From patchwork Thu Jun  8 23:51:15 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hendi <finalcountdown72@googlemail.com>
X-Patchwork-Id: 42020
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:c526:b0:117:ac03:c9de with SMTP id
 gm38csp760705pzb;
        Thu, 8 Jun 2023 16:51:29 -0700 (PDT)
X-Google-Smtp-Source: 
 ACHHUZ6jKBVd3e0mCOTkvwiOCsm46q1ligNfcfH2lkV3a7Rv1gg4ZGuoiTJQZw6Fm02yijPAyD4f
X-Received: by 2002:a17:907:3185:b0:968:2b4a:aba3 with SMTP id
 xe5-20020a170907318500b009682b4aaba3mr67539ejb.5.1686268288914;
        Thu, 08 Jun 2023 16:51:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1686268288; cv=none;
        d=google.com; s=arc-20160816;
        b=rpI3k5PDAJhhwrwBqKylLwxk6cFJVqRUFwsTNUDaPKUh1L6QyNTjmq+7sUTRxLE0BD
         uAd0iD7T5zSWCcRKf4pDf3sFkuFluIzwQWwJpZB+nDvROsfJOwMspAq90yq3f5mbgke+
         8JBOtf32axoLtCDEnQxOc/r5a/HbMVZhmFQbDmrLKzEHh9HR7A3Xe0mOGrvCo2DPk936
         pkEa4kq5Zgr3i8PsV3BQviqsU5uHdTM3cc2guKDKWVuPlyP3JdmVSnNO/5Z3TDYjbiC2
         JgtJ5TR0fSFroNGpv4v3xx03oyVoOwtw70Wprm0E4wshNxai9ZnsBGTZhTAxsPsJWbg6
         9JZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe
         :list-help:list-post:list-archive:list-unsubscribe:list-id
         :precedence:subject:content-language:to:from:user-agent:mime-version
         :date:message-id:dkim-signature:delivered-to;
        bh=nbymqGgrZ8V5jeE9LMRj2vp3ZcYuEcmjAwfN/HsmXbg=;
        b=YRSv5Gh5UMbMRqMaJ96h0BKrvhqWhczCr8Fw0QhKlE3nsjV8X7itVLucdA4pOuwXmL
         wkScNc0+7Gdt+S3HIYpAmSgrgKa74OgBOEHGF7qgXDJKX6QDcGSOn1bvR/RY8ybVxbWl
         qjb6+Gm2jviQpibQA/ytcrGu7QgsM0RXZeez9Ij5m/YJIWtgYvewH0y3yoEArPN6tbqK
         9a5iss6oDzkBG2H0NwTq9s6NgyG5iIQZ9WFCFH2RKGxbyOuHSuwmSoMK3St2z6OAiDie
         cM0BHUmovAO1Wxb6O1A3lZG0ehbdvCzvqyhcGl7BOxTOqsHtOeuyR6IKToYIALB/3Kcd
         Co2g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@googlemail.com
 header.s=20221208 header.b=Zl+i9WpR;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE)
 header.from=googlemail.com
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 kq15-20020a170906abcf00b0097839dc85dfsi589510ejb.317.2023.06.08.16.51.28;
        Thu, 08 Jun 2023 16:51:28 -0700 (PDT)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@googlemail.com
 header.s=20221208 header.b=Zl+i9WpR;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE)
 header.from=googlemail.com
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 0863A68C218;
	Fri,  9 Jun 2023 02:51:24 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-ej1-f67.google.com (mail-ej1-f67.google.com
 [209.85.218.67])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 04EFA68BFCC
 for <ffmpeg-devel@ffmpeg.org>; Fri,  9 Jun 2023 02:51:17 +0300 (EEST)
Received: by mail-ej1-f67.google.com with SMTP id
 a640c23a62f3a-977e7d6945aso222608566b.2
 for <ffmpeg-devel@ffmpeg.org>; Thu, 08 Jun 2023 16:51:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20221208; t=1686268277; x=1688860277;
 h=content-transfer-encoding:content-language:to:subject:from
 :user-agent:mime-version:date:message-id:from:to:cc:subject:date
