static int32_t mp4ff_read_stsz(mp4ff_t * f)
{
+ int32_t i;
+ mp4ff_track_t *t;
+
if (f->total_tracks == 0)
return f->error++;
-
+ t = f->track[f->total_tracks - 1];
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- f->track[f->total_tracks - 1]->stsz_sample_size = mp4ff_read_int32(f);
- f->track[f->total_tracks - 1]->stsz_sample_count = mp4ff_read_int32(f);
-
- if (f->track[f->total_tracks - 1]->stsz_sample_size == 0) {
- int32_t i;
- f->track[f->total_tracks - 1]->stsz_table =
- para_malloc(f->track[f->total_tracks - 1]->stsz_sample_count
- * sizeof (int32_t));
- for (i = 0; i < f->track[f->total_tracks - 1]->stsz_sample_count
- && !f->stream->read_error; i++) {
- f->track[f->total_tracks - 1]->stsz_table[i] = mp4ff_read_int32(f);
- }
- }
+ t->stsz_sample_size = mp4ff_read_int32(f);
+ t->stsz_sample_count = mp4ff_read_int32(f);
+ if (t->stsz_sample_size != 0)
+ return 0;
+ t->stsz_table = para_malloc(t->stsz_sample_count * sizeof(int32_t));
+ for (i = 0; i < t->stsz_sample_count && !f->stream->read_error; i++)
+ t->stsz_table[i] = mp4ff_read_int32(f);
return 0;
}
static int32_t mp4ff_read_stts(mp4ff_t * f)
{
int32_t i;
- mp4ff_track_t *p_track;
+ mp4ff_track_t *t;
/* CVE-2017-9223 */
if (f->total_tracks == 0)
return f->error++;
-
- p_track = f->track[f->total_tracks - 1];
-
- if (p_track->stts_entry_count)
+ t = f->track[f->total_tracks - 1];
+ if (t->stts_entry_count)
return 0;
-
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- p_track->stts_entry_count = mp4ff_read_int32(f);
+ t->stts_entry_count = mp4ff_read_int32(f);
- p_track->stts_sample_count = para_malloc(p_track->stts_entry_count
- * sizeof (int32_t));
- p_track->stts_sample_delta = para_malloc(p_track->stts_entry_count
+ t->stts_sample_count = para_malloc(t->stts_entry_count
+ * sizeof(int32_t));
+ t->stts_sample_delta = para_malloc(t->stts_entry_count
* sizeof (int32_t));
- for (i = 0; i < f->track[f->total_tracks - 1]->stts_entry_count && !f->stream->read_error; i++) { /* CVE-2017-9254 */
- p_track->stts_sample_count[i] = mp4ff_read_int32(f);
- p_track->stts_sample_delta[i] = mp4ff_read_int32(f);
+ /* CVE-2017-9254 */
+ for (i = 0; i < t->stts_entry_count && !f->stream->read_error; i++) {
+ t->stts_sample_count[i] = mp4ff_read_int32(f);
+ t->stts_sample_delta[i] = mp4ff_read_int32(f);
}
return 1;
}
static int32_t mp4ff_read_ctts(mp4ff_t * f)
{
int32_t i;
- mp4ff_track_t *p_track;
+ mp4ff_track_t *t;
if (f->total_tracks == 0)
return f->error++;
-
- p_track = f->track[f->total_tracks - 1];
- if (p_track->ctts_entry_count)
+ t = f->track[f->total_tracks - 1];
+ if (t->ctts_entry_count)
return 0;
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- p_track->ctts_entry_count = mp4ff_read_int32(f);
+ t->ctts_entry_count = mp4ff_read_int32(f);
- p_track->ctts_sample_count = para_malloc(p_track->ctts_entry_count
+ t->ctts_sample_count = para_malloc(t->ctts_entry_count
* sizeof (int32_t));
- p_track->ctts_sample_offset = para_malloc(p_track->ctts_entry_count
+ t->ctts_sample_offset = para_malloc(t->ctts_entry_count
* sizeof (int32_t));
- for (i = 0; i < f->track[f->total_tracks - 1]->ctts_entry_count && !f->stream->read_error; i++) { /* CVE-2017-9257 */
- p_track->ctts_sample_count[i] = mp4ff_read_int32(f);
