From patchwork Sun Jan 12 21:56:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 17309 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id ED7AB44B0B6 for ; Mon, 13 Jan 2020 00:02:21 +0200 (EET) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id C92CE68B0A3; Mon, 13 Jan 2020 00:02:21 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E6A6A6882C0 for ; Mon, 13 Jan 2020 00:02:15 +0200 (EET) Received: by mail-wm1-f67.google.com with SMTP id t14so7585653wmi.5 for ; Sun, 12 Jan 2020 14:02:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=8rNC39EcmUn5P0AzdBmJUNrjLrZ/hLxyfoi9yEiQrlo=; b=CfI8XFSIJg1lU7vxEQ7FqZiSHXk0y9Xxs8YbCut2OD8fZwPLujcevcQs3tS/TBpK1U YZro7Y6qoQWe8MV/CsQvXwOrsDlgeAcOtqvyZ0J9eXuKtdVJ8qVyNwSbMrQ5efykEGYG rd+yZiNgpBmLVjC+jkVhYso9uwQPIBOkzaYeBt/nKYzRxDOnF4DnJxS3uR4AbiKvV7if FawzrdLrZ7n/3v2za3nAQzxhZDmFSftvEpn0PAolk4CN7qgFHXUFTQqj1QxCvjy8lViW FHDfs+o9VjOs4GAebAEMUWlUHfb0r9qLs2j4yVgMBu8BSPWCKjhzwlsKauJqzvKIqHAb wRiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=8rNC39EcmUn5P0AzdBmJUNrjLrZ/hLxyfoi9yEiQrlo=; b=Ey134QXDa7YLSNJN6MNKR6Mv1D9eYHqaALAAguntAkpzT7wsX2o7D4LcSquyDZXvSQ LegFsgZkEdpew2UMgwrlb1n/cd7oUtJhix7kB5EtyvygT8W/n/eysRCCz3PwwWX1Q/WC TinI5M84S5Iik2yRZiAfMM11g2hbRoQ8N+DUJOo0a8wbG6LJnkjTJQQzEUgHwoGZLfr/ HNrn7y4A8DEaPi+K09uFzD70sLpgsYcHLtSbBldp4ipSRbG/8bVvsDj9vmd9sAyJGisa ywb5YBhRx1mk1gMmBszmjS+TmiNZMOnkFsg0+Xw2RrJAK5viWXfQdRX7pczUz8VvBOFQ MzCA== X-Gm-Message-State: APjAAAV0ZXzLTSVmwHDJ4KxcLoe0ZDEePAr7igS8/fFJg/r3O9LR0I5k VueoNRpizss2BqGI/sawMs6LRP5W X-Google-Smtp-Source: APXvYqx2wWq51UUXGRqf6mGoXzKgG8efXVSZV61OJRrgxUn9WPrkqyvo30CTgl6ldURx0rAKGYtCsg== X-Received: by 2002:a7b:cbc9:: with SMTP id n9mr16460174wmi.89.1578866218623; Sun, 12 Jan 2020 13:56:58 -0800 (PST) Received: from sblaptop.fritz.box (ipbcc08bbf.dynamic.kabel-deutschland.de. [188.192.139.191]) by smtp.gmail.com with ESMTPSA id c4sm11763741wml.7.2020.01.12.13.56.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 12 Jan 2020 13:56:58 -0800 (PST) From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Sun, 12 Jan 2020 22:56:49 +0100 Message-Id: <20200112215651.1258-1-andreas.rheinhardt@gmail.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH v2 1/3] avformat/apngdec: Return error for incomplete header X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" If avio_read() could read anything, it returns the number of bytes read, even if it could not read as much as the caller desired. apng_read_header() only checked the return value of its avio_read() calls for being negative and this meant that it was possible for an incomplete header to not be detected. The return value of the last successfull call has been returned instead. This commit changes this. Signed-off-by: Andreas Rheinhardt --- Now returning AVERROR_INVALIDDATA for truncated data. I wonder whether a function that automatically returns an error when the desired amount of data couldn't be read (instead of returning the amount it read) would be worth it. (Such a function should have a parameter indicating whether the current position can be a legitimate position for EOF (so that AVERROR_EOF is returned when nothing could be read due to EOF) or not (where AVERROR_INVALIDDATA should be returned in such a case).) libavformat/apngdec.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/libavformat/apngdec.c b/libavformat/apngdec.c index 0f1d04a365..36657877d2 100644 --- a/libavformat/apngdec.c +++ b/libavformat/apngdec.c @@ -138,8 +138,8 @@ static int append_extradata(AVCodecParameters *par, AVIOContext *pb, int len) par->extradata = new_extradata; par->extradata_size = new_size; - if ((ret = avio_read(pb, par->extradata + previous_size, len)) < 0) - return ret; + if ((ret = avio_read(pb, par->extradata + previous_size, len)) != len) + return (ret < 0 && ret != AVERROR_EOF) ? ret : AVERROR_INVALIDDATA; return previous_size; } @@ -185,10 +185,10 @@ static int apng_read_header(AVFormatContext *s) AV_WL32(st->codecpar->extradata+4, tag); AV_WB32(st->codecpar->extradata+8, st->codecpar->width); AV_WB32(st->codecpar->extradata+12, st->codecpar->height); - if ((ret = avio_read(pb, st->codecpar->extradata+16, 9)) < 0) - goto fail; + if ((ret = avio_read(pb, st->codecpar->extradata + 16, 9)) != 9) + return (ret < 0 && ret != AVERROR_EOF) ? ret : AVERROR_INVALIDDATA; - while (!avio_feof(pb)) { + while (1) { if (acTL_found && ctx->num_play != 1) { int64_t size = avio_size(pb); int64_t offset = avio_tell(pb);