gst/mpegvideoparse/: Fix some silly bugs with calculating the guard sizes.

Original commit message from CVS: * gst/mpegvideoparse/mpegpacketiser.c: (mpeg_util_parse_extension_packet), (mpeg_util_parse_sequence_hdr), (mpeg_util_parse_picture_hdr): * gst/mpegvideoparse/mpegvideoparse.c: (mpegvideoparse_handle_sequence), (mpegvideoparse_drain_avail): Fix some silly bugs with calculating the guard sizes. Properly compare the old sequence header structure with the new one. Don't error out on an invalid sequence - just ignore it.
2024-11-19 00:01:23 +00:00 · 2007-06-06 11:03:24 +00:00 · 2007-06-06 11:03:24 +00:00 · ceba19f691
commit ceba19f691
parent ff14de08d2
3 changed files with 28 additions and 17 deletions
--- a/11
+++ b/11
@ -1,3 +1,14 @@
+2007-06-06  Jan Schmidt  <thaytan@mad.scientist.com>
+
+	* gst/mpegvideoparse/mpegpacketiser.c:
+	(mpeg_util_parse_extension_packet), (mpeg_util_parse_sequence_hdr),
+	(mpeg_util_parse_picture_hdr):
+	* gst/mpegvideoparse/mpegvideoparse.c:
+	(mpegvideoparse_handle_sequence), (mpegvideoparse_drain_avail):
+	Fix some silly bugs with calculating the guard sizes.
+	Properly compare the old sequence header structure with the new one.
+	Don't error out on an invalid sequence - just ignore it.
+
 2007-06-06  Tim-Philipp Müller  <tim at centricular dot net>

 	* gst/real/gstrealvideodec.c: (gst_real_video_dec_decode):
--- a/gst/mpegvideoparse/mpegpacketiser.c
+++ b/gst/mpegvideoparse/mpegpacketiser.c
@ -487,7 +487,7 @@ mpeg_util_parse_extension_packet (MPEGSeqHdr * hdr, guint8 * data, guint8 * end)
 {
  guint8 ext_code;

-  if (G_UNLIKELY ((end - data - 1) < 1))
+  if (G_UNLIKELY (data >= end))
    return FALSE;               /* short extension packet */

  ext_code = data[0] >> 4;
@ -499,7 +499,7 @@ mpeg_util_parse_extension_packet (MPEGSeqHdr * hdr, guint8 * data, guint8 * end)
      guint8 horiz_size_ext, vert_size_ext;
      guint8 fps_n_ext, fps_d_ext;

-      if ((end - data - 1) < 6)
+      if (G_UNLIKELY ((end - data) < 6))
        /* need at least 10 bytes, minus 4 for the start code 000001b5 */
        return FALSE;

@ -531,7 +531,7 @@ mpeg_util_parse_sequence_hdr (MPEGSeqHdr * hdr, guint8 * data, guint8 * end)
  gboolean load_intra_flag;
  gboolean load_non_intra_flag;

-  if (G_UNLIKELY ((end - data - 1) < 12))
+  if (G_UNLIKELY ((end - data) < 12))
    return FALSE;               /* Too small to be a sequence header */

  code = GST_READ_UINT32_BE (data);
@ -556,14 +556,14 @@ mpeg_util_parse_sequence_hdr (MPEGSeqHdr * hdr, guint8 * data, guint8 * end)
  constrained_flag = (data[7] >> 2) & 0x01;
  load_intra_flag = (data[7] >> 1) & 0x01;
  if (load_intra_flag) {
-    if (G_UNLIKELY ((end - data - 1) < 64))
+    if (G_UNLIKELY ((end - data) < 64))
      return FALSE;
    data += 64;
  }

  load_non_intra_flag = data[7] & 0x01;
  if (load_non_intra_flag) {
-    if (G_UNLIKELY ((end - data - 1) < 64))
+    if (G_UNLIKELY ((end - data) < 64))
      return FALSE;
    data += 64;
  }
@ -574,7 +574,7 @@ mpeg_util_parse_sequence_hdr (MPEGSeqHdr * hdr, guint8 * data, guint8 * end)
  /* Read MPEG-2 sequence extensions */
  data = mpeg_util_find_start_code (&sync_word, data, end);
  while (data != NULL) {
-    if (G_UNLIKELY ((end - data - 1) < 1))
+    if (G_UNLIKELY (data >= end))
      return FALSE;

