| Message ID | 20230328221053.26905-1-cus@passwd.hu |
|---|---|
| State | Accepted |
| Commit | 5f92a192315fc9349e7c9bdc923666f79d5c5e8d |
| Headers | show |
| Series | [FFmpeg-devel] avformat/assenc: avoid incorrect copy of null terminator | expand |
| Context | Check | Description |
|---|---|---|
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | success | Make fate finished |
On Wed, 29 Mar 2023, Marton Balint wrote: > When writing a subtitle SSA/ASS subtitle file, the AVCodecParameters::extradata > buffer is written directly to the output. In the case where the buffer is > filled from a matroska source file produced by some older versions of > Handbrake, this buffer ends with a null terminating character, which is then > erroneously copied into the middle of the output file. The change here avoids > this problem by treating it as a string rather than a raw buffer. This way it > is agnostic as to whether the source buffer was null terminated or not. > > Fixes ticket #10203. Will apply. Regards, Marton > > Reported-by: Tim Angus <tim at ngus.net> > Signed-off-by: Marton Balint <cus@passwd.hu> > --- > libavformat/assenc.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/libavformat/assenc.c b/libavformat/assenc.c > index 85a1e53371..6ecfb04517 100644 > --- a/libavformat/assenc.c > +++ b/libavformat/assenc.c > @@ -70,8 +70,9 @@ static int write_header(AVFormatContext *s) > ass->trailer = trailer; > } > > + header_size = av_strnlen(par->extradata, header_size); > avio_write(s->pb, par->extradata, header_size); > - if (par->extradata[header_size - 1] != '\n') > + if (header_size && par->extradata[header_size - 1] != '\n') > avio_write(s->pb, "\r\n", 2); > ass->ssa_mode = !strstr(par->extradata, "\n[V4+ Styles]"); > if (!strstr(par->extradata, "\n[Events]")) > -- > 2.35.3 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". >
diff --git a/libavformat/assenc.c b/libavformat/assenc.c index 85a1e53371..6ecfb04517 100644 --- a/libavformat/assenc.c +++ b/libavformat/assenc.c @@ -70,8 +70,9 @@ static int write_header(AVFormatContext *s) ass->trailer = trailer; } + header_size = av_strnlen(par->extradata, header_size); avio_write(s->pb, par->extradata, header_size); - if (par->extradata[header_size - 1] != '\n') + if (header_size && par->extradata[header_size - 1] != '\n') avio_write(s->pb, "\r\n", 2); ass->ssa_mode = !strstr(par->extradata, "\n[V4+ Styles]"); if (!strstr(par->extradata, "\n[Events]"))
When writing a subtitle SSA/ASS subtitle file, the AVCodecParameters::extradata buffer is written directly to the output. In the case where the buffer is filled from a matroska source file produced by some older versions of Handbrake, this buffer ends with a null terminating character, which is then erroneously copied into the middle of the output file. The change here avoids this problem by treating it as a string rather than a raw buffer. This way it is agnostic as to whether the source buffer was null terminated or not. Fixes ticket #10203. Reported-by: Tim Angus <tim at ngus.net> Signed-off-by: Marton Balint <cus@passwd.hu> --- libavformat/assenc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)