virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-04-08 16:54:03 +02:00
Code Issues Releases Activity

lavc/libaribb24: add error handling to region handling

Browse Source 
Fixes some rather embarrassing mistakes that somehow passed my
eyes.

* Now catches if memory allocation has failed during bprint usage
  by checking av_bprint_is_complete().
* Now catches if adding an ASS rectangle into an AVSubtitle failed.
* Returns AVERROR_INVALIDDATA if we get an invalid region buffer
  length.
This commit is contained in:
Jan Ekström 2019-02-11 01:54:26 +02:00
parent 84e7aff608
commit 4beccf400d
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
libavcodec/libaribb24.c
View File

@ -204,12 +204,13 @@ static int libaribb24_close(AVCodecContext *avctx)
#define RGB_TO_BGR(c) ((c & 0xff) << 16 | (c & 0xff00) | ((c >> 16) & 0xff)) #define RGB_TO_BGR(c) ((c & 0xff) << 16 | (c & 0xff00) | ((c >> 16) & 0xff))
static void libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub) static int libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub)
{ {
Libaribb24Context *b24 = avctx->priv_data; Libaribb24Context *b24 = avctx->priv_data;
const arib_buf_region_t *region = arib_decoder_get_regions(b24->decoder); const arib_buf_region_t *region = arib_decoder_get_regions(b24->decoder);
unsigned int profile_font_size = get_profile_font_size(avctx->profile); unsigned int profile_font_size = get_profile_font_size(avctx->profile);
AVBPrint buf = { 0 }; AVBPrint buf = { 0 };
int ret = 0;
av_bprint_init(&buf, 0, AV_BPRINT_SIZE_UNLIMITED); av_bprint_init(&buf, 0, AV_BPRINT_SIZE_UNLIMITED);
@ -224,6 +225,7 @@ static void libaribb24_handle_regions(AVCodecContext *avctx, AVSubtitle *sub)
if (region_length < 0) { if (region_length < 0) {
av_log(avctx, AV_LOG_ERROR, "Invalid negative region length!\n"); av_log(avctx, AV_LOG_ERROR, "Invalid negative region length!\n");
ret = AVERROR_INVALIDDATA;
break; break;
} }
@ -264,12 +266,20 @@ next_region:
region = region->p_next; region = region->p_next;
} }
av_log(avctx, AV_LOG_DEBUG, "Styled ASS line: %s\n", if (!av_bprint_is_complete(&buf))
buf.str); ret = AVERROR(ENOMEM);
ff_ass_add_rect(sub, buf.str, b24->read_order++,
0, NULL, NULL); if (ret == 0) {
av_log(avctx, AV_LOG_DEBUG, "Styled ASS line: %s\n",
buf.str);
ret = ff_ass_add_rect(sub, buf.str, b24->read_order++,
0, NULL, NULL);
}
av_bprint_finalize(&buf, NULL); av_bprint_finalize(&buf, NULL);
return ret;
} }
static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr, AVPacket *pkt) static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr, AVPacket *pkt)
@ -281,6 +291,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr
const unsigned char *parsed_data = NULL; const unsigned char *parsed_data = NULL;
char *decoded_subtitle = NULL; char *decoded_subtitle = NULL;
time_t subtitle_duration = 0; time_t subtitle_duration = 0;
int ret = 0;
if (pkt->size <= 0) if (pkt->size <= 0)
return pkt->size; return pkt->size;
@ -332,7 +343,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr
avctx->time_base.num, avctx->time_base.den); avctx->time_base.num, avctx->time_base.den);
if (decoded_subtitle) if (decoded_subtitle)
libaribb24_handle_regions(avctx, sub); ret = libaribb24_handle_regions(avctx, sub);
*got_sub_ptr = sub->num_rects > 0; *got_sub_ptr = sub->num_rects > 0;
@ -342,7 +353,7 @@ static int libaribb24_decode(AVCodecContext *avctx, void *data, int *got_sub_ptr
// longer and longer... // longer and longer...
arib_finalize_decoder(b24->decoder); arib_finalize_decoder(b24->decoder);
return pkt->size; return ret < 0 ? ret : pkt->size;
} }
static void libaribb24_flush(AVCodecContext *avctx) static void libaribb24_flush(AVCodecContext *avctx)