- p_track->ctts_sample_offset[i] = mp4ff_read_int32(f);
+ /* CVE-2017-9257 */
+ for (i = 0; i < t->ctts_entry_count && !f->stream->read_error; i++) {
+ t->ctts_sample_count[i] = mp4ff_read_int32(f);
+ t->ctts_sample_offset[i] = mp4ff_read_int32(f);
}
return 1;
}
static int32_t mp4ff_read_stsc(mp4ff_t * f)
{
int32_t i;
+ mp4ff_track_t *t;
if (f->total_tracks == 0)
return f->error++;
+ t = f->track[f->total_tracks - 1];
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- f->track[f->total_tracks - 1]->stsc_entry_count = mp4ff_read_int32(f);
-
- f->track[f->total_tracks - 1]->stsc_first_chunk =
- para_malloc(f->track[f->total_tracks - 1]->stsc_entry_count *
- sizeof (int32_t));
- f->track[f->total_tracks - 1]->stsc_samples_per_chunk =
- para_malloc(f->track[f->total_tracks - 1]->stsc_entry_count *
- sizeof (int32_t));
- f->track[f->total_tracks - 1]->stsc_sample_desc_index =
- para_malloc(f->track[f->total_tracks - 1]->stsc_entry_count *
+ t->stsc_entry_count = mp4ff_read_int32(f);
+ t->stsc_first_chunk = para_malloc(t->stsc_entry_count * sizeof(int32_t));
+ t->stsc_samples_per_chunk = para_malloc(t->stsc_entry_count
+ * sizeof (int32_t));
+ t->stsc_sample_desc_index = para_malloc(t->stsc_entry_count *
sizeof (int32_t));
- for (i = 0; i < f->track[f->total_tracks - 1]->stsc_entry_count && !f->stream->read_error; i++) { /* CVE-2017-9255 */
- f->track[f->total_tracks - 1]->stsc_first_chunk[i] =
- mp4ff_read_int32(f);
- f->track[f->total_tracks - 1]->stsc_samples_per_chunk[i] =
- mp4ff_read_int32(f);
- f->track[f->total_tracks - 1]->stsc_sample_desc_index[i] =
- mp4ff_read_int32(f);
+ /* CVE-2017-9255 */
+ for (i = 0; i < t->stsc_entry_count && !f->stream->read_error; i++) {
+ t->stsc_first_chunk[i] = mp4ff_read_int32(f);
+ t->stsc_samples_per_chunk[i] = mp4ff_read_int32(f);
+ t->stsc_sample_desc_index[i] = mp4ff_read_int32(f);
}
-
return 0;
}
static int32_t mp4ff_read_stco(mp4ff_t * f)
{
int32_t i;
+ mp4ff_track_t *t;
if (f->total_tracks == 0)
return f->error++;
+ t = f->track[f->total_tracks - 1];
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- f->track[f->total_tracks - 1]->stco_entry_count = mp4ff_read_int32(f);
-
- f->track[f->total_tracks - 1]->stco_chunk_offset =
- para_malloc(f->track[f->total_tracks - 1]->stco_entry_count *
- sizeof (int32_t));
- for (i = 0; i < f->track[f->total_tracks - 1]->stco_entry_count && !f->stream->read_error; i++) { /* CVE-2017-9256 */
- f->track[f->total_tracks - 1]->stco_chunk_offset[i] =
- mp4ff_read_int32(f);
- }
-
+ t->stco_entry_count = mp4ff_read_int32(f);
+ t->stco_chunk_offset = para_malloc(t->stco_entry_count
+ * sizeof(int32_t));
+ /* CVE-2017-9256 */
+ for (i = 0; i < t->stco_entry_count && !f->stream->read_error; i++)
+ t->stco_chunk_offset[i] = mp4ff_read_int32(f);
return 0;
}
{
uint8_t tag;
uint32_t temp;
+ mp4ff_track_t *t;
if (f->total_tracks == 0)
return f->error++;
-
+ t = f->track[f->total_tracks - 1];
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
-
/* get and verify ES_DescrTag */
tag = mp4ff_read_char(f);
if (tag == 0x03) {
if (temp < 13)
return 1;
- f->track[f->total_tracks - 1]->audioType = mp4ff_read_char(f);
+ t->audioType = mp4ff_read_char(f);
mp4ff_read_int32(f); //0x15000414 ????
