From patchwork Thu Jul 27 17:40:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Reimar_D=C3=B6ffinger?=
 <Reimar.Doeffinger@gmx.de>
X-Patchwork-Id: 43006
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:7927:b0:130:ccc6:6c4b with SMTP id b39csp137785pzg;
        Thu, 27 Jul 2023 10:41:06 -0700 (PDT)
X-Google-Smtp-Source: 
 APBJJlElgitoUrb6uQ/sCD2ghbReyU+wVZ7vUd5/aerk0i15uRIuXgG0w+I9+BDjKoI4Du22O1nx
X-Received: by 2002:a2e:9048:0:b0:2b9:acad:b4b2 with SMTP id
 n8-20020a2e9048000000b002b9acadb4b2mr2686089ljg.6.1690479666203;
        Thu, 27 Jul 2023 10:41:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690479666; cv=none;
        d=google.com; s=arc-20160816;
        b=b805T1AqCxSoEtb5S6knldsqd/ooqxW5NUsLMJzjxXP41+RphSpICzfwiLTBpLV429
         hJS/9nrh5XIKKp8Ztw+Rzk/xsmRQM4c4JPb6nxVZHx3fVf2SHnFBD0U9lgiHZinGdWFc
         0SAf0c2JuE29UZys+slvnPcC84tnDfoLueOHNgMpd1ZW75OCLu5B+ivYEQriKi17KNFp
         frzj0c+3fdu8UUW/rcZa2MWsk2pJjUoA48yzbGpxmD8r/JNiNlgt52rgQIMTnfGupkwA
         iaqSYGw73Jkp32RWhv4rb0XWpiQJHe+/rNArlcDZkb4sXKbzUCEDINmoQYDxYuBPWxlT
         0zZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:cc:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:ui-outboundreport:mime-version
         :references:in-reply-to:message-id:date:to:from:delivered-to;
        bh=/hdRLEipE8rKy8bTX1bykg69ktA3Tq3VnnJEYV15MRQ=;
        fh=fXcCBasH1NfrAloNC1XA9V9ZOn3lYYHy05Aa/Q2POE4=;
        b=JsfDWnTLqsYnwduV1KqdzIpm1se1fBlaGUS2+FhvM+dhJ8k/OBKPlSJSh3mjUNhNvX
         S86IcF0x8Wk3h+v3wMLU+zJ4NxU0YRWQTh1jBKGVl54FgfUYNV0CQBQjFqZcHv88KFlE
         xy5S3hSRqAaOY+GQR7kNKYGTRTwxDu3sQ2TGcbiP6p4ZErhQNlUIyigXGZufp/DjVBAu
         idyYcF7j5Fo6EdwhCaz55gKSrN3/HK4fYKUvNi38cbcS4Bx9KLj7O8xTUt/lXpa/cZwI
         5c5ZTOqhPMjBQfXm6OR+aEd05ApaKhGJCR0nuK9ijJoXEsr0kHRXiiBsMEW/+VVBcj1X
         ++Ag==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmx.de
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 j13-20020a17090686cd00b00992ca642517si1325499ejy.104.2023.07.27.10.41.05;
        Thu, 27 Jul 2023 10:41:06 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmx.de
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id BBEFF68CA6E;
	Thu, 27 Jul 2023 20:41:02 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.131])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 63EB168C765
 for <ffmpeg-devel@ffmpeg.org>; Thu, 27 Jul 2023 20:40:56 +0300 (EEST)
Received: from Reimars-Air.fritz.box ([155.4.74.59]) by
 mrelayeu.kundenserver.de (mreue011 [212.227.15.167]) with ESMTPSA (Nemesis)
 id 1MScDh-1qImX02VfF-00StM0; Thu, 27 Jul 2023 19:40:55 +0200
From: Reimar.Doeffinger@gmx.de
To: ffmpeg-devel@ffmpeg.org
Date: Thu, 27 Jul 2023 19:40:51 +0200
Message-Id: <20230727174051.9191-1-Reimar.Doeffinger@gmx.de>
X-Mailer: git-send-email 2.37.1 (Apple Git-137.1)
In-Reply-To: <ZMKqVcJyPsoHq4JD@phare.normalesup.org>
References: <ZMKqVcJyPsoHq4JD@phare.normalesup.org>
MIME-Version: 1.0
X-Provags-ID: V03:K1:gE/EGIqmgp6x0ZM+Oowi/BX++LJ7o3dSWnW3BDP9u/X97z8IPm3
 qk1z1sGWuv4/6M8HAJIb0t1Ha4eNIsjJQZr3ixgTkIkduCG6ZAFeJpS1U0fA+fkvLiAEWTI
 aQDYTACllUVFSOD1vVQDQZXJJXvbtFsOso27gj/udRebQYlaAo5THzgabnambOaUiLekX+A
 Kd0rPHJcssDYntWJly/kg==
X-Spam-Flag: NO
UI-OutboundReport: notjunk:1;M01:P0:Ua1DmLSeuGM=;MuEDoSZ+LtG+4/9c5IFV5C661FW
 Dfm6CrtZbbuGxpYIEVUWGYGKCKmkF1pkDimwxsmGMWGGuIX21uxXqV7Y7YuxYBlnogimruAX/
 LNfhf1q2bTCYOc5ZdYbse51N+GcIrFgHEZdN2pJIK5GhqeNlcLiw7OHrQ7i5A7277qn69qSI3
 OQCKUVD18NBDrExk64abBwT4KLeAEM/fyycfZCzbvCnAHpKNexUwg23m1mB9ch/YfIafZV8yD
 aNmtEZxJREgQhdL5rmuvFNIEXaP1/OlfXYvV4TO6pbaNXddURQscQUMU3Zeh0rWKVlYYM2CA7
 tvEbapX7Pyb+rlIbAbFC3Yaf4QA3BnS/FV0GlnFDE9KE4RAQHW+xiJ1Txlary7er89erjxtfX
 MLfE6jDR2ewwv6vcKmJfWKaOPCY84+PHn60WxlFxMuu/uiC3SJHUI1DJT9k39+P4S9gukOOla
 b1kF0TEt1+SJ272Mz2L5weia38a3iqC7goREYrxVT8l19Wy9uYEl1sbxTUIgskxaIne+M6MYZ
 psfsenMMUmvslGBmIHuS3kt+IAq+T+spBRQ2hJ51aYMRZbD2V9XaaelKSafSMtHydpdLtI5U/
 +5m8DOEj2x+rFIdorFJiwKRMVsUK7Ms2cnpOh535fSQe3euszVj9jqMSXnmH5ITT43l8uGcnR
 Cg3j3cdJjDvFpDlmQPkCcYmMeXbq+XZLNJ8898XtU1Hyd3950n884Y1h0zl9mfKnP6sCjUHvF
 UWqi71uJAJOQTuHfhKOc/XqsFpv2/BQ+bTgwjXOUH1izvGxr1LADk5frX6F2LTYUl30uyJm3U
 rmGkDRqsLXZ77I6iW3nIKatNHs7YEACEEjkFQ5RoZ94b0f1VaijF9TU93e+67FsnPQMQUk5IT
 tR3POBz1SIOcC2g==
Subject: [FFmpeg-devel] [PATCH] libavformat: fix incorrect handling of
 incomplete AVBPrint.
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: =?utf-8?q?Reimar_D=C3=B6ffinger?= <Reimar.Doeffinger@gmx.de>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: /D7e2Ne0LlKf

