h264parser: Do not allocate too large size of memory for registered user data SEI

Don't be confused by the unit of payload size (i.e., bits and bytes)
Also this need a documentation with Since mark
This commit is contained in:
Seungha Yang 2020-03-21 18:39:42 +09:00 committed by GStreamer Merge Bot
parent 26f76dd927
commit 9e429fad3e
2 changed files with 23 additions and 7 deletions

View file

@ -1046,8 +1046,10 @@ gst_h264_parser_parse_registered_user_data (GstH264NalParser * nalparser,
rud->data = NULL; rud->data = NULL;
rud->size = 0; rud->size = 0;
if (payload_size < 2) if (payload_size < 2) {
return GST_H264_PARSER_ERROR; GST_WARNING ("Too small payload size %d", payload_size);
return GST_H264_PARSER_BROKEN_DATA;
}
READ_UINT8 (nr, rud->country_code, 8); READ_UINT8 (nr, rud->country_code, 8);
--payload_size; --payload_size;
@ -1059,15 +1061,17 @@ gst_h264_parser_parse_registered_user_data (GstH264NalParser * nalparser,
rud->country_code_extension = 0; rud->country_code_extension = 0;
} }
if (payload_size < 8) if (payload_size < 1) {
return GST_H264_PARSER_ERROR; GST_WARNING ("No more remaining payload data to store");
return GST_H264_PARSER_BROKEN_DATA;
}
data = g_malloc (payload_size); data = g_malloc (payload_size);
for (i = 0; i < payload_size / 8; ++i) { for (i = 0; i < payload_size; ++i) {
READ_UINT8 (nr, data[i], 8); READ_UINT8 (nr, data[i], 8);
} }
GST_MEMDUMP ("SEI user data", data, payload_size / 8); GST_MEMDUMP ("SEI user data", data, payload_size);
rud->data = data; rud->data = data;
rud->size = payload_size; rud->size = payload_size;
@ -1274,7 +1278,7 @@ gst_h264_parser_parse_sei_message (GstH264NalParser * nalparser,
break; break;
case GST_H264_SEI_REGISTERED_USER_DATA: case GST_H264_SEI_REGISTERED_USER_DATA:
res = gst_h264_parser_parse_registered_user_data (nalparser, res = gst_h264_parser_parse_registered_user_data (nalparser,
&sei->payload.registered_user_data, nr, payload_size); &sei->payload.registered_user_data, nr, payload_size >> 3);
break; break;
case GST_H264_SEI_RECOVERY_POINT: case GST_H264_SEI_RECOVERY_POINT:
res = gst_h264_parser_parse_recovery_point (nalparser, res = gst_h264_parser_parse_recovery_point (nalparser,

View file

@ -1030,6 +1030,18 @@ struct _GstH264PicTiming
GstH264ClockTimestamp clock_timestamp[3]; GstH264ClockTimestamp clock_timestamp[3];
}; };
/**
* GstH264RegisteredUserData:
* The User data registered by Rec. ITU-T T.35 SEI messag.
* @country_code: an itu_t_t35_country_code.
* @country_code_extension: an itu_t_t35_country_code_extension_byte.
* Should be ignored when @country_code is not 0xff
* @data: the data of itu_t_t35_payload_byte
* excluding @country_code and @country_code_extension
* @size: the size of @data in bytes
*
* Since: 1.16
*/
struct _GstH264RegisteredUserData struct _GstH264RegisteredUserData
{ {
guint8 country_code; guint8 country_code;