From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 29A77435C2 for ; Fri, 17 Jun 2022 20:15:51 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 78E3768B8EC; Fri, 17 Jun 2022 23:15:48 +0300 (EEST) Received: from iq.passwd.hu (iq.passwd.hu [217.27.212.140]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id ADEDF68B2E5 for ; Fri, 17 Jun 2022 23:15:41 +0300 (EEST) Received: from localhost (localhost [127.0.0.1]) by iq.passwd.hu (Postfix) with ESMTP id E1AE2E7358 for ; Fri, 17 Jun 2022 22:15:41 +0200 (CEST) X-Virus-Scanned: amavisd-new at passwd.hu Received: from iq.passwd.hu ([127.0.0.1]) by localhost (iq.passwd.hu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CkWphur6eDVM for ; Fri, 17 Jun 2022 22:15:40 +0200 (CEST) Received: from iq (iq [217.27.212.140]) by iq.passwd.hu (Postfix) with ESMTPS id C3C68E7209 for ; Fri, 17 Jun 2022 22:15:39 +0200 (CEST) Date: Fri, 17 Jun 2022 22:15:39 +0200 (CEST) From: Marton Balint To: FFmpeg development discussions and patches In-Reply-To: <20220208202353.19554-2-michael@niedermayer.cc> Message-ID: <7e97fc0-25ab-7ba8-ece8-a9e75f60a120@passwd.hu> References: <20220208202353.19554-1-michael@niedermayer.cc> <20220208202353.19554-2-michael@niedermayer.cc> MIME-Version: 1.0 Subject: Re: [FFmpeg-devel] [PATCH 2/2] avformat/demux: Count EAGAIN as 100 bytes in relation to read limit in avformat_find_stream_info() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On Tue, 8 Feb 2022, Michael Niedermayer wrote: > Fixes: Timeout > Fixes: 43717/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5206008287330304 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavformat/demux.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/libavformat/demux.c b/libavformat/demux.c > index dd42d32710..1acba0c608 100644 > --- a/libavformat/demux.c > +++ b/libavformat/demux.c > @@ -2590,8 +2590,10 @@ int avformat_find_stream_info(AVFormatContext *ic, AVDictionary **options) > /* NOTE: A new stream can be added there if no header in file > * (AVFMTCTX_NOHEADER). */ > ret = read_frame_internal(ic, pkt1); > - if (ret == AVERROR(EAGAIN)) > + if (ret == AVERROR(EAGAIN)) { > + read_size += 100; Sorry, same here, very hackish. I especially dislike that you use read_size for a limit because that intereferes with probesize and silently ignores the problem. Can't we fix the underlying issue? If not, then counting the number of EAGAINs and returning a hard failure if that becomes more than e.g. 10000 would be a lot more acceptable to me. E.g. if (nb_egains > 10000) { av_log(NULL, AV_LOG_ERROR, "read_frame stuck in an EAGAIN loop, this should not happen\n); return AVERROR_BUG; } Regards, Marton _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".