[vlc-commits] AVI: fix potential crash on seek (Closes: LP#803006)

Rémi Denis-Courmont git at videolan.org
Sat Aug 6 15:28:39 CEST 2011 

vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Sat Aug  6 16:23:18 2011 +0300| [2344ab6ae1f2db7e1c079edeecaec410ad52b119] | committer: Rémi Denis-Courmont

AVI: fix potential crash on seek (Closes: LP#803006)

If all activated streams are EOF ones, 'i_stream' was incorrectly set
to p_sys->i_track. Then AVI_StreamChunkSet() crashes.

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=2344ab6ae1f2db7e1c079edeecaec410ad52b119
---

 modules/demux/avi/avi.c |   21 ++++++++++++---------
 1 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/modules/demux/avi/avi.c b/modules/demux/avi/avi.c
index 66b8428..4e1e506 100644
--- a/modules/demux/avi/avi.c
+++ b/modules/demux/avi/avi.c
@@ -1303,15 +1303,16 @@ static int Seek( demux_t *p_demux, mtime_t i_date, int i_percent )
 {
 
     demux_sys_t *p_sys = p_demux->p_sys;
-    unsigned int i_stream;
     msg_Dbg( p_demux, "seek requested: %"PRId64" seconds %d%%",
              i_date / 1000000, i_percent );
 
     if( p_sys->b_seekable )
     {
+        unsigned i_stream;
+
         if( !p_sys->i_length )
         {
-            avi_track_t *p_stream;
+            avi_track_t *p_stream = NULL;
             int64_t i_pos;
 
             /* use i_percent to create a true i_date */
@@ -1327,17 +1328,19 @@ static int Seek( demux_t *p_demux, mtime_t i_date, int i_percent )
             /* try to find chunk that is at i_percent or the file */
             i_pos = __MAX( i_percent * stream_Size( p_demux->s ) / 100,
                            p_sys->i_movi_begin );
-            /* search first selected stream (and prefer non eof ones) */
-            for( i_stream = 0, p_stream = NULL;
-                        i_stream < p_sys->i_track; i_stream++ )
+            /* search first selected stream (and prefer non-EOF ones) */
+            for( unsigned i = 0; i < p_sys->i_track; i++ )
             {
-                if( !p_stream || p_stream->b_eof )
-                    p_stream = p_sys->track[i_stream];
+                avi_track_t *p_track = p_sys->track[i];
+                if( !p_track->b_activated )
+                    continue;
 
-                if( p_stream->b_activated && !p_stream->b_eof )
+                p_stream = p_track;
+                i_stream = i;
+                if( !p_track->b_eof )
                     break;
             }
-            if( !p_stream || !p_stream->b_activated )
+            if( p_stream == NULL )
             {
                 msg_Warn( p_demux, "cannot find any selected stream" );
                 return VLC_EGENERIC;

More information about the vlc-commits mailing list