[vlc-commits] [Git][videolan/vlc][master] 3 commits: demux: mkv: initialize the element we pass as the fallback output

Felix Paul Kühne (@fkuehne) gitlab at videolan.org
Sat May 2 12:31:44 UTC 2026 


Felix Paul Kühne pushed to branch master at VideoLAN / VLC


Commits:
cec1b35a by Steve Lhomme at 2026-05-02T13:42:07+02:00
demux: mkv: initialize the element we pass as the fallback output

The element "returned" in that variable should always be a new element,
but since it's using the value we pass in the code it's better to initialize it.

- - - - -
41425cf3 by Steve Lhomme at 2026-05-02T13:42:07+02:00
contrib: ebml: update to 1.4.5

- - - - -
83f6a75a by Steve Lhomme at 2026-05-02T13:42:07+02:00
contrib: ebml: exit reading loop if upper element found ends after its parent

It could be a file with missing data in the middle.
And we shouldn't use a MaxSizeToRead that would be negative.

- - - - -


5 changed files:

- contrib/src/ebml/0001-EbmlMaster-fix-leak-when-reading-upper-level-element.patch
- + contrib/src/ebml/0002-EbmlMaster-exit-reading-loop-if-upper-element-found-.patch
- contrib/src/ebml/SHA512SUMS
- contrib/src/ebml/rules.mak
- modules/demux/mkv/matroska_segment.hpp


Changes:

=====================================
contrib/src/ebml/0001-EbmlMaster-fix-leak-when-reading-upper-level-element.patch
=====================================
@@ -1,7 +1,7 @@
-From 3660273b4a6b71f9678da744f86a2035fd98fcc2 Mon Sep 17 00:00:00 2001
+From fd2b70256e8e4b35a62a90bfae2ca48e0996d5a2 Mon Sep 17 00:00:00 2001
 From: Steve Lhomme <robux4 at ycbcr.xyz>
 Date: Fri, 25 Jul 2025 14:37:18 +0200
-Subject: [PATCH] EbmlMaster: fix leak when reading upper level elements
+Subject: [PATCH 1/2] EbmlMaster: fix leak when reading upper level elements
 
 When an element from an upper level is found we go up the caller chain,
 passing the found element but it was not actually used (added to a list or freed).
@@ -14,19 +14,15 @@ The new MaxSizeToRead is the size to read in the next inDataStream.FindNextEleme
 The old MaxSizeToRead <= 0 code seems bogus as it would exit the loop
 to find elements for that EbmlMaster even though there might still be elements to read.
 ---
- src/EbmlMaster.cpp | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
+ src/EbmlMaster.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
 
 diff --git a/src/EbmlMaster.cpp b/src/EbmlMaster.cpp
-index 071eb5d..465560f 100644
+index faadfd0..e8a43cc 100644
 --- a/src/EbmlMaster.cpp
 +++ b/src/EbmlMaster.cpp
-@@ -455,9 +455,12 @@ void EbmlMaster::Read(EbmlStream & inDataStream, const EbmlSemanticContext & sCo
- 
-       if (UpperEltFound > 0) {
-         UpperEltFound--;
--        if (UpperEltFound > 0 || MaxSizeToRead <= 0)
-+        if (UpperEltFound > 0)
+@@ -453,6 +453,9 @@ void EbmlMaster::Read(EbmlStream & inDataStream, const EbmlSemanticContext & sCo
+         if (UpperEltFound > 0 || MaxSizeToRead == 0)
            goto processCrc;
          ElementLevelA = FoundElt;
 +        if (IsFiniteSize() && ElementLevelA->IsFiniteSize()) {
@@ -36,5 +32,5 @@ index 071eb5d..465560f 100644
        }
  