- f->track[f->total_tracks - 1]->maxBitrate = mp4ff_read_int32(f);
- f->track[f->total_tracks - 1]->avgBitrate = mp4ff_read_int32(f);
+ t->maxBitrate = mp4ff_read_int32(f);
+ t->avgBitrate = mp4ff_read_int32(f);
/* get and verify DecSpecificInfoTag */
if (mp4ff_read_char(f) != 0x05) {
}
/* read length */
- f->track[f->total_tracks - 1]->decoderConfigLen =
- mp4ff_read_mp4_descr_length(f);
-
- free(f->track[f->total_tracks - 1]->decoderConfig);
- f->track[f->total_tracks - 1]->decoderConfig =
- para_malloc(f->track[f->total_tracks - 1]->decoderConfigLen);
- if (f->track[f->total_tracks - 1]->decoderConfig) {
- mp4ff_read_data(f, f->track[f->total_tracks - 1]->decoderConfig,
- f->track[f->total_tracks -
- 1]->decoderConfigLen);
- }
+ t->decoderConfigLen = mp4ff_read_mp4_descr_length(f);
+ free(t->decoderConfig);
+ t->decoderConfig = para_malloc(t->decoderConfigLen);
+ mp4ff_read_data(f, t->decoderConfig, t->decoderConfigLen);
/* will skip the remainder of the atom */
return 0;
}
+
static int32_t mp4ff_read_mp4a(mp4ff_t * f)
{
int32_t i;
uint8_t atom_type = 0;
uint8_t header_size = 0;
+ mp4ff_track_t *t;
if (f->total_tracks == 0)
return f->error++;
+ t = f->track[f->total_tracks - 1];
for (i = 0; i < 6; i++) {
mp4ff_read_char(f); /* reserved */
mp4ff_read_int32(f); /* reserved */
mp4ff_read_int32(f); /* reserved */
- f->track[f->total_tracks - 1]->channelCount = mp4ff_read_int16(f);
- f->track[f->total_tracks - 1]->sampleSize = mp4ff_read_int16(f);
+ t->channelCount = mp4ff_read_int16(f);
+ t->sampleSize = mp4ff_read_int16(f);
mp4ff_read_int16(f);
mp4ff_read_int16(f);
- f->track[f->total_tracks - 1]->sampleRate = mp4ff_read_int16(f);
+ t->sampleRate = mp4ff_read_int16(f);
mp4ff_read_int16(f);
{
int32_t i;
uint8_t header_size = 0;
+ mp4ff_track_t *t;
/* CVE-2017-9218 */
if (f->total_tracks == 0)
return f->error++;
+ t = f->track[f->total_tracks - 1];
mp4ff_read_char(f); /* version */
mp4ff_read_int24(f); /* flags */
- f->track[f->total_tracks - 1]->stsd_entry_count = mp4ff_read_int32(f);
+ t->stsd_entry_count = mp4ff_read_int32(f);
- for (i = 0; i < f->track[f->total_tracks - 1]->stsd_entry_count && !f->stream->read_error; i++) { /* CVE-2017-9253 */
+ /* CVE-2017-9253 */
+ for (i = 0; i < t->stsd_entry_count && !f->stream->read_error; i++) {
uint64_t skip = mp4ff_position(f);
uint64_t size;
uint8_t atom_type = 0;
skip += size;
if (atom_type == ATOM_MP4A) {
- f->track[f->total_tracks - 1]->type = TRACK_AUDIO;
+ t->type = TRACK_AUDIO;
mp4ff_read_mp4a(f);
} else if (atom_type == ATOM_MP4V) {
- f->track[f->total_tracks - 1]->type = TRACK_VIDEO;
+ t->type = TRACK_VIDEO;
} else if (atom_type == ATOM_MP4S) {
- f->track[f->total_tracks - 1]->type = TRACK_SYSTEM;
+ t->type = TRACK_SYSTEM;
} else {
- f->track[f->total_tracks - 1]->type = TRACK_UNKNOWN;
+ t->type = TRACK_UNKNOWN;
}
-
mp4ff_set_position(f, skip);
}
static int32_t mp4ff_read_mdhd(mp4ff_t * f)
{
uint32_t version;
+ mp4ff_track_t *t;
/* CVE-2017-9221 */
if (f->total_tracks == 0)
return f->error++;
+ t = f->track[f->total_tracks - 1];
version = mp4ff_read_int32(f);
if (version == 1) {
mp4ff_read_int64(f); //creation-time
mp4ff_read_int64(f); //modification-time
- f->track[f->total_tracks - 1]->timeScale = mp4ff_read_int32(f); //timescale
- f->track[f->total_tracks - 1]->duration = mp4ff_read_int64(f); //duration
- } else //version == 0
- {
+ t->timeScale = mp4ff_read_int32(f); //timescale
+ t->duration = mp4ff_read_int64(f); //duration
+ } else { //version == 0
uint32_t temp;
mp4ff_read_int32(f); //creation-time
mp4ff_read_int32(f); //modification-time
- f->track[f->total_tracks - 1]->timeScale = mp4ff_read_int32(f); //timescale
+ t->timeScale = mp4ff_read_int32(f); //timescale
temp = mp4ff_read_int32(f);
- f->track[f->total_tracks - 1]->duration = (temp == (uint32_t) (-1)) ? (uint64_t) (-1) : (uint64_t) (temp);
+ t->duration = (temp == (uint32_t) (-1))?
+ (uint64_t) (-1) : (uint64_t) (temp);
}
mp4ff_read_int16(f);
mp4ff_read_int16(f);
projects / paraslash.git / commitdiff