diff options
| author | Xiaohan Wang <xhwang@chromium.org> | 2018-02-23 17:04:41 -0800 |
|---|---|---|
| committer | Michael Niedermayer <michael@niedermayer.cc> | 2018-03-01 22:54:49 +0100 |
| commit | f5f2209d689cd17f4bce7ce5c4f0b1634befc785 (patch) | |
| tree | 83f61651dbcbc6aa584247434048b7c170a85d62 | |
| parent | f50741147ccac999a8a3e8a15244cbe525537622 (diff) | |
| download | ffmpeg-f5f2209d689cd17f4bce7ce5c4f0b1634befc785.tar.gz | |
ffmpeg: Fix memset size on ctts_data in mov_read_trun() (round 2)
The allocated size of sc->ctts_data is
(st->nb_index_entries + entries) * sizeof(*sc->ctts_data).
The size to memset at offset sc->ctts_data + sc->ctts_count should be
(st->nb_index_entries + entries - sc->ctts_count) *
sizeof(*sc->ctts_data))
The current code missed |entries| I believe, which was introduced in
https://patchwork.ffmpeg.org/patch/5541/.
However, after offline discussion, it seems the original code is much
more clear to read (before https://patchwork.ffmpeg.org/patch/5541/).
Hence this CL revert the memset logic to it's previous state by
remembering the |old_ctts_allocated_size|, and only memset the newly
allocated entries.
BUG=812567
Change-Id: Ibe94c7138e5818bfaae76866bfa6619a9b8a2b6b
Reviewed-on: https://chromium-review.googlesource.com/934925
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
| -rw-r--r-- | libavformat/mov.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c index 04567fc475..f01116874c 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -4596,6 +4596,7 @@ static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom) int64_t prev_dts = AV_NOPTS_VALUE; int next_frag_index = -1, index_entry_pos; size_t requested_size; + size_t old_ctts_allocated_size; AVIndexEntry *new_entries; MOVFragmentStreamInfo * frag_stream_info; @@ -4688,6 +4689,7 @@ static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom) st->index_entries= new_entries; requested_size = (st->nb_index_entries + entries) * sizeof(*sc->ctts_data); + old_ctts_allocated_size = sc->ctts_allocated_size; ctts_data = av_fast_realloc(sc->ctts_data, &sc->ctts_allocated_size, requested_size); if (!ctts_data) @@ -4697,8 +4699,8 @@ static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom) // In case there were samples without ctts entries, ensure they get // zero valued entries. This ensures clips which mix boxes with and // without ctts entries don't pickup uninitialized data. - memset(sc->ctts_data + sc->ctts_count, 0, - (st->nb_index_entries - sc->ctts_count) * sizeof(*sc->ctts_data)); + memset((uint8_t*)(sc->ctts_data) + old_ctts_allocated_size, 0, + sc->ctts_allocated_size - old_ctts_allocated_size); if (index_entry_pos < st->nb_index_entries) { // Make hole in index_entries and ctts_data for new samples |