 -- 
-2.45.1.windows.1
+2.52.0.windows.1
 


=====================================
contrib/src/ebml/0002-EbmlMaster-exit-reading-loop-if-upper-element-found-.patch
=====================================
@@ -0,0 +1,29 @@
+From e78fb38d6cfef3a8bc5eb7e39f4c210d291f0787 Mon Sep 17 00:00:00 2001
+From: Steve Lhomme <robux4 at ycbcr.xyz>
+Date: Thu, 30 Apr 2026 16:28:00 +0200
+Subject: [PATCH 2/2] EbmlMaster: exit reading loop if upper element found ends
+ after its parent
+
+It could be a file with missing data in the middle.
+And we shouldn't use a MaxSizeToRead that would be negative.
+---
+ src/EbmlMaster.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/EbmlMaster.cpp b/src/EbmlMaster.cpp
+index e8a43cc..9dc291a 100644
+--- a/src/EbmlMaster.cpp
++++ b/src/EbmlMaster.cpp
+@@ -453,6 +453,9 @@ void EbmlMaster::Read(EbmlStream & inDataStream, const EbmlSemanticContext & sCo
+         if (UpperEltFound > 0 || MaxSizeToRead == 0)
+           goto processCrc;
+         ElementLevelA = FoundElt;
++        if (ElementLevelA->GetEndPosition() > GetEndPosition()) {
++          goto processCrc; // found an upper element that ends after this, we were truncated
++        }
+         if (IsFiniteSize() && ElementLevelA->IsFiniteSize()) {
+           MaxSizeToRead = GetEndPosition() - ElementLevelA->GetEndPosition(); // even if it's the default value
+         }
+-- 
+2.52.0.windows.1
+


=====================================
contrib/src/ebml/SHA512SUMS
=====================================
@@ -1 +1 @@
-6a7a544f3f5a273eaab8c71aa692492cbfb671b3d73f03ab76438843a9a7a9379f9cffdae0e1452cf064e43c10ad82424645504a23d7f3336eabcd38f2621d0a  libebml-1.4.3.tar.xz
+6ee2afd538de8b028a1acd4a0f00a8aa230deac297573d868683e96f22fa4953858d3a1d8ab414ac27757f35699e6149f0aaef6eb4d235baa79226d8f36ccb5c  libebml-1.4.5.tar.xz


=====================================
contrib/src/ebml/rules.mak
=====================================
@@ -1,6 +1,6 @@
 # ebml
 
-EBML_VERSION := 1.4.3
+EBML_VERSION := 1.4.5
 EBML_URL := https://dl.matroska.org/downloads/libebml/libebml-$(EBML_VERSION).tar.xz
 
 ifeq ($(call need_pkg,"libebml >= 1.3.8"),)
@@ -17,6 +17,7 @@ ebml: libebml-$(EBML_VERSION).tar.xz .sum-ebml
 	$(APPLY) $(SRC)/ebml/0001-EbmlString-ReadFully-use-automatic-memory-management.patch
 	$(APPLY) $(SRC)/ebml/0002-EbmlUnicodeString-use-std-string-when-reading-instea.patch
 	$(APPLY) $(SRC)/ebml/0001-EbmlMaster-fix-leak-when-reading-upper-level-element.patch
+	$(APPLY) $(SRC)/ebml/0002-EbmlMaster-exit-reading-loop-if-upper-element-found-.patch
 	$(APPLY) $(SRC)/ebml/0001-EbmlHead-do-not-allow-to-have-an-infinite-unknown-si.patch
 	$(MOVE)
 


=====================================
modules/demux/mkv/matroska_segment.hpp
=====================================
@@ -168,7 +168,7 @@ public:
         }
         try
         {
-            EbmlElement *el;
+            EbmlElement *el = nullptr;
             int i_upper_level = 0;
             m.Read( es, EBML_CONTEXT(&m), i_upper_level, el, true, scope );
             if (i_upper_level != 0)



View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/c3ea98cd9abdbaf3516851247f63051a3b19237e...83f6a75a17904013ac3df1da9f8d3baf8293a8f8

-- 
View it on GitLab: https://code.videolan.org/videolan/vlc/-/compare/c3ea98cd9abdbaf3516851247f63051a3b19237e...83f6a75a17904013ac3df1da9f8d3baf8293a8f8
You're receiving this email because of your account on code.videolan.org.

More information about the vlc-commits mailing list