**[FIX]** fix infinite loop in MP4 file type detector and processor

xopok commented 1 year ago

On bad inputs containing e.g. the following sequence of bytes within the first 1MiB "ff ff ff ff 6d 65 74 61" detect_stream_type was executing an infinite loop because "ff ff ff ff" was interpreted as a length of the candidate "meta" MP4 box, caused the size_t overflow inside isValidMP4Box which pointed nextBoxLocation to the previous byte and the execution flow processed the same "meta" again.

In raising this pull request, I confirm the following (please check boxes):

[x] I have read and understood the contributors guide.
[x] I have checked that another pull request for this purpose does not exist.
[x] I have considered, and confirmed that this submission will be valuable to others.
[x] I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
[x] I give this submission freely, and claim no ownership to its content.
[x] I have mentioned this change in the changelog.

My familiarity with the project is as follows (check one):

[ ] I have never used CCExtractor.
[x] I have used CCExtractor just a couple of times.
[ ] I absolutely love CCExtractor, but have not contributed previously.
[ ] I am an active contributor to CCExtractor.

{pull request content here}

ccextractor-bot commented 1 year ago

CCExtractor CI platform finished running the test files on windows. Below is a summary of the test results:

Report Name	Tests Passed
Broken	13/13
CEA-708	2/14
DVB	4/7
DVD	3/3
DVR-MS	2/2
General	24/27
Hauppage	3/3
MP4	3/3
NoCC	10/10
Options	85/87
Teletext	21/21
WTV	13/13
XDS	31/34

It seems that not all tests were passed completely. This is an indication that the output of some files is not as expected (but might be according to you).

Your PR breaks these cases:

ccextractor -autoprogram -out=srt -latin1 85271be4d2..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 1974a299f0..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 132d7df7e9..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 99e5eaafdc..., Last passed: Never
ccextractor -autoprogram -out=ttxt -xds -latin1 -ucla e274a73653..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 -ucla -xds b22260d065..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 -ucla -xds 88cd42b89a..., Last passed: Never
ccextractor -svc 1 -out=txt -nobom -noru ea83ff7bcb..., Last passed: Never
ccextractor -svc 1 -out=txt f17524b53f..., Last passed: Never
ccextractor -svc 1 -out=txt 80848c45f8..., Last passed: Never
ccextractor -svc 1 -out=txt -nobom -noru b5d6aad89f..., Last passed: Never
ccextractor -svc 1[EUC-KR] -out=txt -noru b5d6aad89f..., Last passed: Never
ccextractor -svc 1 -out=srt da904de35d..., Last passed: Never
ccextractor -svc 1 -out=sami da904de35d..., Last passed: Never
ccextractor -svc 1[EUC-KR] b5d6aad89f..., Last passed: Never
ccextractor -svc 1[EUC-KR] -noru b5d6aad89f..., Last passed: Never
ccextractor -svc all da904de35d..., Last passed: Never
ccextractor -svc all[EUC-KR] b5d6aad89f..., Last passed: Never
ccextractor -svc 1,2[UTF-8],3[EUC-KR],54 -out=txt da904de35d..., Last passed: Never
ccextractor -svc 1 c83f765c66..., Last passed: Never
ccextractor --capfile /repository/Dictionary/MattS_dictionary.txt c83f765c66..., Last passed: Never
ccextractor -stdout -quiet -nofc 79a51f3500..., Last passed: Never
ccextractor -stdout -quiet -nofc 767b546f96..., Last passed: Never

Check the result page for more info.

ccextractor-bot commented 1 year ago

CCExtractor CI platform finished running the test files on linux. Below is a summary of the test results:

Report Name	Tests Passed
Broken	13/13
CEA-708	2/14
DVB	4/7
DVD	3/3
DVR-MS	2/2
General	24/27
Hauppage	3/3
MP4	2/3
NoCC	10/10
Options	82/87
Teletext	21/21
WTV	0/13
XDS	26/34

It seems that not all tests were passed completely. This is an indication that the output of some files is not as expected (but might be according to you).

