[Bug 753614] qtdemux: PIFF box parsing support
GStreamer (GNOME Bugzilla)
bugzilla at gnome.org
Wed Nov 18 14:48:33 PST 2015
https://bugzilla.gnome.org/show_bug.cgi?id=753614
Thiago Sousa Santos <thiagossantos at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #309251|none |needs-work
status| |
--- Comment #4 from Thiago Sousa Santos <thiagossantos at gmail.com> ---
Review of attachment 309251:
--> (https://bugzilla.gnome.org/review?bug=753614&attachment=309251)
Some minor comments below.
Are there any public samples on this protection scheme?
::: gst/isomp4/qtdemux.c
@@ +2414,3 @@
+
+ structure = gst_caps_get_structure (stream->caps, 0);
+ g_assert (gst_structure_has_name (structure, "application/x-cenc"));
This doesn't look like a programming error. A malicious file could be crafted
to have a piff box on a regular non-ecnrypted file. I'd just use a warning here
and abort parsing the piff.
@@ +2511,3 @@
+ GstBuffer *box;
+
+ properties = qtdemux_get_cenc_sample_properties (qtdemux, stream, i);
Is sample here the number of samples on the stream or is this a different
meaning for sample?
Creating 1 structure per sample seems heavy. Perhaps use an array of custom
structs?
@@ +2539,3 @@
};
+
+ static const guint8 piff_uuid[] = {
This not really a piff box, but a piff_sample_encryption_uuid. piff seems to be
the ftyp of the file.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list