[gstreamer-bugs] [Bug 595590] Conditional jump or move depends on uninitialised value in ff_h264_find_frame_end
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Mon Dec 14 06:56:23 PST 2009
https://bugzilla.gnome.org/show_bug.cgi?id=595590
GStreamer | gst-ffmpeg | git
Stephen McNamara <steve.mcnamara> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |steve.mcnamara at ultra-sml.co
| |m
--- Comment #2 from Stephen McNamara <steve.mcnamara at ultra-sml.com> 2009-12-14 14:56:19 UTC ---
We get the same fault in our Windows OSSBuild environment.
Fault appears to be that the function 'gst_ffmpegdec_chain' in file
gstffmpegdec.c does not resize the data buffer to include padding BEFORE
calling 'av_parser_parse'. If the buffer is resized first we don't get a crash
and the video is decoded correctly.
Our fix is to move the block:
if (ffmpegdec->do_padding) {
/* add padding */
if (ffmpegdec->padded_size < bsize + FF_INPUT_BUFFER_PADDING_SIZE) {
ffmpegdec->padded_size = bsize + FF_INPUT_BUFFER_PADDING_SIZE;
ffmpegdec->padded =
g_realloc (ffmpegdec->padded, ffmpegdec->padded_size);
GST_LOG_OBJECT (ffmpegdec, "resized padding buffer to %d",
ffmpegdec->padded_size);
}
memcpy (ffmpegdec->padded, bdata, bsize);
memset (ffmpegdec->padded + bsize, 0, FF_INPUT_BUFFER_PADDING_SIZE);
bdata = ffmpegdec->padded;
}
from below to above the call to av_parser_parse. This additionally needs the
lines:
// Assign pdata to the data variable allocated above. Reduces code changes
required to move the buffer resizing code.
pdata = data;
to be inserted where the original padding block of code resided.
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the Gstreamer-bugs
mailing list