistakes that somehow passed my eyes. * Now catches if memory allocation has failed during bprint usage by checking av_bprint_is_complete(). * Now catches if adding an ASS rectangle into an AVSubtitle failed. * Returns AVERROR_INVALIDDATA if we get an invalid region buffer length. --- libavcodec/libaribb24.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/libavcodec/libaribb24.c b/libavcodec/libaribb24.c index bc0255286c..d6cccd117b 100644 --- a/libavcodec/libaribb24.c +++ b/libavcodec/libaribb24.c @@ -204,12 +204,13 @@ static int libaribb24_close(AVCodecContext *avctx) #define RGB_TO_BGR(c) ((c & 0xff) << 16 | (c & 0xff00) | ((c >> 16) & 0xff)) -static void libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub) +static int libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub) { Libaribb24Context *b24 = avctx->priv_data; const arib_buf_region_t *region = arib_decoder_get_regions(b24->decoder); unsigned int profile_font_size = get_profile_font_size(avctx->profile); AVBPrint buf = { 0 }; + int ret = 0; av_bprint_init(&buf, 0, AV_BPRINT_SIZE_UNLIMITED); @@ -224,6 +225,7 @@ static void libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub) if (region_length < 0) { av_log(avctx, AV_LOG_ERROR, "Invalid negative region length!\n"); + ret = AVERROR_INVALIDDATA; break; } @@ -264,12 +266,20 @@ next_region: region = region->p_next; } - av_log(avctx, AV_LOG_DEBUG, "Styled ASS line: %s\n", - buf.str); - ff_ass_add_rect(sub, buf.str, b24->read_order++, - 0, NULL, NULL); + if (!av_bprint_is_complete(&buf)) + ret = AVERROR(ENOMEM); + + if (ret == 0) { + av_log(avctx, AV_LOG_DEBUG, "Styled ASS line: %s\n", + buf.str); + + ret = ff_ass_add_rect(sub, buf.str, b24->read_order++, + 0, NULL, NULL); + } av_bprint_finalize(&buf, NULL); + + return ret; } static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr, AVPacket *pkt) @@ -281,6 +291,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr const unsigned char *parsed_data = NULL; char *decoded_subtitle = NULL; time_t subtitle_duration = 0; + int ret = 0; if (pkt->size <= 0) return pkt->size; @@ -332,7 +343,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr avctx->time_base.num, avctx->time_base.den); if (decoded_subtitle) - libaribb24_handle_regions(avctx, sub); + ret = libaribb24_handle_regions(avctx, sub); *got_sub_ptr = sub->num_rects > 0; @@ -342,7 +353,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr // longer and longer... arib_finalize_decoder(b24->decoder); - return pkt->size; + return ret < 0 ? ret : pkt->size; } static void libaribb24_flush(AVCodecContext *avctx)