From: Reimar Döffinger <Reimar.Doeffinger@gmx.de>

Change some internal APIs a bit to make it harder to make
such mistakes.
In particular, have the read chunk functions return an error
when the result is incomplete.
This might be less flexible, but since there has been no
use-case for that so far, avoiding coding mistakes seems better.
Add a function to queue a AVBPrint directly (ff_subtitles_queue_insert_bprint).
Also fixes a leak in lrcdec when ff_subtitles_queue_insert fails.

Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
---
 libavformat/assdec.c         |  4 +++-
 libavformat/lrcdec.c         |  7 ++++++-
 libavformat/mpsubdec.c       |  5 +++--
 libavformat/realtextdec.c    |  6 +++++-
 libavformat/samidec.c        |  6 +++++-
 libavformat/srtdec.c         |  4 +++-
 libavformat/subtitles.c      | 19 +++++++++++++++----
 libavformat/subtitles.h      | 14 ++++++++++++--
 libavformat/tedcaptionsdec.c |  2 +-
 libavformat/webvttdec.c      |  4 +++-
 10 files changed, 56 insertions(+), 15 deletions(-)

diff --git a/libavformat/assdec.c b/libavformat/assdec.c
index 0915f6fafd..bf7b8a73a2 100644
--- a/libavformat/assdec.c
+++ b/libavformat/assdec.c
@@ -73,6 +73,8 @@ static int read_dialogue(ASSContext *ass, AVBPrint *dst, const uint8_t *p,
 
         av_bprint_clear(dst);
         av_bprintf(dst, "%u,%d,%s", ass->readorder++, layer, p + pos);
+        if (!av_bprint_is_complete(dst))
+            return AVERROR(ENOMEM);
 
