From patchwork Sat Dec 30 13:36:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Carl Eugen Hoyos X-Patchwork-Id: 7030 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.2.79.195 with SMTP id r64csp11629027jad; Sat, 30 Dec 2017 05:37:10 -0800 (PST) X-Google-Smtp-Source: ACJfBovM8yn1TbHLs52pmDAwRJESeB9uKjpxIuRUVB5TL7e33HaMb6CD0KigIY4PtYEisBOSWzxj X-Received: by 10.223.153.72 with SMTP id x66mr40038859wrb.209.1514641030483; Sat, 30 Dec 2017 05:37:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1514641030; cv=none; d=google.com; s=arc-20160816; b=acpwDT/yiB/EmoyDr8av4sOnOleGvXEcgb0+9r0FiPm+Fxo/r+0FnAPcXGsqOkLP8z wxmZPKNBc2lkqTQRdzIn1H54oYooR+sDq1pYmIYRMapLTY/T2+MamJ4K7ZuCpZadb7lI QnyvO5dKEwok66fYlpZBZVedPY6rnHKJRCXeOBfWGYnyb6J5k1UkBKpZvhTPhKgpgH+Q dN2zBF9cjTMKec9KoiG7fWTfCyqLm/37d4ujKBoI9FbsU2C7JK6WDJR/cpJka40Welq7 W5AQED4UvR+IqjSKoj4o/wSnXNnRTvqhBrZT7zBXcdLtx/qpVe3Emx1sUx2aRrSyJYDa NYEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:to :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:delivered-to:arc-authentication-results; bh=P2pPwUW5U/Fkrt/adX+GPOrZ4wV50sgizX6em82Amhs=; b=lYQU8miIR9T/iAoTVQ4hYbomUiad5HYqYCK7k+XUeagU3CXE5Sb1bH2jfVKAhUv/PE FhAC3mC/V8mvAgPilZqLgBkVgCTJI5Sm9sUuPLpqxlhvLo+nQAXdqIx8mSf8PA2+wjNz xuPuL1CZwO9Q2AdpX6PN9erxsHuBQ1WZUyslPRLkzB6H0P8ORxoEZHGZOAmXfLz8KChg W4aubZxXXK2NlhKsnxlSQOCb5/5c9kLiBQbtUHyAecj3tDDUIT8KT+KcItc+NEERtX8E I0rdfrDUj1qyw24Loy1ycfx85e/cu7jt0nuQBRJUO6BTiri7VN7BF4wJvyq0mV+Zt3Fd C9gw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b=r5AX8RKx; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 132si17764119wmj.259.2017.12.30.05.37.09; Sat, 30 Dec 2017 05:37:10 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20161025 header.b=r5AX8RKx; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 78210689C54; Sat, 30 Dec 2017 15:36:53 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-io0-f176.google.com (mail-io0-f176.google.com [209.85.223.176]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 124E7689B6A for ; Sat, 30 Dec 2017 15:36:47 +0200 (EET) Received: by mail-io0-f176.google.com with SMTP id i143so23364520ioa.3 for ; Sat, 30 Dec 2017 05:37:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=9fNUfm0KJojKcemLqkcJIgRLy/p5VKY/cIa/S2wBWMI=; b=r5AX8RKx0UpJ6ZgQsvYXgXWHaPHWBTB+UgNgG/BJz2Q57RZ0NSUgmZ7/nxm+oizj1S 9a2Mtkvp+iAJ8qfanzEznfhPn42b9Y8/5hFgJsADC23jv+udcGnU4uVLlMpElYMdAhdi tMh3gazz9C9Ax29TapbS3OCDl2oRSmmb87j+7jwWZg2xpq81jKtsj6AX5R3I3uaTeEti Em4zQW2bSYrSDwQmUZjkFR81xCA9JymzBwX2ptTgrC8dc1Mu/tHWNBjOHB+b8+PVJZ1v IMf961yhwOADdLtLFS26URl4urfNBliAyF/oj2RklLqIonzpXkrfB75I3pCMyFiIXApP jh5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=9fNUfm0KJojKcemLqkcJIgRLy/p5VKY/cIa/S2wBWMI=; b=HmHv9nXUCPouln4+OJKKyMT9i7DCGBTuXsMgks5HKtPaIPdtjnx3AL0p0H6UPDtlyu ErpzUtr6hjxuaMKQHs7NbwzGvPfX7U8dXvkRUx7/iaAvlnOzLgKjQoO0kV+smX60F5Yh