| Message ID | CAB0OVGrXfMF07wU+RTtxuoZqi-N8apdno=sqViW_394Ek6nhww@mail.gmail.com |
|---|---|
| State | Superseded |
| Headers | show |
On Mon, Nov 27, 2017 at 03:05:27AM +0100, Carl Eugen Hoyos wrote: > Hi! > > Attached patch fixes ticket #6874 for me. > I don't think it makes much sense to discuss what the specification > means with "logical screen size" and "raster screen size" and > "physical display": Not only do other decoders accept such files, our > decoder already contains the necessary code to crop the image. > I believe that it could at least be argued that the specification > allows such files. > > Please comment, Carl Eugen > gifdec.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > 120f9d9fde11cb243440c9c4ba2051904bfc2c9c 0001-lavc-gifdec-Do-not-error-out-if-resolution-is-bigger.patch > From 47f5d312461a0d30cd1e70d819ae1daefbb5eebb Mon Sep 17 00:00:00 2001 > From: Carl Eugen Hoyos <ceffmpeg@gmail.com> > Date: Mon, 27 Nov 2017 02:57:50 +0100 > Subject: [PATCH] lavc/gifdec: Do not error out if resolution is bigger than > screen dimension. > > This is what other decoders do. > > Fixes ticket #6874. this makes the decoder crash [gif @ 0x25588b40] LZW decode failed [gif @ 0x25588b40] LZW decode failedtime=00:00:00.10 bitrate=N/A speed=0.171x Last message repeated 2 times [gif @ 0x25588b40] Image too wide by 16384, truncating. ==1782== Invalid write of size 1 ==1782== at 0x978928: ff_lzw_decode (in ffmpeg/ffmpeg_g) ==1782== by 0x893C47: gif_decode_frame (in ffmpeg/ffmpeg_g) ==1782== by 0x7F8976: decode_receive_frame_internal (in ffmpeg/ffmpeg_g) ==1782== by 0x7F9537: avcodec_send_packet (in ffmpeg/ffmpeg_g) ==1782== by 0x4C93CB: decode_video (in ffmpeg/ffmpeg_g) ==1782== by 0x4CC332: process_input (in ffmpeg/ffmpeg_g) ==1782== by 0x4AB176: main (in ffmpeg/ffmpeg_g) ==1782== Address 0x257565db is 0 bytes after a block of size 91 alloc'd ==1782== at 0x4C2A6C5: memalign (vg_replace_malloc.c:727) ==1782== by 0x4C2A760: posix_memalign (vg_replace_malloc.c:876) ==1782== by 0x108446C: av_fast_malloc (in ffmpeg/ffmpeg_g) ==1782== by 0x8937D3: gif_decode_frame (in ffmpeg/ffmpeg_g) ==1782== by 0x7F8976: decode_receive_frame_internal (in ffmpeg/ffmpeg_g) ==1782== by 0x7F9537: avcodec_send_packet (in ffmpeg/ffmpeg_g) ==1782== by 0x4C93CB: decode_video (in ffmpeg/ffmpeg_g) ==1782== by 0x4CC332: process_input (in ffmpeg/ffmpeg_g) ==1782== by 0x4AB176: main (in ffmpeg/ffmpeg_g) [...]
From 47f5d312461a0d30cd1e70d819ae1daefbb5eebb Mon Sep 17 00:00:00 2001 From: Carl Eugen Hoyos <ceffmpeg@gmail.com> Date: Mon, 27 Nov 2017 02:57:50 +0100 Subject: [PATCH] lavc/gifdec: Do not error out if resolution is bigger than screen dimension. This is what other decoders do. Fixes ticket #6874. --- libavcodec/gifdec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/gifdec.c b/libavcodec/gifdec.c index 2eeed4c..59d866b 100644 --- a/libavcodec/gifdec.c +++ b/libavcodec/gifdec.c @@ -179,11 +179,11 @@ static int gif_read_image(GifState *s, AVFrame *frame) } /* verify that all the image is inside the screen dimensions */ - if (!width || width > s->screen_width || left >= s->screen_width) { + if (!width || left >= s->screen_width) { av_log(s->avctx, AV_LOG_ERROR, "Invalid image width.\n"); return AVERROR_INVALIDDATA; } - if (!height || height > s->screen_height || top >= s->screen_height) { + if (!height || top >= s->screen_height) { av_log(s->avctx, AV_LOG_ERROR, "Invalid image height.\n"); return AVERROR_INVALIDDATA; } -- 1.7.10.4