replace (disabled by default) assert(0) by abort() if the picture buffer

overflows due to a buggy codec note, ive not checked if such overflows could have been exploitable before this commit git-svn-id: file:///var/local/repositories/ffmpeg/trunk@10777 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b

replace (disabled by default) assert(0) by abort() if the picture buffer
overflows due to a buggy codec note, ive not checked if such overflows could have been exploitable before this commit git-svn-id: file:///var/local/repositories/ffmpeg/trunk@10777 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
8429f189 · michael · f0d39f34 · 8429f189
Commit 8429f189 authored Oct 18, 2007 by michael
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 1 deletion

libavcodec/mpegvideo.c libavcodec/mpegvideo.c +13 -1

No files found.
--- a/libavcodec/mpegvideo.c
+++ b/libavcodec/mpegvideo.c
@@ -842,7 +842,19 @@ int ff_find_unused_picture(MpegEncContext *s, int shared){
        }
    }
-    assert(0);
+    av_log(s->avctx, AV_LOG_FATAL, "Internal error, picture buffer overflow\n");
+    /*we could return -1 but the codec would crash anyway, trying to draw
+      into, a non existing frame, this is safer than waiting for a random crash
+      also the return of this is never usefull, a encoder must only allocate
+      as many as allowed in the spec which has no relation to how many lavc
+      could allocate (and MAX_PICTURE_COUNT is always large enough for such
+      valid streams)
+      and a decoder has to check stream validity and remove frames if too many
+      reference frames are around. waiting for "OOM" is not correct at all, it
+      similarely has to replace missing reference frames by (interpolated/MC)
+      frames anything else is a bug in the codec ...
+    */
+    abort();
    return -1;
 }