* [FFmpeg-devel] [PATCH 1/3] avformat/dhav: Fix check for seekability
@ 2025-06-07 23:14 Andreas Rheinhardt
2025-06-15 17:38 ` Andreas Rheinhardt
0 siblings, 1 reply; 2+ messages in thread
From: Andreas Rheinhardt @ 2025-06-07 23:14 UTC (permalink / raw)
To: FFmpeg development discussions and patches
[-- Attachment #1: Type: text/plain, Size: 29 bytes --]
Patches attached.
- Andreas
[-- Attachment #2: 0001-avformat-dhav-Fix-check-for-seekability.patch --]
[-- Type: text/x-patch, Size: 1145 bytes --]
From 95e88893123bae89991bf45a6c5db0173e158574 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Sun, 8 Jun 2025 00:52:46 +0200
Subject: [PATCH 1/3] avformat/dhav: Fix check for seekability
AVIOContext.seekable is a bitfield. Also check for seekability
earlier.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavformat/dhav.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libavformat/dhav.c b/libavformat/dhav.c
index 31f4d75181..af1a8d86a5 100644
--- a/libavformat/dhav.c
+++ b/libavformat/dhav.c
@@ -237,6 +237,9 @@ static void get_timeinfo(unsigned date, struct tm *timeinfo)
static int64_t get_duration(AVFormatContext *s)
{
+ if (!(s->pb->seekable & AVIO_SEEKABLE_NORMAL))
+ return 0;
+
int64_t start_pos = avio_tell(s->pb);
int64_t end_pos = -1;
int64_t start = 0, end = 0;
@@ -248,9 +251,6 @@ static int64_t get_duration(AVFormatContext *s)
unsigned date;
int64_t size = avio_size(s->pb);
- if (!s->pb->seekable)
- return 0;
-
if (start_pos + 16 > size)
return 0;
--
2.45.2
[-- Attachment #3: 0002-avformat-dhav-Add-missed-free-for-end_buffer.patch --]
[-- Type: text/x-patch, Size: 1220 bytes --]
From 39df5a583d781d54dcac57b9d024d256d4310172 Mon Sep 17 00:00:00 2001
From: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Date: Fri, 6 Jun 2025 14:44:50 +0100
Subject: [PATCH 2/3] avformat/dhav: Add missed free for end_buffer
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Accidentally left out of 36ec9217e6dca3432304c9d76078d9618247eb0f.
Found-by: Kacper Michajłow <kasper93@gmail.com>
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
---
libavformat/dhav.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavformat/dhav.c b/libavformat/dhav.c
index af1a8d86a5..ffd6d66359 100644
--- a/libavformat/dhav.c
+++ b/libavformat/dhav.c
@@ -281,6 +281,7 @@ static int64_t get_duration(AVFormatContext *s)
}
if (end_pos < 0 || end_pos + 16 > end_buffer_pos + end_buffer_size) {
+ av_freep(&end_buffer);
avio_seek(s->pb, start_pos, SEEK_SET);
return 0;
}
@@ -289,6 +290,8 @@ static int64_t get_duration(AVFormatContext *s)
get_timeinfo(date, &timeinfo);
end = av_timegm(&timeinfo) * 1000LL;
+ av_freep(&end_buffer);
+
avio_seek(s->pb, start_pos, SEEK_SET);
return end - start;
--
2.45.2
[-- Attachment #4: 0003-avformat-dhav-Check-reading-data.patch --]
[-- Type: text/x-patch, Size: 1960 bytes --]
From 28c1a8ebcadec6ba168664b5ece9e09159feb255 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Sun, 8 Jun 2025 01:07:02 +0200
Subject: [PATCH 3/3] avformat/dhav: Check reading data
Prevents potential use of uninitialized data.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavformat/dhav.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/libavformat/dhav.c b/libavformat/dhav.c
index ffd6d66359..9bdb23322d 100644
--- a/libavformat/dhav.c
+++ b/libavformat/dhav.c
@@ -261,13 +261,12 @@ static int64_t get_duration(AVFormatContext *s)
end_buffer_size = FFMIN(MAX_DURATION_BUFFER_SIZE, size);
end_buffer = av_malloc(end_buffer_size);
- if (!end_buffer) {
- avio_seek(s->pb, start_pos, SEEK_SET);
- return 0;
- }
+ if (!end_buffer)
+ goto fail;
end_buffer_pos = size - end_buffer_size;
avio_seek(s->pb, end_buffer_pos, SEEK_SET);
- avio_read(s->pb, end_buffer, end_buffer_size);
+ if (ffio_read_size(s->pb, end_buffer, end_buffer_size) < 0)
+ goto fail;
offset = end_buffer_size - 8;
while (offset > 0) {
@@ -280,11 +279,8 @@ static int64_t get_duration(AVFormatContext *s)
}
}
- if (end_pos < 0 || end_pos + 16 > end_buffer_pos + end_buffer_size) {
- av_freep(&end_buffer);
- avio_seek(s->pb, start_pos, SEEK_SET);
- return 0;
- }
+ if (end_pos < 0 || end_pos + 16 > end_buffer_pos + end_buffer_size)
+ goto fail;
date = AV_RL32(end_buffer + (end_pos - end_buffer_pos) + 16);
get_timeinfo(date, &timeinfo);
@@ -295,6 +291,10 @@ static int64_t get_duration(AVFormatContext *s)
avio_seek(s->pb, start_pos, SEEK_SET);
return end - start;
+fail:
+ av_freep(&end_buffer);
+ avio_seek(s->pb, start_pos, SEEK_SET);
+ return 0;
}
static int dhav_read_header(AVFormatContext *s)
--
2.45.2
[-- Attachment #5: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [FFmpeg-devel] [PATCH 1/3] avformat/dhav: Fix check for seekability
2025-06-07 23:14 [FFmpeg-devel] [PATCH 1/3] avformat/dhav: Fix check for seekability Andreas Rheinhardt
@ 2025-06-15 17:38 ` Andreas Rheinhardt
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Rheinhardt @ 2025-06-15 17:38 UTC (permalink / raw)
To: ffmpeg-devel
Andreas Rheinhardt:
> Patches attached.
>
> - Andreas
>
Will apply my patches of this patchset tomorrow unless there are objections.
- Andreas
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-06-15 17:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-06-07 23:14 [FFmpeg-devel] [PATCH 1/3] avformat/dhav: Fix check for seekability Andreas Rheinhardt
2025-06-15 17:38 ` Andreas Rheinhardt
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git