← Back to branch summary

~jderose/ubuntu/quantal/libav/fix-937561-q

« back to all changes in this revision

Viewing changes to libavformat/mpegts.c

  • Committer: Package Import Robot
  • Author(s): Micah Gersten
  • Date: 2012-03-21 21:18:24 UTC
  • mfrom: (1.2.10)
  • Revision ID: package-import@ubuntu.com-20120321211824-n63p3v3s99q3mxrb
Tags: 4:0.8.1-0ubuntu1
https://launchpad.net/bugs/960949
* New upstream bug and security fix release (FFe: LP: #960949)
  - fixes the following CVEs:
    CVE-2012-0848, CVE-2012-0853, CVE-2012-0858, CVE-2011-3929,
    CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945,
    CVE-2011-3947, CVE-2011-3951, CVE-2011-3952

* Pull fix from Debian git to fix installation of avserver.conf and
  recordshow.sh into libav-tools; Thanks to Julien Cristau for spotting this!
  - update debian/rules

Show diffs side-by-side

added added

removed removed

Lines of Context:
libavformat/mpegts.c
889
889
                /* we got the full header. We parse it and get the payload */
890
890
                pes->state = MPEGTS_PAYLOAD;
891
891
                pes->data_index = 0;
892
 
                if (pes->stream_type == 0x12) {
 
892
                if (pes->stream_type == 0x12 && buf_size > 0) {
893
893
                    int sl_header_bytes = read_sl_header(pes, &pes->sl, p, buf_size);
894
894
                    pes->pes_header_size += sl_header_bytes;
895
895
                    p += sl_header_bytes;
1772
1772
static int handle_packets(MpegTSContext *ts, int nb_packets)
1773
1773
{
1774
1774
    AVFormatContext *s = ts->stream;
1775
 
    uint8_t packet[TS_PACKET_SIZE];
 
1775
    uint8_t packet[TS_PACKET_SIZE+FF_INPUT_BUFFER_PADDING_SIZE];
1776
1776
    int packet_num, ret = 0;
1777
1777
 
1778
1778
    if (avio_tell(s->pb) != ts->last_pos) {
1794
1794
 
1795
1795
    ts->stop_parse = 0;
1796
1796
    packet_num = 0;
 
1797
    memset(packet + TS_PACKET_SIZE, 0, FF_INPUT_BUFFER_PADDING_SIZE);
1797
1798
    for(;;) {
1798
1799
        if (ts->stop_parse>0)
1799
1800
            break;