}
}
-static int avi_read_header(AVFormatContext *s, AVFormatParameters *ap)
+static int avi_read_header(AVFormatContext *s)
{
AVIContext *avi = s->priv_data;
AVIOContext *pb = s->pb;
tag = avio_rl32(pb);
size = avio_rl32(pb);
- if(size > avi->fsize){
- av_log(s, AV_LOG_ERROR, "chunk size is too big during header parsing\n");
- goto fail;
- }
-
print_tag("tag", tag, size);
switch(tag) {
st->start_time = 0;
avio_rl32(pb); /* buffer size */
avio_rl32(pb); /* quality */
+ if (ast->cum_len*ast->scale/ast->rate > 3600) {
+ av_log(s, AV_LOG_ERROR, "crazy start time, iam scared, giving up\n");
+ return AVERROR_INVALIDDATA;
+ }
ast->sample_size = avio_rl32(pb); /* sample ssize */
ast->cum_len *= FFMAX(1, ast->sample_size);
// av_log(s, AV_LOG_DEBUG, "%d %d %d %d\n", ast->rate, ast->scale, ast->start, ast->sample_size);
break;
}
- if(size > 10*4 && size<(1<<30)){
+ if(size > 10*4 && size<(1<<30) && size < avi->fsize){
st->codec->extradata_size= size - 10*4;
st->codec->extradata= av_malloc(st->codec->extradata_size + FF_INPUT_BUFFER_PADDING_SIZE);
if (!st->codec->extradata) {
pal_size = FFMIN(pal_size, st->codec->extradata_size);
pal_src = st->codec->extradata + st->codec->extradata_size - pal_size;
-#if HAVE_BIGENDIAN
for (i = 0; i < pal_size/4; i++)
- ast->pal[i] = AV_RL32(pal_src+4*i);
-#else
- memcpy(ast->pal, pal_src, pal_size);
-#endif
+ ast->pal[i] = 0xFF<<24 | AV_RL32(pal_src+4*i);
ast->has_pal = 1;
}
}
}
break;
+ case MKTAG('s', 't', 'r', 'd'):
+ if (stream_index >= (unsigned)s->nb_streams || s->streams[stream_index]->codec->extradata_size) {
+ avio_skip(pb, size);
+ } else {
+ uint64_t cur_pos = avio_tell(pb);
+ if (cur_pos < list_end)
+ size = FFMIN(size, list_end - cur_pos);
+ st = s->streams[stream_index];
+
+ if(size<(1<<30)){
+ st->codec->extradata_size= size;
+ st->codec->extradata= av_malloc(st->codec->extradata_size + FF_INPUT_BUFFER_PADDING_SIZE);
+ if (!st->codec->extradata) {
+ st->codec->extradata_size= 0;
+ return AVERROR(ENOMEM);
+ }
+ avio_read(pb, st->codec->extradata, st->codec->extradata_size);
+ }
+
+ if(st->codec->extradata_size & 1) //FIXME check if the encoder really did this correctly
+ avio_r8(pb);
+ }
+ break;
case MKTAG('i', 'n', 'd', 'x'):
i= avio_tell(pb);
if(pb->seekable && !(s->flags & AVFMT_FLAG_IGNIDX) && avi->use_odml &&
- read_braindead_odml_indx(s, 0) < 0 && s->error_recognition >= FF_ER_EXPLODE){
- goto fail; }
+ read_braindead_odml_indx(s, 0) < 0 && (s->error_recognition & AV_EF_EXPLODE))
+ goto fail;
avio_seek(pb, i+size, SEEK_SET);
break;
case MKTAG('v', 'p', 'r', 'p'):
if(size > 1000000){
av_log(s, AV_LOG_ERROR, "Something went wrong during header parsing, "
"I will ignore it and try to continue anyway.\n");
- if (s->error_recognition >= FF_ER_EXPLODE) goto fail;
+ if (s->error_recognition & AV_EF_EXPLODE)
+ goto fail;
avi->movi_list = avio_tell(pb) - 4;
avi->movi_end = avi->fsize;
goto end_of_header;
avio_rl16(pb); //flags
for (; k <= last; k++)
- ast->pal[k] = avio_rb32(pb)>>8;// b + (g << 8) + (r << 16);
+ ast->pal[k] = 0xFF<<24 | avio_rb32(pb)>>8;// b + (g << 8) + (r << 16);
ast->has_pal= 1;
goto start_sync;
} else if( ((ast->prefix_count<5 || sync+9 > i) && d[2]<128 && d[3]<128) ||