[Live-devel] some initializations missing in H263plusVideoRTPSource
David BERTRAND
bidibulle at operamail.com
Wed Jan 25 14:20:37 PST 2006
Dear Ross,
While using your library (latest release) with buggy H263 1998 video stream as input I encountered core dumps. Actually, fields fNumSpecialHeaders and fSpecialHeaderBytesLength aren't initialized in constructor and if your receive a buggy H263+ input stream without P bit in the first packet, then your apps may crash. Indeed, those fields are set to 0 each time a P bit is met.
Extract of the code :
// Make a copy of the special header bytes, in case a reader
// can use them:
unsigned bytesAvailable = SPECIAL_HEADER_BUFFER_SIZE -fSpecialHeaderBytesLength - 1;
if (expectedHeaderSize <= bytesAvailable) {
fSpecialHeaderBytes[fSpecialHeaderBytesLength++] = expectedHeaderSize;
Here, if fSpecialHeaderBytesLength is not initialized correctly (with 0) it can have a value out of array bounds.
Thanks in advance for your feedback
David
--
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 8 at http://www.opera.com
Powered by Outblaze
More information about the live-devel
mailing list