{
int res = 0;
- if (end - start < nal_length_size) {
+ if (end - start < nal_length_size)
return NULL;
- }
- while (nal_length_size--) {
+ while (nal_length_size--)
res = (res << 8) | *start++;
- }
- if (end - start < res) {
+ if (start + res > end || res < 0 || start + res < start)
return NULL;
- }
- return res + start;
+ return start + res;
}
static void nal_send(AVFormatContext *s1, const uint8_t *buf, int size, int last)
void ff_rtp_send_h264(AVFormatContext *s1, const uint8_t *buf1, int size)
{
- const uint8_t *r;
+ const uint8_t *r, *end = buf1 + size;
RTPMuxContext *s = s1->priv_data;
s->timestamp = s->cur_timestamp;
- r = s->nal_length_size ? (avc_mp4_find_startcode(buf1, buf1 + size, s->nal_length_size) ? buf1 : buf1 + size) : ff_avc_find_startcode(buf1, buf1 + size);
- while (r < buf1 + size) {
+ if (s->nal_length_size)
+ r = avc_mp4_find_startcode(buf1, end, s->nal_length_size) ? buf1 : end;
+ else
+ r = ff_avc_find_startcode(buf1, end);
+ while (r < end) {
const uint8_t *r1;
if (s->nal_length_size) {
- r1 = avc_mp4_find_startcode(r, buf1 + size, s->nal_length_size);
- if (!r1) {
- r1 = buf1 + size;
- }
+ r1 = avc_mp4_find_startcode(r, end, s->nal_length_size);
+ if (!r1)
+ r1 = end;
r += s->nal_length_size;
} else {
- while(!*(r++));
- r1 = ff_avc_find_startcode(r, buf1 + size);
+ while (!*(r++));
+ r1 = ff_avc_find_startcode(r, end);
}
- nal_send(s1, r, r1 - r, (r1 == buf1 + size));
+ nal_send(s1, r, r1 - r, r1 == end);
r = r1;
}
}
projects / ffmpeg / blobdiff