From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 2521D43F8F for ; Sat, 22 Oct 2022 21:04:09 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id BE7A568BD91; Sun, 23 Oct 2022 00:03:34 +0300 (EEST) Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 28FFD68BD64 for ; Sun, 23 Oct 2022 00:03:27 +0300 (EEST) Received: by mail-ot1-f54.google.com with SMTP id d18-20020a05683025d200b00661c6f1b6a4so3867962otu.1 for ; Sat, 22 Oct 2022 14:03:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=JJVvoVydZE4O8idKBd24jrjHrRDFfOoh0t93s0/0Npo=; b=JvRubsU7ot51AD+ZbMnIVtPF8XCL74/sYNCjZTwAjfhaYULznKCY5Jk0mVx0rkuBMn GoDVEhA/K2oa5G0Kie93lFPJNUZlb+U3fRm3WDrgJgVPXx6NRoH53H85yZjceBec5WJ4 ZaKkbgzo+RW8RzzE6/fp4eZGzcG0jH6Z8VHXZ7YVNS9SjWXFKcShRduNTOCKeKb4V5Ci 7WLoqi97X/2JLnK5z5uPC6DP3n4RsipJXLi/p5QvcJrwiwa5MkDDmY3rtO9NLx45760Z zz/P+yZy+fPrW7DLu6YCwyjLGEtMA6groGZ/bGDI0lX4wxqT3mKOkJhKhqyCM50MnF7F b6ZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JJVvoVydZE4O8idKBd24jrjHrRDFfOoh0t93s0/0Npo=; b=Uc5Uqm4vANS0gbw0ZqCoQn55EXXR7zev/GaBBcnTcrSwPo64xo/KbnJKIEjumeG8DR 4qw7L3crFKa8Fq7Jd35OkhQLHBhvaPT2OggpobR7sNghlEjsJQmPwGUbVo/afkFGx28j SeeMX1QoNMR9OuCP1Z9EULeatkaNlp3gJUQ0xn4RJXJvXkFUZnxZahDpZrAAoiedsVI8 EV6IjJ1kd1sQTnEfORFEvDBN1P7IHL0CVgmCIApUJ66v+FjqolavNX5eopY7L23ZfhLw Wfpqg+17fR+Q2Q3trBK1sWflqFa47SGLG27hOO2V5Dt1jzIf0j2ZC+EP0+W+9JZIAm93 LnuA== X-Gm-Message-State: ACrzQf3PhXxqV0khi1eyC96VY57BohE+MAuhMGXMaJmP7yskS9rK0DET C6oWu8N1aNWXfn/QLIDd78XsPdLoN8c= X-Google-Smtp-Source: AMsMyM6CJdrZDQRbkl20Smxj6NyHz7Avykfmp2Zu+KXEDuLDKdGDNhm2R1HuKbTwOvI2/LreecUeBg== X-Received: by 2002:a9d:4d19:0:b0:661:bcef:4683 with SMTP id n25-20020a9d4d19000000b00661bcef4683mr13056866otf.37.1666472605466; Sat, 22 Oct 2022 14:03:25 -0700 (PDT) Received: from localhost.localdomain ([191.97.187.183]) by smtp.gmail.com with ESMTPSA id q9-20020a05683033c900b006622d085a7fsm1850663ott.50.2022.10.22.14.03.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 22 Oct 2022 14:03:25 -0700 (PDT) From: James Almer To: ffmpeg-devel@ffmpeg.org Date: Sat, 22 Oct 2022 18:02:26 -0300 Message-Id: <20221022210226.2200-5-jamrial@gmail.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: <20221022210226.2200-1-jamrial@gmail.com> References: <20221022210226.2200-1-jamrial@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 5/5 v2] avcodec/ac3_parser: improve false positive detection when parsing sync frames X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: A two byte sync word is not enough to ensure we got a real syncframe, nor are all the range checks we do in the first seven bytes. Do therefore an integrity check for the sync frame in order to prevent the parser from filling avctx with bogus information. Signed-off-by: James Almer --- libavcodec/aac_ac3_parser.c | 4 ++++ libavcodec/aac_ac3_parser.h | 2 ++ libavcodec/ac3_parser.c | 1 + 3 files changed, 7 insertions(+) diff --git a/libavcodec/aac_ac3_parser.c b/libavcodec/aac_ac3_parser.c index e89b12baf9..2b0ee61b6d 100644 --- a/libavcodec/aac_ac3_parser.c +++ b/libavcodec/aac_ac3_parser.c @@ -113,6 +113,10 @@ get_next: buf_size -= hdr.frame_size; continue; } + /* Check for false positives since the syncword is not enough. + See section 6.1.2 of A/52. */ + if (av_crc(s->crc_ctx, 0, buf + 2, hdr.frame_size - 2)) + return i; break; } diff --git a/libavcodec/aac_ac3_parser.h b/libavcodec/aac_ac3_parser.h index 560bba54f5..bc16181a19 100644 --- a/libavcodec/aac_ac3_parser.h +++ b/libavcodec/aac_ac3_parser.h @@ -24,6 +24,7 @@ #define AVCODEC_AAC_AC3_PARSER_H #include +#include "libavutil/crc.h" #include "avcodec.h" #include "parser.h" @@ -42,6 +43,7 @@ typedef struct AACAC3ParseContext { int header_size; int (*sync)(uint64_t state, int *need_next_header, int *new_frame_start); + const AVCRC *crc_ctx; int remaining_size; uint64_t state; diff --git a/libavcodec/ac3_parser.c b/libavcodec/ac3_parser.c index 8885e1c72e..13b8d3b7d8 100644 --- a/libavcodec/ac3_parser.c +++ b/libavcodec/ac3_parser.c @@ -246,6 +246,7 @@ static av_cold int ac3_parse_init(AVCodecParserContext *s1) { AACAC3ParseContext *s = s1->priv_data; s->header_size = AC3_HEADER_SIZE; + s->crc_ctx = av_crc_get_table(AV_CRC_16_ANSI); s->sync = ac3_sync; return 0; } -- 2.37.3 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".