From patchwork Fri Jul 6 15:24:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 9637 Delivered-To: ffmpegpatchwork@gmail.com Received: by 2002:a02:104:0:0:0:0:0 with SMTP id c4-v6csp3139077jad; Fri, 6 Jul 2018 08:25:50 -0700 (PDT) X-Google-Smtp-Source: AAOMgpeTxJ1v2BC5cFq88QAMlEAWvLze8sbsW0x/RAdXCu9L7fmjrDiIq/KwLNpv3p5uXJJy3pOG X-Received: by 2002:a1c:ea17:: with SMTP id i23-v6mr5774851wmh.29.1530890750141; Fri, 06 Jul 2018 08:25:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530890750; cv=none; d=google.com; s=arc-20160816; b=r0Vue1UCrliUZ6oBWadQaAvzsF1k/QA1KEXyYCXiTIJKJ4kFTQD0ksuEWXnk2pQ/Bk 2+vBn3MLRFuabXEl1gbVTxnOWVBD84SL0T6FQ6HqNNICXmc7z13+3JWKLrf8UNR0kCXQ qhk8bwwL6pXjLQUV7DrGafsripuXDx8gNCkgpN2mcnstTjg6nbAqec7X/CFtE/XHY5Ru +YF/596pc5Hc4buBMdzv2klEc8gPtMdte6zdpVuSIzin7/Gt5GIAyk6Yn0bquBsqv9Or vb5RLmlMz/5KtvHiqjeMIpZxupcfBC+H6IOlD/FRhoAQ61CGvCiIPcebaDu6MR3so76e a2xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:delivered-to :arc-authentication-results; bh=BpS4m2ud5HfXO8V6lUk9/fP6zX7ZIFNPnlC5Rvi4A0k=; b=li2SquxOV7yEo2LFGxGOnF/J/g30KoVxCkf3HPhVwuE3aF4HH3OfyzP9/hImgVu7d2 XiyfZN2AQkmvRj8SsSZVrZJnzp1KRTHF3CZlvjCgf0f+87GQ6/DG5lYsREleNJp1cGzo OuLNpT5Ytz+qK7AqZxmRxqNJ0DXyotBAgON+ZFk3ubv1xIFB659J6WCp5c7tGWGBn3Lb 2n75S3z/1oMU1tuZMgzKwsRSNjIjf4cqeP7QsVZMUin+wIK2ug1qN9JEud6H0ZLJx8/i IMEUACqHYMZ9HcN7jfMNOtBXMDzFVNjCDtfL6dP3duQsPtWgxigcdmPGUi1tv57WLzri xF5w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 190-v6si6695915wmg.214.2018.07.06.08.25.49; Fri, 06 Jul 2018 08:25:50 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 0A75B68A570; Fri, 6 Jul 2018 18:25:35 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from vie01a-dmta-pe06-2.mx.upcmail.net (vie01a-dmta-pe06-2.mx.upcmail.net [84.116.36.15]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id BED0B68A519 for ; Fri, 6 Jul 2018 18:25:27 +0300 (EEST) Received: from [172.31.216.43] (helo=vie01a-pemc-psmtp-pe01) by vie01a-dmta-pe06.mx.upcmail.net with esmtp (Exim 4.88) (envelope-from ) id 1fbSc0-00052q-RL for ffmpeg-devel@ffmpeg.org; Fri, 06 Jul 2018 17:25:32 +0200 Received: from localhost ([213.47.41.20]) by vie01a-pemc-psmtp-pe01 with SMTP @ mailcloud.upcmail.net id 7TRQ1y01C0S5wYM01TRR1p; Fri, 06 Jul 2018 17:25:25 +0200 X-SourceIP: 213.47.41.20 From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 6 Jul 2018 17:24:29 +0200 Message-Id: <20180706152430.29695-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.18.0 Subject: [FFmpeg-devel] [PATCH 1/2] avcodec/dvbsub_parser: Do not discard data X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" May fix: oss fuzz issue 9220 Signed-off-by: Michael Niedermayer --- libavcodec/dvbsub_parser.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/libavcodec/dvbsub_parser.c b/libavcodec/dvbsub_parser.c index e77b9655cc..8ced3c4c34 100644 --- a/libavcodec/dvbsub_parser.c +++ b/libavcodec/dvbsub_parser.c @@ -57,6 +57,7 @@ static int dvbsub_parse(AVCodecParserContext *s, DVBSubParseContext *pc = s->priv_data; uint8_t *p, *p_end; int i, len, buf_pos = 0; + int out_size = 0; ff_dlog(avctx, "DVB parse packet pts=%"PRIx64", lpts=%"PRIx64", cpts=%"PRIx64":\n", s->pts, s->last_pts, s->cur_frame_pts[s->cur_frame_start_index]); @@ -71,8 +72,8 @@ static int dvbsub_parse(AVCodecParserContext *s, if (i % 16 != 0) ff_dlog(avctx, "\n"); - *poutbuf = NULL; - *poutbuf_size = 0; + *poutbuf = buf; + *poutbuf_size = buf_size; s->fetch_timestamp = 1; @@ -89,7 +90,7 @@ static int dvbsub_parse(AVCodecParserContext *s, if (buf_size < 2 || buf[0] != 0x20 || buf[1] != 0x00) { ff_dlog(avctx, "Bad packet header\n"); - return -1; + return buf_size; } buf_pos = 2; @@ -113,9 +114,9 @@ static int dvbsub_parse(AVCodecParserContext *s, } if (buf_size - buf_pos + pc->packet_index > PARSE_BUF_SIZE) - return -1; + return buf_size; -/* if not currently in a packet, discard data */ +/* if not currently in a packet, pass data */ if (pc->in_packet == 0) return buf_size; @@ -135,7 +136,7 @@ static int dvbsub_parse(AVCodecParserContext *s, if (len + 6 <= p_end - p) { - *poutbuf_size += len + 6; + out_size += len + 6; p += len + 6; } else @@ -159,9 +160,10 @@ static int dvbsub_parse(AVCodecParserContext *s, } } - if (*poutbuf_size > 0) + if (out_size > 0) { *poutbuf = pc->packet_buf; + *poutbuf_size = out_size; pc->packet_start = *poutbuf_size; }