         /* right strip the buffer */
         while (dst->len > 0 &&
@@ -135,7 +137,7 @@ static int ass_read_header(AVFormatContext *s)
             av_bprintf(&header, "%s", line.str);
             continue;
         }
-        sub = ff_subtitles_queue_insert(&ass->q, rline.str, rline.len, 0);
+        sub = ff_subtitles_queue_insert_bprint(&ass->q, &rline, 0);
         if (!sub) {
             res = AVERROR(ENOMEM);
             goto end;
diff --git a/libavformat/lrcdec.c b/libavformat/lrcdec.c
index fff39495f8..83bb4a4b75 100644
--- a/libavformat/lrcdec.c
+++ b/libavformat/lrcdec.c
@@ -171,6 +171,8 @@ static int lrc_read_header(AVFormatContext *s)
 
     while(!avio_feof(s->pb)) {
         int64_t pos = read_line(&line, s->pb);
+        if (!av_bprint_is_complete(&line))
+            goto err_nomem_out;
         int64_t header_offset = find_header(line.str);
         if(header_offset >= 0) {
             char *comma_offset = strchr(line.str, ':');
@@ -205,7 +207,7 @@ static int lrc_read_header(AVFormatContext *s)
                 sub = ff_subtitles_queue_insert(&lrc->q, line.str + ts_strlength,
                                                 line.len - ts_strlength, 0);
                 if (!sub)
-                    return AVERROR(ENOMEM);
+                    goto err_nomem_out;
                 sub->pos = pos;
                 sub->pts = ts_start - lrc->ts_offset;
                 sub->duration = -1;
@@ -216,6 +218,9 @@ static int lrc_read_header(AVFormatContext *s)
     ff_metadata_conv_ctx(s, NULL, ff_lrc_metadata_conv);
     av_bprint_finalize(&line, NULL);
     return 0;
+err_nomem_out:
+    av_bprint_finalize(&line, NULL);
+    return AVERROR(ENOMEM);
 }
 
 const AVInputFormat ff_lrc_demuxer = {
diff --git a/libavformat/mpsubdec.c b/libavformat/mpsubdec.c
index d290a41fb9..0374563575 100644
--- a/libavformat/mpsubdec.c
+++ b/libavformat/mpsubdec.c
@@ -116,9 +116,10 @@ static int mpsub_read_header(AVFormatContext *s)
             AVPacket *sub;
             const int64_t pos = avio_tell(s->pb);
 
-            ff_subtitles_read_chunk(s->pb, &buf);
+            res = ff_subtitles_read_chunk(s->pb, &buf);
+            if (res < 0) goto end;
             if (buf.len) {
-                sub = ff_subtitles_queue_insert(&mpsub->q, buf.str, buf.len, 0);
+                sub = ff_subtitles_queue_insert_bprint(&mpsub->q, &buf, 0);
                 if (!sub) {
                     res = AVERROR(ENOMEM);
                     goto end;
diff --git a/libavformat/realtextdec.c b/libavformat/realtextdec.c
index c281dec346..7992a5b7fc 100644
--- a/libavformat/realtextdec.c
+++ b/libavformat/realtextdec.c
@@ -80,6 +80,10 @@ static int realtext_read_header(AVFormatContext *s)
         const int64_t pos = ff_text_pos(&tr) - (c != 0);
         int n = ff_smil_extract_next_text_chunk(&tr, &buf, &c);
 
+        if (n < 0) {
+            res = n;
+            goto end;
+        }
         if (n == 0)
             break;
 
@@ -103,7 +107,7 @@ static int realtext_read_header(AVFormatContext *s)
             /* if we just read a <time> tag, introduce a new event, otherwise merge
              * with the previous one */
             int merge = !av_strncasecmp(buf.str, "<time", 5) ? 0 : 1;
-            sub = ff_subtitles_queue_insert(&rt->q, buf.str, buf.len, merge);
+            sub = ff_subtitles_queue_insert_bprint(&rt->q, &buf, merge);
             if (!sub) {
                 res = AVERROR(ENOMEM);
                 goto end;
diff --git a/libavformat/samidec.c b/libavformat/samidec.c
index 0da299343d..070b623ebf 100644
--- a/libavformat/samidec.c
+++ b/libavformat/samidec.c
@@ -68,6 +68,10 @@ static int sami_read_header(AVFormatContext *s)
         const int64_t pos = ff_text_pos(&tr) - (c != 0);
         int is_sync, is_body, n = ff_smil_extract_next_text_chunk(&tr, &buf, &c);
 
