flvdec: Add sanity checking of the last packet size

For http, this avoids spurious warnings about failed requests (e.g. HTTP error 416 Requested Range Not Satisfiable), if the last packet is truncated and the size read is bogus. Signed-off-by: Martin Storsjö <martin@martin.st>

flvdec: Add sanity checking of the last packet size
For http, this avoids spurious warnings about failed requests (e.g. HTTP error 416 Requested Range Not Satisfiable), if the last packet is truncated and the size read is bogus. Signed-off-by: Martin Storsjö <martin@martin.st>
e4eb13ca · Martin Storsjö · 09f4822e · e4eb13ca
Commit e4eb13ca authored Jan 19, 2016 by Martin Storsjö
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 7 deletions

flvdec.c libavformat/flvdec.c +9 -7

No files found.
--- a/libavformat/flvdec.c
+++ b/libavformat/flvdec.c
@@ -846,13 +846,15 @@ skip:
        const int64_t fsize = avio_size(s->pb);
        avio_seek(s->pb, fsize - 4, SEEK_SET);
        size = avio_rb32(s->pb);
-        // Seek to the start of the last FLV tag at position (fsize - 4 - size)
-        // but skip the byte indicating the type.
-        avio_seek(s->pb, fsize - 3 - size, SEEK_SET);
-        if (size == avio_rb24(s->pb) + 11) {
-            uint32_t ts = avio_rb24(s->pb);
-            ts         |= avio_r8(s->pb) << 24;
-            s->duration = ts * (int64_t)AV_TIME_BASE / 1000;
+        if (size > 0 && size < fsize) {
+            // Seek to the start of the last FLV tag at position (fsize - 4 - size)
+            // but skip the byte indicating the type.
+            avio_seek(s->pb, fsize - 3 - size, SEEK_SET);
+            if (size == avio_rb24(s->pb) + 11) {
+                uint32_t ts = avio_rb24(s->pb);
+                ts         |= avio_r8(s->pb) << 24;
+                s->duration = ts * (int64_t)AV_TIME_BASE / 1000;
+            }
        }
        avio_seek(s->pb, pos, SEEK_SET);
        flv->searched_for_end = 1;