From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 74C3F40AF8
	for <ffmpegdev@gitmailbox.com>; Mon,  5 Dec 2022 01:38:47 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 916B068BC09;
	Mon,  5 Dec 2022 03:38:43 +0200 (EET)
Received: from mail-vk1-f182.google.com (mail-vk1-f182.google.com
 [209.85.221.182])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 02425689D06
 for <ffmpeg-devel@ffmpeg.org>; Mon,  5 Dec 2022 03:38:36 +0200 (EET)
Received: by mail-vk1-f182.google.com with SMTP id z23so723406vkb.12
 for <ffmpeg-devel@ffmpeg.org>; Sun, 04 Dec 2022 17:38:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=resi.io; s=google;
 h=to:subject:message-id:date:from:in-reply-to:references:mime-version
 :from:to:cc:subject:date:message-id:reply-to;
 bh=ksFNUzOC0d5atLdbGRlXAwHA0IOtl0aVUoWHn3g1FfA=;
 b=AMy6AS04ZhHncWBu+r9+NhpN1/w70t6DeOSx3chu4DHtzkmoAG9hrsNl52eqI4ewju
 zLQ7kN8htPqiXj18auo2n20lX2rlam8FvV+Y8VpSqUPN64Lk8XH+ztQmOvNzpmK8OlKT
 +62XqXDGfiBOBu3rFvMmoAXEX8H8uRucOmPNmXxFwcEFAnZPfrw1U8d+xTKICQBGMX4q
 jaQDZB6658np+YiuTJhzh7X+xTxzS4YOqz3B2aAA2s8D3C/IFkMdtI926npgVta/VS82
 aqIORuXcHUxTTPA17bZVOS+EYYAOstrPeEuRsV7QIc0YEFvsDZB7ru7xIRkanHSKjJSG
 8X/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=to:subject:message-id:date:from:in-reply-to:references:mime-version
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=ksFNUzOC0d5atLdbGRlXAwHA0IOtl0aVUoWHn3g1FfA=;
 b=tz6qivWq4cXN1587WQppIdtGMqultQrI2zVMdutXxRXmwyXuz0QqfiuG/GqVr/BE0E
 xnTZYKcKaokBURTmXLf6tOEIKtPo1BL7LBjk4XPCsmjwHj748ZSz01SLZmFqw7cvGSjS
 Vve5YxOCTh7rCi+S8A3hsIdNKqLnh1z84WdrIvPYhhHuGELMZUpp4sDOtZ+4uzEIE+/k
 vqml8UFVNlft/vR+Gq2+EZlSEsYW4vECseo8dYfPnNU9xpWBVMvLuhHZZd151yIZrB1w
 LA+OIcw/HO6BJWLAUjg48oTLkha7nddsjxW3VBD5aVEDVrYoEPPLTv/dfrq1lXNQEene
 LAyg==
X-Gm-Message-State: ANoB5pn9slqrWc3lnHzRKKOdE2hv226+XFGyBmAZUalfK6dl17yAyFFs
 AWukcj1ETuwWFOX9nI9W578he4c0GvvfyL0lNSYSDUBg3J7d9w==
X-Google-Smtp-Source: AA0mqf7BiuG5Mt0w/PWbB8yHIIAHzaLwDJ48+SeJUwDlY0Zeu78f+EPClSEH4cT2hWcSWOnrkMMm7I+Ooh4SAjEbScU=
X-Received: by 2002:a1f:a0c4:0:b0:3ab:85c0:e1e8 with SMTP id
 j187-20020a1fa0c4000000b003ab85c0e1e8mr47138755vke.1.1670204314185; Sun, 04
 Dec 2022 17:38:34 -0800 (PST)
MIME-Version: 1.0
References: <20221201214029.24352-1-chris.ribble@resi.io>
 <376429bd-4154-a51d-7127-b69057b69934@passwd.hu>
 <CANAqhSbc1wKYMHCH4ZR2Rvad-rr1j=LHdx1p2XNsNsAcjAqN=g@mail.gmail.com>
 <c758ed1e-cfd5-b4af-f72e-167b66013311@gyani.pro>
 <df96ee82-5de8-c0ff-c4a-3df6ce6df8fe@passwd.hu>
In-Reply-To: <df96ee82-5de8-c0ff-c4a-3df6ce6df8fe@passwd.hu>
From: Chris Ribble <chris.ribble@resi.io>
Date: Sun, 4 Dec 2022 19:38:23 -0600
Message-ID: <CANAqhSa7xGUs22uFwXdqw0sAuYu9=W_HWGTxOFya9HNXRZ8UBQ@mail.gmail.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH] Revert "avformat/mov: disallow a zero
 sample size in trun atoms"
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/CANAqhSa7xGUs22uFwXdqw0sAuYu9=W_HWGTxOFya9HNXRZ8UBQ@mail.gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

> More strict enforcement of sample size was introduced to avoid DOS/Timeout
> with crafted (fuzzed) files and disallow emitting zero sized packets.
>
> Invalid file support is not something that is always worth doing, there
> are other, more important factors, like limiting code complexity or
> improving resiliance against denial of service. The problem here is that I
> honestly don't know if a zero sample size is against spec, just stupid, or
> there is a legitimate use for it.
>
> So I sent a 2 patch series which fixes the original issue differently.
> Please test and review them if you can.

Marton,

Thank you for looking into this further.

I tried your patch series and FFmpeg still generates an error
(AVERROR_INVALIDDATA) while processing the moof fragment with
zero-sized samples.

It seems like !(flags & MOV_TRUN_SAMPLE_SIZE) evaluates to true when
the flag is set (512 is "inverted" to 1). Is that what you had in
mind?

If I change it to this, things work as expected for my input mp4:
if (entries && !frag->size && (flags & MOV_TRUN_SAMPLE_SIZE !=
MOV_TRUN_SAMPLE_SIZE))
  return AVERROR_INVALIDDATA;

Sorry if I was supposed to provide this feedback on the patch series
itself; I'm happy to do so there as needed.

Thanks,
Chris
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".