diff mbox series

[FFmpeg-devel,01/10] avformat/segment: Don't overwrite AVCodecParameters after init

Message ID 20200907024952.11697-1-andreas.rheinhardt@gmail.com
State Accepted
Commit 92c8b79b5acc06ec608b4c5a2b1ff428dfa1a810
Headers show
Series [FFmpeg-devel,01/10] avformat/segment: Don't overwrite AVCodecParameters after init
Related show

Checks

Context Check Description
andriy/default pending
andriy/make success Make finished
andriy/make_fate success Make fate finished

Commit Message

Andreas Rheinhardt Sept. 7, 2020, 2:49 a.m. UTC
The segment muxer copies the user-provided AVCodecParameters to the
newly created child streams in its init function before initializing the
child muxer; and since commit 8e6478b723affe4d44f94d34b98e0c47f6a0b411,
it does this again before calling avformat_write_header() if that is
called from seg_write_header(). The reason for this is complicated:

At that time writing the header was delayed, i.e. it was not triggered
by avformat_write_header() (unless the AVFMT_FLAG_AUTO_BSF was unset),
but instead by writing the very first packet. The rationale behind this
was to allow to run bitstream filters on the packets in the interleavement
queue in order to generate missing extradata from them before the muxer's
write_header function is actually called.

The segment muxer went even further: It initialized the child muxer and
ran the child muxer's check_bitstream functions on the packets in its
own muxing queue and stole any bitstream filters that got inserted. The
reason for this is that the segment muxer has an option to write the
header to a separate file and for this it is needed to write the child
muxer's header without delay, but with correct extradata. Unsetting
AVFMT_FLAG_AUTO_BSF for the child muxer accomplished the first goal and
stealing the bitstream filters the second; and in order for the child
muxer to actually use the updated extradata, the old AVCodecParameters
(set before avformat_init_output()) were overwritten with the new ones.

Updating the extradata proceeded as follows: The bitstream filter itself
simply updated the AVBSFContext's par_out when processing a packet, in
violation of the new BSF API (where par_out may only be set in the init
function); the muxing code then simply forwarded the updated extradata,
overwriting the par_in of the next BSF in the BSF chain with the fresh
par_out of the last one and the AVStream's par with the par_out of the
last BSF. This was an API violation, too, of course, but it made
remuxing ADTS AAC into mp4/matroska work.

But this no longer serves a useful purpose since the aac_adtstoasc BSF
was updated to propagate new extradata via packet side data in commit
f63c3516577d605e51cf16358cbdfa0bc97565d8; the next commit then removed
the code in mux.c passing new extradata along the filter chain. This
alone justifies removing the code for setting the AVCodecParameters a
second time.

But there is even another reason to do so: It is harmful. The ogg muxer
parses the extradata of Theora and Vorbis in its init function and keeps
pointers to parts of it. Said pointers become dangling when the
extradata is overwritten by the segment muxer, leading to
use-after-frees as has happened in ticket #8881 which this commit fixes.

Ticket #8517 is about another issue caused by this: Immediately after
having overwritten the old AVCodecParameters the segment muxer checks
whether the codec_tag is ok (the codec_tag is set generically when
initializing the child muxer based upon muxer-specific lists). The check
used is: If the child output format has such a list and if the codec tag
of the non-child stream does not match the codec id given the list of
codec tags and if there is a match for the codec id in the codec tag
list, then set the codec tag to zero (and not to the existing match),
otherwise set the codec tag of the child stream to the codec tag
of the corresponding stream of the main AVFormatContext (which is btw
redundant given that the child AVCodecParameters have just been
overwritten with the AVCodecParameters of the corresponding stream of
the main AVFormatContext).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
 libavformat/segment.c | 19 +------------------
 1 file changed, 1 insertion(+), 18 deletions(-)
diff mbox series

Patch

diff --git a/libavformat/segment.c b/libavformat/segment.c
index f67456fa57..0c9b93725d 100644
--- a/libavformat/segment.c
+++ b/libavformat/segment.c
@@ -817,26 +817,9 @@  static int seg_write_header(AVFormatContext *s)
 {
     SegmentContext *seg = s->priv_data;
     AVFormatContext *oc = seg->avf;
-    int ret, i;
+    int ret;
 
     if (!seg->header_written) {
-        for (i = 0; i < s->nb_streams; i++) {
-            AVStream *st = oc->streams[i];
-            AVCodecParameters *ipar, *opar;
-
-            ipar = s->streams[i]->codecpar;
-            opar = oc->streams[i]->codecpar;
-            avcodec_parameters_copy(opar, ipar);
-            if (!oc->oformat->codec_tag ||
-                av_codec_get_id (oc->oformat->codec_tag, ipar->codec_tag) == opar->codec_id ||
-                av_codec_get_tag(oc->oformat->codec_tag, ipar->codec_id) <= 0) {
-                opar->codec_tag = ipar->codec_tag;
-            } else {
-                opar->codec_tag = 0;
-            }
-            st->sample_aspect_ratio = s->streams[i]->sample_aspect_ratio;
-            st->time_base = s->streams[i]->time_base;
-        }
         ret = avformat_write_header(oc, NULL);
         if (ret < 0)
             return ret;