    /* data points at the last byte of the start code */
@ -595,7 +595,7 @@ mpeg_util_parse_picture_hdr (MPEGPictureHdr * hdr, guint8 * data, guint8 * end)
 {
  guint32 code;

-  if (G_UNLIKELY ((end - data - 1) < 6))
+  if (G_UNLIKELY ((end - data) < 6))
    return FALSE;               /* Packet too small */

  code = GST_READ_UINT32_BE (data);
--- a/gst/mpegvideoparse/mpegvideoparse.c
+++ b/gst/mpegvideoparse/mpegvideoparse.c
@ -206,7 +206,7 @@ mpegvideoparse_handle_sequence (MpegVideoParse * mpegvideoparse,
  if (G_UNLIKELY (!mpeg_util_parse_sequence_hdr (&new_hdr, cur, end)))
    return FALSE;

-  if (memcmp (&mpegvideoparse, &new_hdr, sizeof (MPEGSeqHdr)) != 0) {
+  if (memcmp (&mpegvideoparse->seq_hdr, &new_hdr, sizeof (MPEGSeqHdr)) != 0) {
    GstCaps *caps;
    GstBuffer *seq_buf;

@ -216,9 +216,6 @@ mpegvideoparse_handle_sequence (MpegVideoParse * mpegvideoparse,
    gst_buffer_replace (&mpegvideoparse->seq_hdr_buf, seq_buf);
    gst_buffer_unref (seq_buf);

-    /* And update the new_hdr into our stored version */
-    mpegvideoparse->seq_hdr = new_hdr;
-
    caps = gst_caps_new_simple ("video/mpeg",
        "systemstream", G_TYPE_BOOLEAN, FALSE,
        "parsed", G_TYPE_BOOLEAN, TRUE,
@ -232,6 +229,9 @@ mpegvideoparse_handle_sequence (MpegVideoParse * mpegvideoparse,
    GST_DEBUG ("New mpegvideoparse caps: %" GST_PTR_FORMAT, caps);
    if (!gst_pad_set_caps (mpegvideoparse->srcpad, caps))
      return FALSE;
+
+    /* And update the new_hdr into our stored version */
+    mpegvideoparse->seq_hdr = new_hdr;
  }

  return TRUE;
@ -312,8 +312,12 @@ mpegvideoparse_drain_avail (MpegVideoParse * mpegvideoparse)
    if (mpegvideoparse->seq_hdr.mpeg_version == 0) {
      if (cur->flags & MPEG_BLOCK_FLAG_SEQUENCE) {
        /* Found a sequence header */
-        if (!mpegvideoparse_handle_sequence (mpegvideoparse, buf))
-          goto error;
+        if (!mpegvideoparse_handle_sequence (mpegvideoparse, buf)) {
+          GST_DEBUG_OBJECT (mpegvideoparse,
+              "Invalid sequence header. Dropping buffer.");
+          gst_buffer_unref (buf);
+          buf = NULL;
+        }
      } else {
        if (buf) {
          GST_DEBUG_OBJECT (mpegvideoparse,
@ -364,10 +368,6 @@ mpegvideoparse_drain_avail (MpegVideoParse * mpegvideoparse)
  };

  return res;
-error:
-  if (buf != NULL)
-    gst_buffer_unref (buf);
-  return GST_FLOW_ERROR;
 }

 static GstFlowReturn