Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
 help / color / mirror / Atom feed
From: James Almer <jamrial@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Subject: [FFmpeg-devel] [PATCH 5/5 v2] avcodec/ac3_parser: improve false positive detection when parsing sync frames
Date: Sat, 22 Oct 2022 18:02:26 -0300
Message-ID: <20221022210226.2200-5-jamrial@gmail.com> (raw)
In-Reply-To: <20221022210226.2200-1-jamrial@gmail.com>

A two byte sync word is not enough to ensure we got a real syncframe, nor are
all the range checks we do in the first seven bytes. Do therefore an integrity
check for the sync frame in order to prevent the parser from filling avctx with
bogus information.

Signed-off-by: James Almer <jamrial@gmail.com>
---
 libavcodec/aac_ac3_parser.c | 4 ++++
 libavcodec/aac_ac3_parser.h | 2 ++
 libavcodec/ac3_parser.c     | 1 +
 3 files changed, 7 insertions(+)

diff --git a/libavcodec/aac_ac3_parser.c b/libavcodec/aac_ac3_parser.c
index e89b12baf9..2b0ee61b6d 100644
--- a/libavcodec/aac_ac3_parser.c
+++ b/libavcodec/aac_ac3_parser.c
@@ -113,6 +113,10 @@ get_next:
                     buf_size -= hdr.frame_size;
                     continue;
                 }
+                /* Check for false positives since the syncword is not enough.
+                   See section 6.1.2 of A/52. */
+                if (av_crc(s->crc_ctx, 0, buf + 2, hdr.frame_size - 2))
+                    return i;
                 break;
             }
 
diff --git a/libavcodec/aac_ac3_parser.h b/libavcodec/aac_ac3_parser.h
index 560bba54f5..bc16181a19 100644
--- a/libavcodec/aac_ac3_parser.h
+++ b/libavcodec/aac_ac3_parser.h
@@ -24,6 +24,7 @@
 #define AVCODEC_AAC_AC3_PARSER_H
 
 #include <stdint.h>
+#include "libavutil/crc.h"
 #include "avcodec.h"
 #include "parser.h"
 
@@ -42,6 +43,7 @@ typedef struct AACAC3ParseContext {
     int header_size;
     int (*sync)(uint64_t state, int *need_next_header, int *new_frame_start);
 
+    const AVCRC *crc_ctx;
     int remaining_size;
     uint64_t state;
 
diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c
index 8885e1c72e..13b8d3b7d8 100644
--- a/libavcodec/ac3_parser.c
+++ b/libavcodec/ac3_parser.c
@@ -246,6 +246,7 @@ static av_cold int ac3_parse_init(AVCodecParserContext *s1)
 {
     AACAC3ParseContext *s = s1->priv_data;
     s->header_size = AC3_HEADER_SIZE;
+    s->crc_ctx = av_crc_get_table(AV_CRC_16_ANSI);
     s->sync = ac3_sync;
     return 0;
 }
-- 
2.37.3

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

  parent reply	other threads:[~2022-10-22 21:04 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-22 21:02 [FFmpeg-devel] [PATCH 1/5 v2] avcodec/ac3dec: split off code discarding garbage at the beginning of a packet James Almer
2022-10-22 21:02 ` [FFmpeg-devel] [PATCH 2/5] avcodec/aac_ac3_parser: don't fill stream info in the sync function James Almer
2022-10-23 15:35   ` Michael Niedermayer
2022-10-23 17:34     ` Andreas Rheinhardt
2022-10-23 22:59       ` James Almer
2022-10-22 21:02 ` [FFmpeg-devel] [PATCH 3/5] avcodec/aac_ac3_parser: don't try to sync when the parser is configured to handle complete frames James Almer
2022-10-24 21:49   ` Michael Niedermayer
2022-10-24 22:26     ` [FFmpeg-devel] [PATCH 4/6 v2] " James Almer
2022-10-22 21:02 ` [FFmpeg-devel] [PATCH 4/5] avcodec/aac_ac3_parser: reindent after previous commit James Almer
2022-10-22 21:02 ` James Almer [this message]
2022-10-23 23:04 ` [FFmpeg-devel] [PATCH 2/6] avcodec/adts_parsed: allow passing a pre allocated AACADTSHeaderInfo to avpriv_adts_header_parse() James Almer
2022-10-26 12:09 ` [FFmpeg-devel] [PATCH 1/5 v2] avcodec/ac3dec: split off code discarding garbage at the beginning of a packet James Almer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221022210226.2200-5-jamrial@gmail.com \
    --to=jamrial@gmail.com \
    --cc=ffmpeg-devel@ffmpeg.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
		ffmpegdev@gitmailbox.com
	public-inbox-index ffmpegdev

Example config snippet for mirrors.


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git