[FFmpeg-devel] libavformat/avio: NULL check for URLContext in ffurl_write().

Submitted by Patagar, Ravindra on Feb. 7, 2018, 3:27 a.m.

Details

Message ID 1517974046-14883-1-git-send-email-rpatagar@akamai.com
State New
Headers show

Commit Message

Patagar, Ravindra Feb. 7, 2018, 3:27 a.m.
From: Ravindra <rpatagar@akamai.com>

Signed-off-by: Ravindra <rpatagar@akamai.com>
---
 libavformat/avio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

wm4 Feb. 7, 2018, 11:22 a.m.
On Wed,  7 Feb 2018 08:57:26 +0530
rpatagar@akamai.com wrote:

> From: Ravindra <rpatagar@akamai.com>
> 
> Signed-off-by: Ravindra <rpatagar@akamai.com>
> ---
>  libavformat/avio.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libavformat/avio.c b/libavformat/avio.c
> index 63e8287..18e58ae 100644
> --- a/libavformat/avio.c
> +++ b/libavformat/avio.c
> @@ -420,7 +420,7 @@ int ffurl_read_complete(URLContext *h, unsigned char *buf, int size)
>  
>  int ffurl_write(URLContext *h, const unsigned char *buf, int size)
>  {
> -    if (!(h->flags & AVIO_FLAG_WRITE))
> +    if (!h || !(h->flags & AVIO_FLAG_WRITE))
>          return AVERROR(EIO);
>      /* avoid sending too big packets */
>      if (h->max_packet_size && size > h->max_packet_size)

Why would this ever be NULL? It looks like a caller error to me, not
something the function should handle.
Patagar, Ravindra Feb. 8, 2018, 12:37 p.m.
Hi,
We observed NULL pointer during HLS/DASH streaming when we simulated network congestion and disconnects with persistent HTTP connection. 
That is why added this check to handle segmentation fault.

On 2/7/18, 4:52 PM, "wm4" <nfxjfg@googlemail.com> wrote:

    On Wed,  7 Feb 2018 08:57:26 +0530
    rpatagar@akamai.com wrote:
    
    > From: Ravindra <rpatagar@akamai.com>

    > 

    > Signed-off-by: Ravindra <rpatagar@akamai.com>

    > ---

    >  libavformat/avio.c | 2 +-

    >  1 file changed, 1 insertion(+), 1 deletion(-)

    > 

    > diff --git a/libavformat/avio.c b/libavformat/avio.c

    > index 63e8287..18e58ae 100644

    > --- a/libavformat/avio.c

    > +++ b/libavformat/avio.c

    > @@ -420,7 +420,7 @@ int ffurl_read_complete(URLContext *h, unsigned char *buf, int size)

    >  

    >  int ffurl_write(URLContext *h, const unsigned char *buf, int size)

    >  {

    > -    if (!(h->flags & AVIO_FLAG_WRITE))

    > +    if (!h || !(h->flags & AVIO_FLAG_WRITE))

    >          return AVERROR(EIO);

    >      /* avoid sending too big packets */

    >      if (h->max_packet_size && size > h->max_packet_size)

    
    Why would this ever be NULL? It looks like a caller error to me, not
    something the function should handle.
    _______________________________________________
    ffmpeg-devel mailing list
    ffmpeg-devel@ffmpeg.org
    http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Nicolas George Feb. 8, 2018, 12:39 p.m.
Patagar, Ravindra (2018-02-08):
> We observed NULL pointer during HLS/DASH streaming when we simulated
> network congestion and disconnects with persistent HTTP connection. 
> That is why added this check to handle segmentation fault.

Please investigate further: find who is calling this function with NULL,
since they should not be doing it.

> On 2/7/18, 4:52 PM, "wm4" <nfxjfg@googlemail.com> wrote:

Also, please remember not to top-quote on this list.

Regards,

Patch hide | download patch | download mbox

diff --git a/libavformat/avio.c b/libavformat/avio.c
index 63e8287..18e58ae 100644
--- a/libavformat/avio.c
+++ b/libavformat/avio.c
@@ -420,7 +420,7 @@  int ffurl_read_complete(URLContext *h, unsigned char *buf, int size)
 
 int ffurl_write(URLContext *h, const unsigned char *buf, int size)
 {
-    if (!(h->flags & AVIO_FLAG_WRITE))
+    if (!h || !(h->flags & AVIO_FLAG_WRITE))
         return AVERROR(EIO);
     /* avoid sending too big packets */
     if (h->max_packet_size && size > h->max_packet_size)