program_info_length specifies "the number of bytes of the descriptors" but mumudvb unnecessarily increases that value by PMT_LEN causing it to search for a given descriptor outside the descriptors buffer.
For example, in my case, the current behaviour is as follows (after adding some custom debugging):
program info length 11
>>> descriptors_loop_len: 23
descriptors_loop_len: 23
descriptor tag: 12, length: 4
descriptors_loop_len: 17
descriptor tag: 14, length: 3
descriptors_loop_len: 12
descriptor tag: 27, length: 254
<<< descr 0x9 not found
As you can see, the descriptors buffer is assumed to be 23 bytes whereas program_info_length says it's only 11 bytes. As a result a 3rd, non-existent, descriptor is found (tag: 27) where PMT should have only 2 descriptors (tags: 12 and 14):
That 3rd descriptor detected by mumudvb (tag: 27, length: 254) is, in fact, a program element/component with stream type = 27, which you can see in the image above (analysis done by DVBInspector)
After applying my PR the behaviour changes to:
program info length 11
>>> descriptors_loop_len: 11
descriptors_loop_len: 11
descriptor tag: 12, length: 4
descriptors_loop_len: 5
descriptor tag: 14, length: 3
<<< descr 0x9 not found
(only 2 descriptors detected)
I've also checked other pmt_find_descriptor usages and they are all OK - none of them add anything to the buffer length value.
program_info_length
specifies "the number of bytes of the descriptors" but mumudvb unnecessarily increases that value byPMT_LEN
causing it to search for a given descriptor outside the descriptors buffer.For example, in my case, the current behaviour is as follows (after adding some custom debugging):
As you can see, the descriptors buffer is assumed to be 23 bytes whereas
program_info_length
says it's only 11 bytes. As a result a 3rd, non-existent, descriptor is found (tag: 27) where PMT should have only 2 descriptors (tags: 12 and 14):That 3rd descriptor detected by mumudvb (tag: 27, length: 254) is, in fact, a program element/component with stream type = 27, which you can see in the image above (analysis done by DVBInspector)
After applying my PR the behaviour changes to:
(only 2 descriptors detected)
I've also checked other
pmt_find_descriptor
usages and they are all OK - none of them add anything to the buffer length value.