+        if (n < 0) {
+            res = n;
+            goto end;
+        }
         if (n == 0)
             break;
 
@@ -84,7 +88,7 @@ static int sami_read_header(AVFormatContext *s)
         if (!got_first_sync_point) {
             av_bprintf(&hdr_buf, "%s", buf.str);
         } else {
-            sub = ff_subtitles_queue_insert(&sami->q, buf.str, buf.len, !is_sync);
+            sub = ff_subtitles_queue_insert_bprint(&sami->q, &buf, !is_sync);
             if (!sub) {
                 res = AVERROR(ENOMEM);
                 av_bprint_finalize(&hdr_buf, NULL);
diff --git a/libavformat/srtdec.c b/libavformat/srtdec.c
index bf02450555..635c1550b9 100644
--- a/libavformat/srtdec.c
+++ b/libavformat/srtdec.c
@@ -97,12 +97,14 @@ static int add_event(FFDemuxSubtitlesQueue *q, AVBPrint *buf, char *line_cache,
     if (append_cache && line_cache[0])
         av_bprintf(buf, "%s\n", line_cache);
     line_cache[0] = 0;
+    if (!av_bprint_is_complete(buf))
+        return AVERROR(ENOMEM);
 
     while (buf->len > 0 && buf->str[buf->len - 1] == '\n')
         buf->str[--buf->len] = 0;
 
     if (buf->len) {
-        AVPacket *sub = ff_subtitles_queue_insert(q, buf->str, buf->len, 0);
+        AVPacket *sub = ff_subtitles_queue_insert_bprint(q, buf, 0);
         if (!sub)
             return AVERROR(ENOMEM);
         av_bprint_clear(buf);
diff --git a/libavformat/subtitles.c b/libavformat/subtitles.c
index 3ba5e2b217..6c221e4b29 100644
--- a/libavformat/subtitles.c
+++ b/libavformat/subtitles.c
@@ -145,6 +145,14 @@ AVPacket *ff_subtitles_queue_insert(FFDemuxSubtitlesQueue *q,
     return sub;
 }
 
+AVPacket *ff_subtitles_queue_insert_bprint(FFDemuxSubtitlesQueue *q,
+                                           const AVBPrint *event, int merge)
+{
+    if (!av_bprint_is_complete(event))
+        return NULL;
+    return ff_subtitles_queue_insert(q, event->str, event->len, merge);
+}
+
 static int cmp_pkt_sub_ts_pos(const void *a, const void *b)
 {
     const AVPacket *s1 = *(const AVPacket **)a;
@@ -347,13 +355,15 @@ int ff_smil_extract_next_text_chunk(FFTextReader *tr, AVBPrint *buf, char *c)
     do {
         av_bprint_chars(buf, *c, 1);
         *c = ff_text_r8(tr);
+        if (i == INT_MAX)
+            return AVERROR_INVALIDDATA;
         i++;
     } while (*c != end_chr && *c);
     if (end_chr == '>') {
         av_bprint_chars(buf, '>', 1);
         *c = 0;
     }
-    return i;
+    return av_bprint_is_complete(buf) ? i : AVERROR(ENOMEM);
 }
 
 const char *ff_smil_get_attr_ptr(const char *s, const char *attr)
@@ -381,7 +391,7 @@ static inline int is_eol(char c)
     return c == '\r' || c == '\n';
 }
 
-void ff_subtitles_read_text_chunk(FFTextReader *tr, AVBPrint *buf)
+int ff_subtitles_read_text_chunk(FFTextReader *tr, AVBPrint *buf)
 {
     char eol_buf[5], last_was_cr = 0;
     int n = 0, i = 0, nb_eol = 0;
@@ -421,15 +431,16 @@ void ff_subtitles_read_text_chunk(FFTextReader *tr, AVBPrint *buf)
         av_bprint_chars(buf, c, 1);
         n++;
     }
+    return av_bprint_is_complete(buf) ? 0 : AVERROR(ENOMEM);
 }
 
