[FFmpeg-soc] [PATCH]aacsbr: Read SBR bits from a second GetBitContext to prevent unrecoverable over-reads and get automatic under-read protection.

Fri, 20 Nov 2009 13:44:43 -0800 

Comments on alternate approaches are welcome.

From 617cf7adc51f7344fba972fbce42daeab37586e2 Mon Sep 17 00:00:00 2001
From: Alex Converse <[email protected]>
Date: Tue, 17 Nov 2009 12:55:36 -0500
Subject: [PATCH 2/5] Read SBR bits from a second GetBitContext to prevent unrecoverable over-reads
 and get automatic under-read protection.
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------1"

This is a multi-part message in MIME format.
--------------1
Content-Type: text/plain; charset=UTF-8; format=fixed
Content-Transfer-Encoding: 8bit

---
 aacsbr.c |   14 ++++++++++----
 1 files changed, 10 insertions(+), 4 deletions(-)


--------------1
Content-Type: text/x-patch; name="0002-Read-SBR-bits-from-a-second-GetBitContext-to-prevent.patch"
Content-Transfer-Encoding: 8bit
Content-Disposition: attachment; filename="0002-Read-SBR-bits-from-a-second-GetBitContext-to-prevent.patch"

diff --git a/aacsbr.c b/aacsbr.c
index 580dfb1..c652fd5 100644
--- a/aacsbr.c
+++ b/aacsbr.c
@@ -792,9 +792,13 @@ static void sbr_reset(AACContext *ac, SpectralBandReplication *sbr)
  * @return  Returns number of bytes consumed from the TYPE_FIL element.
  */
 int ff_decode_sbr_extension(AACContext *ac, SpectralBandReplication *sbr,
-                            GetBitContext *gb, int crc, int cnt, int id_aac)
+                            GetBitContext *gb_host, int crc, int cnt, int id_aac)
 {
     unsigned int num_sbr_bits = 0, num_align_bits;
+    unsigned bytes_read;
+    GetBitContext gbc = *gb_host;
+    GetBitContext *gb = &gbc;
+    skip_bits_long(gb_host, cnt*8 - 4);
 
     if (crc) {
         skip_bits(gb, 10); // bs_sbr_crc_bits; FIXME - implement CRC check
@@ -812,9 +816,11 @@ int ff_decode_sbr_extension(AACContext *ac, SpectralBandReplication *sbr,
     num_sbr_bits  += sbr_data(ac, sbr, gb, id_aac);
     num_align_bits = ((cnt << 3) - 4 - num_sbr_bits) & 7;
 
-    skip_bits(gb, num_align_bits); // bs_fill_bits
-
-    return (num_sbr_bits + num_align_bits + 4) >> 3;
+    bytes_read = ((num_sbr_bits + num_align_bits + 4) / 8);
+    if (bytes_read > cnt) {
+        av_log(ac->avccontext, AV_LOG_ERROR, "Expected to read %d SBR bytes actually read %d.\n", cnt, bytes_read);
+    }
+    return cnt;
 }
 
 // Time/frequency Grid (14496-3 sp04 p200)

--------------1--



_______________________________________________
FFmpeg-soc mailing list
[email protected]
https://lists.mplayerhq.hu/mailman/listinfo/ffmpeg-soc

Reply via email to