| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * MOV demuxer | 2 * MOV demuxer |
| 3 * Copyright (c) 2001 Fabrice Bellard | 3 * Copyright (c) 2001 Fabrice Bellard |
| 4 * Copyright (c) 2009 Baptiste Coudurier <baptiste dot coudurier at gmail dot co
m> | 4 * Copyright (c) 2009 Baptiste Coudurier <baptiste dot coudurier at gmail dot co
m> |
| 5 * | 5 * |
| 6 * This file is part of FFmpeg. | 6 * This file is part of FFmpeg. |
| 7 * | 7 * |
| 8 * FFmpeg is free software; you can redistribute it and/or | 8 * FFmpeg is free software; you can redistribute it and/or |
| 9 * modify it under the terms of the GNU Lesser General Public | 9 * modify it under the terms of the GNU Lesser General Public |
| 10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
| (...skipping 1540 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1551 } | 1551 } |
| 1552 } | 1552 } |
| 1553 | 1553 |
| 1554 /* only use old uncompressed audio chunk demuxing when stts specifies it */ | 1554 /* only use old uncompressed audio chunk demuxing when stts specifies it */ |
| 1555 if (!(st->codec->codec_type == AVMEDIA_TYPE_AUDIO && | 1555 if (!(st->codec->codec_type == AVMEDIA_TYPE_AUDIO && |
| 1556 sc->stts_count == 1 && sc->stts_data[0].duration == 1)) { | 1556 sc->stts_count == 1 && sc->stts_data[0].duration == 1)) { |
| 1557 unsigned int current_sample = 0; | 1557 unsigned int current_sample = 0; |
| 1558 unsigned int stts_sample = 0; | 1558 unsigned int stts_sample = 0; |
| 1559 unsigned int sample_size; | 1559 unsigned int sample_size; |
| 1560 unsigned int distance = 0; | 1560 unsigned int distance = 0; |
| 1561 int key_off = sc->keyframes && sc->keyframes[0] == 1; | 1561 int key_off = sc->keyframe_count && sc->keyframes[0] == 1; |
| 1562 | 1562 |
| 1563 current_dts -= sc->dts_shift; | 1563 current_dts -= sc->dts_shift; |
| 1564 | 1564 |
| 1565 if (sc->sample_count >= UINT_MAX / sizeof(*st->index_entries)) | 1565 if (sc->sample_count >= UINT_MAX / sizeof(*st->index_entries)) |
| 1566 return; | 1566 return; |
| 1567 st->index_entries = av_malloc(sc->sample_count*sizeof(*st->index_entries
)); | 1567 st->index_entries = av_malloc(sc->sample_count*sizeof(*st->index_entries
)); |
| 1568 if (!st->index_entries) | 1568 if (!st->index_entries) |
| 1569 return; | 1569 return; |
| 1570 st->index_entries_allocated_size = sc->sample_count*sizeof(*st->index_en
tries); | 1570 st->index_entries_allocated_size = sc->sample_count*sizeof(*st->index_en
tries); |
| 1571 | 1571 |
| (...skipping 1060 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2632 AVInputFormat ff_mov_demuxer = { | 2632 AVInputFormat ff_mov_demuxer = { |
| 2633 "mov,mp4,m4a,3gp,3g2,mj2", | 2633 "mov,mp4,m4a,3gp,3g2,mj2", |
| 2634 NULL_IF_CONFIG_SMALL("QuickTime/MPEG-4/Motion JPEG 2000 format"), | 2634 NULL_IF_CONFIG_SMALL("QuickTime/MPEG-4/Motion JPEG 2000 format"), |
| 2635 sizeof(MOVContext), | 2635 sizeof(MOVContext), |
| 2636 mov_probe, | 2636 mov_probe, |
| 2637 mov_read_header, | 2637 mov_read_header, |
| 2638 mov_read_packet, | 2638 mov_read_packet, |
| 2639 mov_read_close, | 2639 mov_read_close, |
| 2640 mov_read_seek, | 2640 mov_read_seek, |
| 2641 }; | 2641 }; |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9309087:
Fix fairly harmless OOB read from MAV_0001.3G2.asan.4f.188 (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/ffmpeg/