-void ff_subtitles_read_chunk(AVIOContext *pb, AVBPrint *buf)
+int ff_subtitles_read_chunk(AVIOContext *pb, AVBPrint *buf)
 {
     FFTextReader tr;
     tr.buf_pos = tr.buf_len = 0;
     tr.type = 0;
     tr.pb = pb;
-    ff_subtitles_read_text_chunk(&tr, buf);
+    return ff_subtitles_read_text_chunk(&tr, buf);
 }
 
 ptrdiff_t ff_subtitles_read_line(FFTextReader *tr, char *buf, size_t size)
diff --git a/libavformat/subtitles.h b/libavformat/subtitles.h
index 4460efacf3..f6688b71d7 100644
--- a/libavformat/subtitles.h
+++ b/libavformat/subtitles.h
@@ -120,6 +120,12 @@ typedef struct {
 AVPacket *ff_subtitles_queue_insert(FFDemuxSubtitlesQueue *q,
                                     const uint8_t *event, size_t len, int merge);
 
+/**
+ * Same as ff_subtitles_queue_insert but takes an AVBPrint input.
+ * Avoids common errors like handling incomplete AVBPrint.
+ */
+AVPacket *ff_subtitles_queue_insert_bprint(FFDemuxSubtitlesQueue *q,
+                                           const AVBPrint *event, int merge);
 /**
  * Set missing durations, sort subtitles by PTS (and then byte position), and
  * drop duplicated events.
@@ -155,6 +161,7 @@ int ff_subtitles_read_close(AVFormatContext *s);
  * SMIL helper to load next chunk ("<...>" or untagged content) in buf.
  *
  * @param c cached character, to avoid a backward seek
+ * @return size of chunk or error, e.g. AVERROR(ENOMEM) on incomplete buf
  */
 int ff_smil_extract_next_text_chunk(FFTextReader *tr, AVBPrint *buf, char *c);
 
@@ -169,7 +176,8 @@ const char *ff_smil_get_attr_ptr(const char *s, const char *attr);
 /**
  * @brief Same as ff_subtitles_read_text_chunk(), but read from an AVIOContext.
  */
-void ff_subtitles_read_chunk(AVIOContext *pb, AVBPrint *buf);
+av_warn_unused_result
+int ff_subtitles_read_chunk(AVIOContext *pb, AVBPrint *buf);
 
 /**
  * @brief Read a subtitles chunk from FFTextReader.
@@ -181,10 +189,12 @@ void ff_subtitles_read_chunk(AVIOContext *pb, AVBPrint *buf);
  *
  * @param tr  I/O context
  * @param buf an initialized buf where the chunk is written
+ * @return 0 on success, error value otherwise, e.g. AVERROR(ENOMEM) if buf is incomplete
  *
  * @note buf is cleared before writing into it.
  */
-void ff_subtitles_read_text_chunk(FFTextReader *tr, AVBPrint *buf);
+av_warn_unused_result
+int ff_subtitles_read_text_chunk(FFTextReader *tr, AVBPrint *buf);
 
 /**
  * Get the number of characters to increment to jump to the next line, or to
diff --git a/libavformat/tedcaptionsdec.c b/libavformat/tedcaptionsdec.c
index 31197349b0..a8aa9d9cf9 100644
--- a/libavformat/tedcaptionsdec.c
+++ b/libavformat/tedcaptionsdec.c
@@ -244,7 +244,7 @@ static int parse_file(AVIOContext *pb, FFDemuxSubtitlesQueue *subs)
             ret = AVERROR_INVALIDDATA;
             goto fail;
         }
-        pkt = ff_subtitles_queue_insert(subs, content.str, content.len, 0);
+        pkt = ff_subtitles_queue_insert_bprint(subs, &content, 0);
         if (!pkt) {
             ret = AVERROR(ENOMEM);
             goto fail;
diff --git a/libavformat/webvttdec.c b/libavformat/webvttdec.c
index 52320ba7d1..0b2fc77168 100644
--- a/libavformat/webvttdec.c
+++ b/libavformat/webvttdec.c
@@ -81,7 +81,9 @@ static int webvtt_read_header(AVFormatContext *s)
         size_t identifier_len, settings_len;
         int64_t ts_start, ts_end;
 
-        ff_subtitles_read_chunk(s->pb, &cue);
+        res = ff_subtitles_read_chunk(s->pb, &cue);
+        if (res < 0)
+            goto end;
 
         if (!cue.len)
             break;