From: ffmpegagent <ffmpegagent@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Michael Niedermayer <michael@niedermayer.cc>,
softworkz <softworkz@hotmail.com>
Subject: [FFmpeg-devel] [PATCH v4 00/10] libavformat/asf: fix handling of byte array length values
Date: Sat, 14 May 2022 20:55:12 +0000
Message-ID: <pull.12.v4.ffstaging.FFmpeg.1652561722.ffmpegagent@gmail.com> (raw)
In-Reply-To: <pull.12.v3.ffstaging.FFmpeg.1651978882.ffmpegagent@gmail.com>
The spec allows attachment sizes of up to UINT32_MAX while we can handle
only sizes up to INT32_MAX (in downstream code)
The debug.assert in get_tag didn't really address this, and truncating the
value_len in calling methods cannot be used because the length value is
required in order to continue parsing. This adds a check with log message in
ff_asf_handle_byte_array to handle those (rare) cases.
v2: Rebased & PING v3: Adjustments suggested by Michael v4: 1 of 11 merged,
10 to go..
softworkz (10):
libavformat/asf: fix handling of byte array length values
libavformat/asfdec: fix get_value return type and add checks for
libavformat/asfdec: fix type of value_len
libavformat/asfdec: fixing get_tag
libavformat/asfdec: implement parsing of GUID values
libavformat/asfdec: fix macro definition and use
libavformat/asfdec: remove variable redefinition in inner scope
libavformat/asfdec: ensure variables are initialized
libavformat/asfdec: fix parameter type in asf_read_stream_propertie()
libavformat/asfdec: fix variable types and add checks for unsupported
values
libavformat/asf.c | 8 +-
libavformat/asf.h | 2 +-
libavformat/asfdec_f.c | 338 +++++++++++++++++++++++++++--------------
3 files changed, 229 insertions(+), 119 deletions(-)
base-commit: e6f0cec88041449475f37b82b76699d2f7b5b124
Published-As: https://github.com/ffstaging/FFmpeg/releases/tag/pr-ffstaging-12%2Fsoftworkz%2Fmaster-upstream_asf_4-v4
Fetch-It-Via: git fetch https://github.com/ffstaging/FFmpeg pr-ffstaging-12/softworkz/master-upstream_asf_4-v4
Pull-Request: https://github.com/ffstaging/FFmpeg/pull/12
Range-diff vs v3:
1: b5c56bf5d0 = 1: 60966b7907 libavformat/asf: fix handling of byte array length values
2: e6aa0fb7f3 ! 2: 5acab7b52b libavformat/asfdec: fix get_value return type and add checks for
@@ libavformat/asfdec_f.c: static int asf_probe(const AVProbeData *pd)
{
switch (type) {
case ASF_BOOL:
-@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s)
{
AVIOContext *pb = s->pb;
ASFContext *asf = s->priv_data;
@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s,
int desc_count, i, ret;
desc_count = avio_rl16(pb);
-@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s)
/* My sample has that stream set to 0 maybe that mean the container.
* ASF stream count starts at 1. I am using 0 to the container value
* since it's unused. */
@@ libavformat/asfdec_f.c: static int asf_read_ext_content_desc(AVFormatContext *s,
return 0;
}
-@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s)
{
AVIOContext *pb = s->pb;
ASFContext *asf = s->priv_data;
@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s, int64_t
int n, stream_num, name_len_utf16, name_len_utf8, value_len;
int ret, i;
n = avio_rl16(pb);
-@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s)
av_log(s, AV_LOG_TRACE, "%d stream %d name_len %2d type %d len %4d <%s>\n",
i, stream_num, name_len_utf16, value_type, value_len, name);
3: b84474d729 ! 3: 97e0d765c9 libavformat/asfdec: fix type of value_len
@@ libavformat/asfdec_f.c: static uint64_t get_value(AVIOContext *pb, int type, int
{
ASFContext *asf = s->priv_data;
char *value = NULL;
-@@ libavformat/asfdec_f.c: static int asf_read_ext_stream_properties(AVFormatContext *s, int64_t size)
- static int asf_read_content_desc(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_ext_stream_properties(AVFormatContext *s)
+ static int asf_read_content_desc(AVFormatContext *s)
{
AVIOContext *pb = s->pb;
- int len1, len2, len3, len4, len5;
@@ libavformat/asfdec_f.c: static int asf_read_ext_stream_properties(AVFormatContex
len1 = avio_rl16(pb);
len2 = avio_rl16(pb);
-@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s, int64_t size)
+@@ libavformat/asfdec_f.c: static int asf_read_metadata(AVFormatContext *s)
ASFContext *asf = s->priv_data;
uint64_t dar_num[128] = {0};
uint64_t dar_den[128] = {0};
4: a54feb51a1 = 4: 025123f72d libavformat/asfdec: fixing get_tag
5: e14beb2c15 = 5: 2d01e4dff5 libavformat/asfdec: implement parsing of GUID values
6: 06062da88b < -: ---------- libavformat/asfdec: remove unused parameters
7: 273823a5b4 = 6: 33b3d163df libavformat/asfdec: fix macro definition and use
8: aaa37aca21 = 7: 1509b83f47 libavformat/asfdec: remove variable redefinition in inner scope
9: 6aedb68b76 = 8: fd31b0be2e libavformat/asfdec: ensure variables are initialized
10: 28ebbe7289 = 9: f8728b1c51 libavformat/asfdec: fix parameter type in asf_read_stream_propertie()
11: bbeee5f2da = 10: 78ed5aeb38 libavformat/asfdec: fix variable types and add checks for unsupported values
--
ffmpeg-codebot
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2022-05-14 20:55 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-22 15:13 [PATCH 00/11] " ffmpegagent
2021-12-22 15:13 ` [PATCH 01/11] " ffmpegagent
2021-12-22 15:13 ` [PATCH 02/11] libavformat/asfdec: fix get_value return type and add checks for ffmpegagent
2021-12-22 15:13 ` [PATCH 03/11] libavformat/asfdec: fix type of value_len ffmpegagent
2021-12-22 15:13 ` [PATCH 04/11] libavformat/asfdec: fixing get_tag ffmpegagent
2021-12-22 15:13 ` [PATCH 05/11] libavformat/asfdec: implement parsing of GUID values ffmpegagent
2021-12-22 15:13 ` [PATCH 06/11] libavformat/asfdec: remove unused parameters ffmpegagent
2021-12-22 18:16 ` Soft Works
2021-12-22 15:13 ` [PATCH 07/11] libavformat/asfdec: fix macro definition and use ffmpegagent
2021-12-22 16:23 ` Soft Works
2021-12-22 15:13 ` [PATCH 08/11] libavformat/asfdec: remove variable redefinition in inner scope ffmpegagent
2021-12-22 15:13 ` [PATCH 09/11] libavformat/asfdec: ensure variables are initialized ffmpegagent
2021-12-22 15:13 ` [PATCH 10/11] libavformat/asfdec: fix parameter type in asf_read_stream_propertie() ffmpegagent
