[FFmpeg-devel] avcodec/flac_parser: Fix infinite loop

Message ID	20180504004214.13898-1-michael@niedermayer.cc
State	Accepted
Commit	15a2e35e9e74bba5a27e39c26da5be2361f27945
Headers	show Delivered-To: ffmpegpatchwork@gmail.com Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; From: Michael Niedermayer <michael@niedermayer.cc> To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Date: Fri, 4 May 2018 02:42:14 +0200 Message-Id: <20180504004214.13898-1-michael@niedermayer.cc> Subject: [FFmpeg-devel] [PATCH] avcodec/flac_parser: Fix infinite loop Precedence: list Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Message ID

20180504004214.13898-1-michael@niedermayer.cc

State

Accepted

Commit

15a2e35e9e74bba5a27e39c26da5be2361f27945

Headers

Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
	designates 79.124.17.100 as permitted sender)
	client-ip=79.124.17.100; 
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Fri,  4 May 2018 02:42:14 +0200
Message-Id: <20180504004214.13898-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH] avcodec/flac_parser: Fix infinite loop
Precedence: list
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Commit Message

Michael Niedermayer May 4, 2018, 12:42 a.m. UTC

Fixes: crbug/827204

Reported-by: Frank Liberato <liberato@google.com>
Reviewed-by: Frank Liberato <liberato@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/flac_parser.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

Comments

Michael Niedermayer May 5, 2018, 2:52 p.m. UTC | #1

On Fri, May 04, 2018 at 02:42:14AM +0200, Michael Niedermayer wrote:
> Fixes: crbug/827204
> 
> Reported-by: Frank Liberato <liberato@google.com>
> Reviewed-by: Frank Liberato <liberato@google.com>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/flac_parser.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)

will apply

[...]

diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c
index 84da23f327..2721286464 100644
--- a/libavcodec/flac_parser.c
+++ b/libavcodec/flac_parser.c
@@ -686,12 +686,17 @@  static int flac_parse(AVCodecParserContext *s, AVCodecContext *avctx,
     }
 
     for (curr = fpc->headers; curr; curr = curr->next) {
-        if (curr->max_score > 0 &&
-            (!fpc->best_header || curr->max_score > fpc->best_header->max_score)) {
+        if (!fpc->best_header || curr->max_score > fpc->best_header->max_score) {
             fpc->best_header = curr;
         }
     }
 
+    if (fpc->best_header && fpc->best_header->max_score <= 0) {
+        // Only accept a bad header if there is no other option to continue
+        if (!buf_size || !buf || read_end != buf || fpc->nb_headers_buffered < FLAC_MIN_HEADERS)
+            fpc->best_header = NULL;
+    }
+
     if (fpc->best_header) {
         fpc->best_header_valid = 1;
         if (fpc->best_header->offset > 0) {

[FFmpeg-devel] avcodec/flac_parser: Fix infinite loop

Commit Message

Comments

Patch