 :message-id:reply-to;
 bh=etfmnGHn03pn7Gdqwa6Whmnj4piXKMoYaZA50uvj8ag=;
 b=Zl+i9WpRyLMUulhl4Z2gN/znr2yaD72bjnU7MGi0ZMIgGwmvbFsn4mzYLyjI/KPyYX
 VpFUQ74tpQVwgSmkZzA/6YYM3BpYo22oVJjeLhfZqZd9lw3VnxpkcJuU6V6U14/GYqzl
 OGv/Z/yd1cxNPz61RNhdPRAvP52gXtBcu4MfpSmq4yvBXFUTbn/Ltgs9kvWhSpLLF9rb
 7yf+HpND0o2bhchULbjnnrba5IfDMz9xmfUAfge37KiwS3H9e3UNZ8nitQLj7K2m5cPd
 +TQF4pPqYw6pYXsUjafeJMvPRfY+d6C0JwgQPRbXNRQjXuHc91dm6a905s5EmsF6r772
 CD1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1686268277; x=1688860277;
 h=content-transfer-encoding:content-language:to:subject:from
 :user-agent:mime-version:date:message-id:x-gm-message-state:from:to
 :cc:subject:date:message-id:reply-to;
 bh=etfmnGHn03pn7Gdqwa6Whmnj4piXKMoYaZA50uvj8ag=;
 b=O6arRfwr40WsvhPIqY4qs0x8QKyIWkopgXGeLEAoEfTbFpNl+14+MX13wGRNJMq5wp
 UORKgziG3LljheylCYzRC6W0oGyIhEDl6KvKadI6ohioPPr4YpA6QZ66LmETfJImCmRt
 zfO1BF/1AKySLx0W/AJVSClKaQVQr1JAce/86T2FzXtnlwgPyWYpAtAD4plNoAwsaRYf
 DuXQ6AT+YdtzwrzC1tHWeV7dpM4EyMI4tDbwYlUAvGojn549r5SG4JaapNZLpeOxbkjQ
 12PWN8QGCdXA4+FEIkFji5ITXTdTvj0AY3q96d8mZjODWGDo8+tz6a1b21CKFf6PQIld
 oIOQ==
X-Gm-Message-State: AC+VfDzPaWSbytqlpdY15rghYZ8gOPZJITKf6bjWycE8PM84Y55krciI
 AjA8XARPgyu6kf/nu3G+6/fcQnjyqm5DZycbXZA=
X-Received: by 2002:a17:906:519a:b0:973:a685:10cf with SMTP id
 y26-20020a170906519a00b00973a68510cfmr8841ejk.77.1686268277018;
 Thu, 08 Jun 2023 16:51:17 -0700 (PDT)
Received: from [10.1.101.240] ([81.95.5.39]) by smtp.gmail.com with ESMTPSA id
 qp18-20020a170907207200b009786b73974fsm489294ejb.145.2023.06.08.16.51.16
 for <ffmpeg-devel@ffmpeg.org>
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Thu, 08 Jun 2023 16:51:16 -0700 (PDT)
Message-ID: <3b2f7e96-4cb6-cabe-8d0e-eb3beb965e93@googlemail.com>
Date: Fri, 9 Jun 2023 01:51:15 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Betterbird/91.10.0
From: Hendi <finalcountdown72@googlemail.com>
To: ffmpeg-devel@ffmpeg.org
Content-Language: en-US
Subject: [FFmpeg-devel] [PATCH] avformat/mov: Don't allocate unnecessarily
 large blocks of memory
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: rGHq0+8S+Fqb

mov_try_read_block is regularly called with sizes such as 48 bytes,
but would allocate 1 MiB each time, hogging more and more memory
until playback ends.

Fixes #7641 and #9243.

Signed-off-by: Hendi <hendi48@freenet.de>
---
  libavformat/mov.c | 3 +++
  1 file changed, 3 insertions(+)

          unsigned int to_read = FFMIN(size, alloc_size) - offset;
          if (!new_buffer) {

diff --git a/libavformat/mov.c b/libavformat/mov.c
index a8d004e02b..2e4df42256 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -6662,6 +6662,9 @@ static int mov_try_read_block(AVIOContext *pb, 
size_t size, uint8_t **data)
      while (offset < size) {
          unsigned int new_size =
              alloc_size >= INT_MAX - block_size ? INT_MAX : alloc_size 
+ block_size;
+        if (size < new_size) {
+            new_size = size;
+        }
          uint8_t *new_buffer = av_fast_realloc(buffer, &alloc_size, 
new_size);