2021-12-22 15:13 ` [PATCH 11/11] libavformat/asfdec: fix variable types and add checks for unsupported values ffmpegagent
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 00/11] libavformat/asf: fix handling of byte array length values ffmpegagent
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 01/11] " softworkz
2022-05-07 18:48 ` Michael Niedermayer
2022-05-08 2:27 ` Soft Works
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 02/11] libavformat/asfdec: fix get_value return type and add checks for softworkz
2022-05-07 18:57 ` Michael Niedermayer
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 03/11] libavformat/asfdec: fix type of value_len softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 04/11] libavformat/asfdec: fixing get_tag softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 05/11] libavformat/asfdec: implement parsing of GUID values softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 06/11] libavformat/asfdec: remove unused parameters softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 07/11] libavformat/asfdec: fix macro definition and use softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 08/11] libavformat/asfdec: remove variable redefinition in inner scope softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 09/11] libavformat/asfdec: ensure variables are initialized softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 10/11] libavformat/asfdec: fix parameter type in asf_read_stream_propertie() softworkz
2022-05-07 9:36 ` [FFmpeg-devel] [PATCH v2 11/11] libavformat/asfdec: fix variable types and add checks for unsupported values softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 00/11] libavformat/asf: fix handling of byte array length values ffmpegagent
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 01/11] " softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 02/11] libavformat/asfdec: fix get_value return type and add checks for softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 03/11] libavformat/asfdec: fix type of value_len softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 04/11] libavformat/asfdec: fixing get_tag softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 05/11] libavformat/asfdec: implement parsing of GUID values softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 06/11] libavformat/asfdec: remove unused parameters softworkz
2022-05-08 18:50 ` Michael Niedermayer
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 07/11] libavformat/asfdec: fix macro definition and use softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 08/11] libavformat/asfdec: remove variable redefinition in inner scope softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 09/11] libavformat/asfdec: ensure variables are initialized softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 10/11] libavformat/asfdec: fix parameter type in asf_read_stream_propertie() softworkz
2022-05-08 3:01 ` [FFmpeg-devel] [PATCH v3 11/11] libavformat/asfdec: fix variable types and add checks for unsupported values softworkz
2022-05-14 20:55 ` ffmpegagent [this message]
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 01/10] libavformat/asf: fix handling of byte array length values softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 02/10] libavformat/asfdec: fix get_value return type and add checks for softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 03/10] libavformat/asfdec: fix type of value_len softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 04/10] libavformat/asfdec: fixing get_tag softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 05/10] libavformat/asfdec: implement parsing of GUID values softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 06/10] libavformat/asfdec: fix macro definition and use softworkz
2022-05-15 18:12 ` Andreas Rheinhardt
2022-05-15 22:51 ` Soft Works
2022-05-16 8:48 ` Andreas Rheinhardt
2022-05-16 22:03 ` Soft Works
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 07/10] libavformat/asfdec: remove variable redefinition in inner scope softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 08/10] libavformat/asfdec: ensure variables are initialized softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 09/10] libavformat/asfdec: fix parameter type in asf_read_stream_propertie() softworkz
2022-05-14 20:55 ` [FFmpeg-devel] [PATCH v4 10/10] libavformat/asfdec: fix variable types and add checks for unsupported values softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 00/10] libavformat/asf: fix handling of byte array length values ffmpegagent
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 01/10] " softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 02/10] libavformat/asfdec: fix get_value return type and add checks for softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 03/10] libavformat/asfdec: fix type of value_len softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 04/10] libavformat/asfdec: fixing get_tag softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 05/10] libavformat/asfdec: implement parsing of GUID values softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 06/10] libavformat/asfdec: avoid clang warnings softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 07/10] libavformat/asfdec: remove variable redefinition in inner scope softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 08/10] libavformat/asfdec: ensure variables are initialized softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 09/10] libavformat/asfdec: fix parameter type in asf_read_stream_propertie() softworkz
2022-05-21 5:21 ` [FFmpeg-devel] [PATCH v5 10/10] libavformat/asfdec: fix variable types and add checks for unsupported values softworkz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.12.v4.ffstaging.FFmpeg.1652561722.ffmpegagent@gmail.com \
--to=ffmpegagent@gmail.com \
--cc=ffmpeg-devel@ffmpeg.org \
--cc=michael@niedermayer.cc \
--cc=softworkz@hotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git