IN3l+VpVIZBP9+9JGyYB+A+u42LOCEHiGbDpIkpMMItG+PAklcY/d35NPFTfkE16ooZk VO2XIbWMHHi1RYXt/pkcqGKy37WOk6KOmo7EsMtrhr+edCb8XUy2K5PwlN9WsCgrja2c 8BweBODdVdFByPQFUoFEweJ1WDvpzBYknVPra7k4Gk9kNL09KSX5MEJ0+xe0SnLiHDd/ 9Ifw== X-Gm-Message-State: AKGB3mIgQ/YaIP6egwKM8Arle5TOwSHevJvxLssT20acx3UtkhF/1IJc /mPVmqxCK1dZCfkWrF0itCRejlYQEJTwd0df2aw= X-Received: by 10.107.36.195 with SMTP id k186mr53901659iok.9.1514641020325; Sat, 30 Dec 2017 05:37:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.119.211 with HTTP; Sat, 30 Dec 2017 05:36:39 -0800 (PST) In-Reply-To: References: <20171128203239.GC4636@nb4> From: Carl Eugen Hoyos Date: Sat, 30 Dec 2017 14:36:39 +0100 Message-ID: To: FFmpeg development discussions and patches Subject: Re: [FFmpeg-devel] [PATCH]lavf/mov: Do not blindly allocate stts entries X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" 2017-12-29 23:37 GMT+01:00 Carl Eugen Hoyos : > 2017-11-28 21:32 GMT+01:00 Michael Niedermayer : >> On Mon, Nov 27, 2017 at 05:24:14AM +0100, Carl Eugen Hoyos wrote: > >>> for (i = 0; i < entries && !pb->eof_reached; i++) { >>> - int sample_duration; >>> + int sample_duration, ret; >>> unsigned int sample_count; >>> + if (i > sc->stts_count) { >>> + ret = av_reallocp_array(&sc->stts_data, >>> + FFMIN(sc->stts_count * 2LL, entries), >>> + sizeof(*sc->stts_data)); >> >> this should use a variant of av_fast_realloc > > Do you prefer the new patch? > The old variant here looks slightly saner to me. Attached is what you possibly had in mind. Please review, Carl Eugen From f5fcd9ed1e5ce604c358a3787f1977277005ebb5 Mon Sep 17 00:00:00 2001 From: Carl Eugen Hoyos Date: Sat, 30 Dec 2017 14:34:41 +0100 Subject: [PATCH] lavf/mov: Use av_fast_realloc() in mov_read_stts(). Avoids large allocations for short files with invalid stts entry. Fixes bugzilla 1102. --- libavformat/mov.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/libavformat/mov.c b/libavformat/mov.c index 2064473..1e97652 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -2850,13 +2850,22 @@ static int mov_read_stts(MOVContext *c, AVIOContext *pb, MOVAtom atom) av_log(c->fc, AV_LOG_WARNING, "Duplicated STTS atom\n"); av_free(sc->stts_data); sc->stts_count = 0; - sc->stts_data = av_malloc_array(entries, sizeof(*sc->stts_data)); - if (!sc->stts_data) + if (entries >= INT_MAX / sizeof(*sc->stts_data)) return AVERROR(ENOMEM); for (i = 0; i < entries && !pb->eof_reached; i++) { int sample_duration; unsigned int sample_count; + unsigned alloc_size = 0, min_entries = FFMIN(FFMAX(i, 1024 * 1024), entries); + MOVStts *stts_data = av_fast_realloc(sc->stts_data, &alloc_size, + min_entries * sizeof(*sc->stts_data)); + if (!stts_data) { + av_freep(&sc->stts_data); + sc->stts_count = 0; + return AVERROR(ENOMEM); + } + sc->stts_count = min_entries; + sc->stts_data = stts_data; sample_count=avio_rb32(pb); sample_duration = avio_rb32(pb); -- 1.7.10.4