Your PR breaks these cases:

ccextractor -autoprogram -out=srt -latin1 85271be4d2..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 1974a299f0..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 132d7df7e9..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 99e5eaafdc..., Last passed: Never
ccextractor -out=srt -latin1 f23a544ba8..., Last passed: Never
ccextractor -out=srt -latin1 97cc394d87..., Last passed: Never
ccextractor -out=srt -latin1 10f0f77cf4..., Last passed: Never
ccextractor -out=srt -latin1 df3b4d62d3..., Last passed: Never
ccextractor -out=srt -latin1 d7e7dbdf68..., Last passed: Never
ccextractor -out=srt -latin1 76734ac4a7..., Last passed: Never
ccextractor -out=srt -latin1 c791382c94..., Last passed: Never
ccextractor -out=srt -latin1 f673b2f916..., Last passed: Never
ccextractor -out=srt -latin1 da75bdee47..., Last passed: Never
ccextractor -out=srt -latin1 bd6f33a669..., Last passed: Never
ccextractor -out=srt -latin1 0e5e6b26be..., Last passed: Never
ccextractor -out=srt -latin1 a226cc302d..., Last passed: Never
ccextractor -out=srt -latin1 ae6327683e..., Last passed: Never
ccextractor -autoprogram -out=smptett -latin1 -ucla e274a73653..., Last passed: Never
ccextractor -autoprogram -out=ttxt -xds -latin1 -ucla e274a73653..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 -ucla -xds b22260d065..., Last passed: Never
ccextractor -autoprogram -out=srt -latin1 -ucla b22260d065..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 -xds -ucla c813e713a0..., Last passed: Never
ccextractor -autoprogram -out=srt -latin1 -ucla c813e713a0..., Last passed: Never
ccextractor -autoprogram -out=srt -latin1 -ucla c8dc039a88..., Last passed: Never
ccextractor -autoprogram -out=ttxt -latin1 -ucla -xds 88cd42b89a..., Last passed: Never
ccextractor -svc 1 -out=txt -nobom -noru ea83ff7bcb..., Last passed: Never
ccextractor -svc 1 -out=txt f17524b53f..., Last passed: Never
ccextractor -svc 1 -out=txt 80848c45f8..., Last passed: Never
ccextractor -svc 1 -out=txt -nobom -noru b5d6aad89f..., Last passed: Never
ccextractor -svc 1[EUC-KR] -out=txt -noru b5d6aad89f..., Last passed: Never
ccextractor -svc 1 -out=srt da904de35d..., Last passed: Never
ccextractor -svc 1 -out=sami da904de35d..., Last passed: Never
ccextractor -svc 1[EUC-KR] b5d6aad89f..., Last passed: Never
ccextractor -svc 1[EUC-KR] -noru b5d6aad89f..., Last passed: Never
ccextractor -svc all da904de35d..., Last passed: Never
ccextractor -svc all[EUC-KR] b5d6aad89f..., Last passed: Never
ccextractor -svc 1,2[UTF-8],3[EUC-KR],54 -out=txt da904de35d..., Last passed: Never
ccextractor -autoprogram -out=srt -latin1 -1 a65d39ccb3..., Last passed: Never
ccextractor -svc 1 c83f765c66..., Last passed: Never
ccextractor -out=spupng c83f765c66..., Last passed: Never
ccextractor --capfile /repository/Dictionary/MattS_dictionary.txt c83f765c66..., Last passed: Never
ccextractor -in=es dc7169d7c4..., Last passed: Never
ccextractor -autoprogram -out=srt -bom -latin1 8849331dda..., Last passed: Never
ccextractor -stdout -quiet -nofc 79a51f3500..., Last passed: Never
ccextractor -stdout -quiet -nofc 767b546f96..., Last passed: Never

Check the result page for more info.

xopok commented 1 year ago

This is actually a more robust fix to https://github.com/CCExtractor/ccextractor/issues/1421. Tests failures look very unrelated.

cfsmp3 commented 1 year ago

It seems sane to me @canihavesomecoffee but I think you're the last one playing with the mp4 stuff? I don't remember :-)

xopok commented 10 months ago

Is there anything blocking this pull request from being merged?

canihavesomecoffee commented 10 months ago

I don't remember why I didn't leave a review, but it looks good to me as well.

CCExtractor / ccextractor

[FIX] fix infinite loop in MP4 file type detector and processor #1566

CCExtractor / ccextractor

**[FIX]** fix infinite loop in MP4 file type detector and processor #1566

[FIX] fix infinite loop in MP4 file type detector and processor #1566