search

MikaTake / lavfilters

lavfilters
GNU General Public License v2.0
0 stars 0 forks source link

Access violation in CLAVVideo::DecideBufferSize #334

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Hello,

lavfsplitter-HEAD-3299afd

It is possible with some filters to get access violation in method 
CLAVVideo::DecideBufferSize in LAVVideo.cpp line 531.

You written:
BITMAPINFOHEADER *pBIH = NULL;
CMediaType mtOut = m_pOutput->CurrentMediaType();
videoFormatTypeHandler(mtOut.Format(), mtOut.FormatType(), &pBIH, NULL);
...
pProperties->cbBuffer = pBIH->biSizeImage;

It is possible to have partially specified mtOut with Format equal NULL here. 
And after videoFormatTypeHandler() you'll have pBIH still NULL. 
This is very rare case but anyway I believe it is bad idea to use pointer 
without checking it against NULL.

Original issue reported on code.google.com by DavisRDa...@gmail.com on 26 Feb 2013 at 12:42

GoogleCodeExporter commented 9 years ago 
The Output Media Type is being specified by me, and always complete, so how 
could it ever not contain a format?

Original comment by h.lepp...@gmail.com on 26 Feb 2013 at 7:57

GoogleCodeExporter commented 9 years ago 
In fact I've found this place after I faced access violation in my application 
when it try to work with LAV filters. After I compiled LAV filters I traced 
whole path.
My app uses my variation of sample grabber filter based on CTransInPlaceFilter.
In its CInPin::GetMediaType method I return two partially specified media 
types(only type and subtype set).
And when LAVVideo filter out pin connects to my grabber filter in pin it first 
tries my media types and my partially specified media type appears in 
m_pOutput->CurrentMediaType() in code in first post. Really.
Then I read this about GetMediaType method: 

// used to help speed input pin connection times. We return a partially
// specified media type - only the main type is specified. If we return
// anything BUT a major type, some codecs written improperly will crash

After I stop specifying subtype here error gone.
But all this history show us that you can get partially specifyed media type in 
this place, so it is better to check pointer I think.

Original comment by DavisRDa...@gmail.com on 27 Feb 2013 at 8:20

GoogleCodeExporter commented 9 years ago 
This issue was closed by revision 045c141e03c0.

Original comment by h.lepp...@gmail.com on 27 Feb 2013 at 6:32