FaSTTUBe/GST-Tensordecoder-ov_ep
37
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

rtpjpegpay: cleanups for DRI markers

Browse Source 
Protect against invalid DRI markers.
do some cleanups
This commit is contained in:
Wim Taymans 2010-09-13 17:31:35 +02:00
parent 0f3151c73b
commit 604c6555a4
1 changed files with 54 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
gst/rtp/gstrtpjpegpay.c
View File

@ -209,11 +209,10 @@ typedef struct
typedef struct typedef struct
{ {
guint16 restartInterval; guint16 restart_interval;
guint16 restartFirstLastCount; guint16 restart_count;
} RtpRestartMarkerHeader; } RtpRestartMarkerHeader;
typedef struct typedef struct
{ {
guint8 id; guint8 id;
@ -541,6 +540,44 @@ invalid_comp:
} }
} }
static gboolean
gst_rtp_jpeg_pay_read_dri (GstRtpJPEGPay * pay, const guint8 * data,
guint size, guint * offset, RtpRestartMarkerHeader * dri)
{
guint dri_size, off;
off = *offset;
/* we need at least 4 bytes for the DRI */
if (off + 4 > size)
goto wrong_size;
dri_size = gst_rtp_jpeg_pay_header_size (data, off);
if (dri_size < 4)
goto wrong_length;
*offset += dri_size;
off += 2;
dri->restart_interval = g_htons ((data[off] << 8) | (data[off + 1]));
dri->restart_count = g_htons (0xFFFF);
return dri->restart_interval > 0;
wrong_size:
{
GST_WARNING ("not enough data for DRI");
*offset = size;
return FALSE;
}
wrong_length:
{
GST_WARNING ("DRI size too small (%u)", dri_size);
*offset += dri_size;
return FALSE;
}
}
static RtpJpegMarker static RtpJpegMarker
gst_rtp_jpeg_pay_scan_marker (const guint8 * data, guint size, guint * offset) gst_rtp_jpeg_pay_scan_marker (const guint8 * data, guint size, guint * offset)
{ {
@ -633,11 +670,9 @@ gst_rtp_jpeg_pay_handle_buffer (GstBaseRTPPayload * basepayload,
break; break;
case JPEG_MARKER_DRI: case JPEG_MARKER_DRI:
GST_LOG_OBJECT (pay, "DRI found"); GST_LOG_OBJECT (pay, "DRI found");
restart_marker_header.restartInterval=g_htons((data[offset+2] << 8) | (data[offset + 3])); if (gst_rtp_jpeg_pay_read_dri (pay, data, size, &offset,
restart_marker_header.restartFirstLastCount=g_htons(0xFFFF); &restart_marker_header))
if (restart_marker_header.restartInterval > 0) {
dri_found = TRUE; dri_found = TRUE;
}
break; break;
default: default:
break; break;
@ -714,13 +749,13 @@ gst_rtp_jpeg_pay_handle_buffer (GstBaseRTPPayload * basepayload,
guint payload_size = (bytes_left < mtu ? bytes_left : mtu); guint payload_size = (bytes_left < mtu ? bytes_left : mtu);
if (pay->buffer_list) { if (pay->buffer_list) {
if (dri_found){ guint header_size;
outbuf = gst_rtp_buffer_new_allocate (sizeof (jpeg_header) +
sizeof (restart_marker_header) + quant_data_size, 0, 0); header_size = sizeof (jpeg_header) + quant_data_size;
} else { if (dri_found)
outbuf = gst_rtp_buffer_new_allocate (sizeof (jpeg_header) + header_size += sizeof (restart_marker_header);
quant_data_size, 0, 0);
} outbuf = gst_rtp_buffer_new_allocate (header_size, 0, 0);
} else { } else {
outbuf = gst_rtp_buffer_new_allocate (payload_size, 0, 0); outbuf = gst_rtp_buffer_new_allocate (payload_size, 0, 0);
} }
@ -745,8 +780,7 @@ gst_rtp_jpeg_pay_handle_buffer (GstBaseRTPPayload * basepayload,
payload += sizeof (jpeg_header); payload += sizeof (jpeg_header);
payload_size -= sizeof (jpeg_header); payload_size -= sizeof (jpeg_header);
if (dri_found) if (dri_found) {
{
memcpy (payload, &restart_marker_header, sizeof (restart_marker_header)); memcpy (payload, &restart_marker_header, sizeof (restart_marker_header));
payload += sizeof (restart_marker_header); payload += sizeof (restart_marker_header);
payload_size -= sizeof (restart_marker_header); payload_size -= sizeof (restart_marker_header);