Dear all
Maybe it will be useful for someone. Please find attached a patch I
made, gathering patch made by other people (especialy from Fabian Keil
in an email from Sat, 14 Jul 2012).
I added on it an additionnal check (ptt[i].pgcn-1 >=
ifo->vts_pgcit->nr_of_pgci_srp) that helps reading one of my broken
ripped DVD.
Regards
Vincent
diff -Naubr libdvdnav-4.2.0/src/searching.c libdvdnav-4.2.0.new/src/searching.c
--- libdvdnav-4.2.0/src/searching.c 2011-10-07 19:06:24.000000000 +0200
+++ libdvdnav-4.2.0.new/src/searching.c 2012-08-12 14:36:50.070060100 +0200
@@ -616,19 +616,34 @@
length = 0;
for(i=0; i<parts; i++) {
uint32_t cellnr, endcellnr;
+ if (ptt[i].pgcn-1 >= ifo->vts_pgcit->nr_of_pgci_srp || ifo->vts_pgcit->pgci_srp[ptt[i].pgcn-1].pgc_start_byte >= ifo->vts_pgcit
+->last_byte) {
+ printerr("PGC start out of bounds");
+ continue;
+ }
pgc = ifo->vts_pgcit->pgci_srp[ptt[i].pgcn-1].pgc;
+ if (pgc == NULL) {
+ printerr("PGC missing.");
+ continue;
+ }
if(ptt[i].pgn > pgc->nr_of_programs) {
printerr("WRONG part number.");
goto fail;
}
-
- cellnr = pgc->program_map[ptt[i].pgn-1];
+ if (pgc->nr_of_cells == 0) {
+ printerr("Number of cells cannot be 0");
+ continue;
+ }
+ if ((cellnr = pgc->program_map[ptt[i].pgn-1]) == 0) {
+ printerr("Cell new row cannot be 0");
+ continue;
+ }
if(ptt[i].pgn < pgc->nr_of_programs)
endcellnr = pgc->program_map[ptt[i].pgn];
else
endcellnr = 0;
- do {
+ while(cellnr < endcellnr) {
cell = &pgc->cell_playback[cellnr-1];
if(!(cell->block_type == BLOCK_TYPE_ANGLE_BLOCK &&
cell->block_mode != BLOCK_MODE_FIRST_CELL
@@ -638,7 +653,7 @@
length = tmp[i];
}
cellnr++;
- } while(cellnr < endcellnr);
+ }
}
*duration = length;
vm_ifo_close(ifo);
_______________________________________________
DVDnav-discuss mailing list
[email protected]
https://lists.mplayerhq.hu/mailman/listinfo/dvdnav-discuss
