Message ID | CAO7y9i-WX7Q3TU+CfD6wcRDPbtRzbPv8nhiqAHHVsmRZb0a0xA@mail.gmail.com |
---|---|
State | Superseded |
Headers | show |
On Tue, Aug 14, 2018 at 11:12:58AM -0700, Jacob Trimble wrote: > On Tue, Aug 14, 2018 at 10:39 AM Jacob Trimble <modmaker@google.com> wrote: > > > > If there is a saio/saiz in clear content, we shouldn't create the > > encryption index if we don't already have one. Otherwise it will > > confuse the cenc_filter. > > > > Found by Chromium's ClusterFuzz: https://crbug.com/873432 > > > > Signed-off-by: Jacob Trimble <modmaker@google.com> > > --- > > libavformat/mov.c | 28 ++++++++++++++++++---------- > > 1 file changed, 18 insertions(+), 10 deletions(-) > > > > diff --git a/libavformat/mov.c b/libavformat/mov.c > > index c863047d79..50bc1cab4b 100644 > > --- a/libavformat/mov.c > > +++ b/libavformat/mov.c > > @@ -5828,7 +5828,7 @@ static int mov_read_frma(MOVContext *c, AVIOContext *pb, MOVAtom atom) > > * info for this fragment; otherwise this will return the global encryption > > * info for the current stream. > > */ > > -static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encryption_index, MOVStreamContext **sc) > > +static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encryption_index, MOVStreamContext **sc, int create) > > { > > MOVFragmentStreamInfo *frag_stream_info; > > AVStream *st; > > @@ -5847,9 +5847,13 @@ static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encry > > *sc = st->priv_data; > > > > if (!frag_stream_info->encryption_index) { > > - frag_stream_info->encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); > > - if (!frag_stream_info->encryption_index) > > - return AVERROR(ENOMEM); > > + if (create) { > > + frag_stream_info->encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); > > + if (!frag_stream_info->encryption_index) > > + return AVERROR(ENOMEM); > > + } else { > > + return 0; > > + } > > } > > *encryption_index = frag_stream_info->encryption_index; > > return 1; > > @@ -5862,9 +5866,13 @@ static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encry > > *sc = st->priv_data; > > > > if (!(*sc)->cenc.encryption_index) { > > - (*sc)->cenc.encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); > > - if (!(*sc)->cenc.encryption_index) > > - return AVERROR(ENOMEM); > > + if (create) { > > + (*sc)->cenc.encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); > > + if (!(*sc)->cenc.encryption_index) > > + return AVERROR(ENOMEM); > > + } else { > > + return 0; > > + } > > } > > > > *encryption_index = (*sc)->cenc.encryption_index; > > @@ -5931,7 +5939,7 @@ static int mov_read_senc(MOVContext *c, AVIOContext *pb, MOVAtom atom) > > int use_subsamples, ret; > > unsigned int sample_count, i, alloc_size = 0; > > > > - ret = get_current_encryption_info(c, &encryption_index, &sc); > > + ret = get_current_encryption_info(c, &encryption_index, &sc, /* create */ 1); > > if (ret != 1) > > return ret; > > > > @@ -6078,7 +6086,7 @@ static int mov_read_saiz(MOVContext *c, AVIOContext *pb, MOVAtom atom) > > int ret; > > unsigned int sample_count, aux_info_type, aux_info_param; > > > > - ret = get_current_encryption_info(c, &encryption_index, &sc); > > + ret = get_current_encryption_info(c, &encryption_index, &sc, /* create */ 0); > > if (ret != 1) > > return ret; > > > > @@ -6152,7 +6160,7 @@ static int mov_read_saio(MOVContext *c, AVIOContext *pb, MOVAtom atom) > > unsigned int version, entry_count, aux_info_type, aux_info_param; > > unsigned int alloc_size = 0; > > > > - ret = get_current_encryption_info(c, &encryption_index, &sc); > > + ret = get_current_encryption_info(c, &encryption_index, &sc, /* create */ 0); > > if (ret != 1) > > return ret; > > > > -- > > 2.18.0.865.gffc8e1a3cd6-goog > > > > After thinking of this more, this was the incorrect fix. Attached is > the correct fix. > mov.c | 6 ++++++ > 1 file changed, 6 insertions(+) > 0e583b4ad11852ce38a2b945644e178b7f13a42f 0001-avformat-mov-Allow-saio-saiz-in-clear-content-v2.patch > From 256880aca517f64257eb28342a656867d90307a7 Mon Sep 17 00:00:00 2001 > From: Jacob Trimble <modmaker@google.com> > Date: Tue, 14 Aug 2018 10:18:55 -0700 > Subject: [PATCH] avformat/mov: Allow saio/saiz in clear content. This code is used in saio/saiz/senc. The message only mentions the first 2. [...]
From 256880aca517f64257eb28342a656867d90307a7 Mon Sep 17 00:00:00 2001 From: Jacob Trimble <modmaker@google.com> Date: Tue, 14 Aug 2018 10:18:55 -0700 Subject: [PATCH] avformat/mov: Allow saio/saiz in clear content. If there is a saio/saiz in clear content, we shouldn't create the encryption index if we don't already have one. Otherwise it will confuse the cenc_filter. Found by Chromium's ClusterFuzz: https://crbug.com/873432 Signed-off-by: Jacob Trimble <modmaker@google.com> --- libavformat/mov.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libavformat/mov.c b/libavformat/mov.c index c863047d79..ee9acdb73c 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -5847,6 +5847,9 @@ static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encry *sc = st->priv_data; if (!frag_stream_info->encryption_index) { + // If this stream isn't encrypted, don't create the index. + if (!(*sc)->cenc.default_encrypted_sample) + return 0; frag_stream_info->encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); if (!frag_stream_info->encryption_index) return AVERROR(ENOMEM); @@ -5862,6 +5865,9 @@ static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encry *sc = st->priv_data; if (!(*sc)->cenc.encryption_index) { + // If this stream isn't encrypted, don't create the index. + if (!(*sc)->cenc.default_encrypted_sample) + return 0; (*sc)->cenc.encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index)); if (!(*sc)->cenc.encryption_index) return AVERROR(ENOMEM); -- 2.18.0.865.gffc8e1a3cd6-goog