[FFmpeg-devel] ffprobe: fix infinite loop in subtitle decoding

Submitted by Marton Balint on March 11, 2018, 5:12 p.m.

Details

Message ID 20180311171205.26887-1-cus@passwd.hu
State New
Headers show

Commit Message

Marton Balint March 11, 2018, 5:12 p.m.
Fixes a regression since 2a88ebd096f3c748a2d99ed1b60b22879b3c567c which caused
an infinite loop in the subtitle decoding.

Fixes ticket #6796.

Signed-off-by: Marton Balint <cus@passwd.hu>
---
 fftools/ffprobe.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

wm4 March 12, 2018, 2:29 a.m.
On Sun, 11 Mar 2018 18:12:05 +0100
Marton Balint <cus@passwd.hu> wrote:

> Fixes a regression since 2a88ebd096f3c748a2d99ed1b60b22879b3c567c which caused
> an infinite loop in the subtitle decoding.
> 
> Fixes ticket #6796.
> 
> Signed-off-by: Marton Balint <cus@passwd.hu>
> ---
>  fftools/ffprobe.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fftools/ffprobe.c b/fftools/ffprobe.c
> index 967adbe30c..d8032bfddf 100644
> --- a/fftools/ffprobe.c
> +++ b/fftools/ffprobe.c
> @@ -2275,7 +2275,8 @@ static av_always_inline int process_frame(WriterContext *w,
>              break;
>  
>          case AVMEDIA_TYPE_SUBTITLE:
> -            ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
> +            if (*packet_new || !pkt->data)
> +                ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
>              *packet_new = 0;
>              break;
>          default:

LGTM, but not sure why the "!pkt->data" check would be needed. The
flush packet sent at the end will have *packet_new==1.
Marton Balint March 12, 2018, 8:55 p.m.
On Mon, 12 Mar 2018, wm4 wrote:

> On Sun, 11 Mar 2018 18:12:05 +0100
> Marton Balint <cus@passwd.hu> wrote:
>
>> Fixes a regression since 2a88ebd096f3c748a2d99ed1b60b22879b3c567c which caused
>> an infinite loop in the subtitle decoding.
>> 
>> Fixes ticket #6796.
>> 
>> Signed-off-by: Marton Balint <cus@passwd.hu>
>> ---
>>  fftools/ffprobe.c | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>> 
>> diff --git a/fftools/ffprobe.c b/fftools/ffprobe.c
>> index 967adbe30c..d8032bfddf 100644
>> --- a/fftools/ffprobe.c
>> +++ b/fftools/ffprobe.c
>> @@ -2275,7 +2275,8 @@ static av_always_inline int process_frame(WriterContext *w,
>>              break;
>>
>>          case AVMEDIA_TYPE_SUBTITLE:
>> -            ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
>> +            if (*packet_new || !pkt->data)
>> +                ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
>>              *packet_new = 0;
>>              break;
>>          default:
>
> LGTM, but not sure why the "!pkt->data" check would be needed. The
> flush packet sent at the end will have *packet_new==1.

You're right, pushed without the !pkt->data check.

Thanks,
Marton

Patch hide | download patch | download mbox

diff --git a/fftools/ffprobe.c b/fftools/ffprobe.c
index 967adbe30c..d8032bfddf 100644
--- a/fftools/ffprobe.c
+++ b/fftools/ffprobe.c
@@ -2275,7 +2275,8 @@  static av_always_inline int process_frame(WriterContext *w,
             break;
 
         case AVMEDIA_TYPE_SUBTITLE:
-            ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
+            if (*packet_new || !pkt->data)
+                ret = avcodec_decode_subtitle2(dec_ctx, &sub, &got_frame, pkt);
             *packet_new = 0;
             break;
         default: