[xiph-commits] r3773 - in liboggz/trunk: include/oggz src/liboggz

conrad at svn.annodex.net conrad at svn.annodex.net
Fri Nov 7 20:08:05 PST 2008 

Author: conrad
Date: 2008-11-07 20:08:04 -0800 (Fri, 07 Nov 2008)
New Revision: 3773

Modified:
   liboggz/trunk/include/oggz/oggz_constants.h
   liboggz/trunk/src/liboggz/oggz_read.c
Log:
oggz_read: return an error when a hole (ie. missing sequence number) is detected
in the headers of a track, as such header corruption cannot be tolerated by decoders.
Beyond the headers, skip holes in data as before for robustness.

This should fix Mozilla bug 463756: https://bugzilla.mozilla.org/show_bug.cgi?id=463756
which crashed in vorbis_synthesize() after attempting to decode with corrupt headers.
The method of this fix is adapted from libvorbisfile, but here should work for any
content type. Tested with the file attached to the above bug, with fishsound-info
and oggplay-info, both of which previously crashed.


Modified: liboggz/trunk/include/oggz/oggz_constants.h
===================================================================
--- liboggz/trunk/include/oggz/oggz_constants.h	2008-11-06 09:49:50 UTC (rev 3772)
+++ liboggz/trunk/include/oggz/oggz_constants.h	2008-11-08 04:08:04 UTC (rev 3773)
@@ -170,6 +170,9 @@
   /** no data available from IO, try again */
   OGGZ_ERR_IO_AGAIN                     = -16,
 
+  /** Hole (sequence number gap) detected in input data */
+  OGGZ_ERR_HOLE_IN_DATA                 = -17,
+
   /** The requested serialno does not exist in this OGGZ */
   OGGZ_ERR_BAD_SERIALNO                 = -20,
 

Modified: liboggz/trunk/src/liboggz/oggz_read.c
===================================================================
--- liboggz/trunk/src/liboggz/oggz_read.c	2008-11-06 09:49:50 UTC (rev 3772)
+++ liboggz/trunk/src/liboggz/oggz_read.c	2008-11-08 04:08:04 UTC (rev 3773)
@@ -374,23 +374,29 @@
 
         result = ogg_stream_packetout(os, op);
 
+        /*
+         * libogg flags "holes in the data" (which are really inconsistencies
+         * in the page sequence number) by returning -1.
+         */
         if(result == -1) {
 #ifdef DEBUG
           printf ("oggz_read_sync: hole in the data\n");
 #endif
+          /* We can't tolerate holes in headers, so bail out. */
+          if (stream->packetno < 3) return OGGZ_ERR_HOLE_IN_DATA;
+
+          /* Holes in content occur in some files and pretty much don't matter,
+           * so we silently swallow the notification and reget the packet.
+           */
           result = ogg_stream_packetout(os, op);
           if (result == -1) {
+            /* If the result is *still* -1 then something strange is
+             * happening.
+             */
 #ifdef DEBUG
-            /*
-             * libogg flags "holes in the data" (which are really 
-             * inconsistencies in the page sequence number) by returning
-             * -1.  This occurs in some files and pretty much doesn't matter,
-             *  so we silently swallow the notification and reget the packet.
-             *  If the result is *still* -1 then something strange is happening.
-             */
-            printf ("shouldn't get here");
+            printf ("Multiple holes in data!");
 #endif
-            return -7;
+            return OGGZ_ERR_HOLE_IN_DATA;
           }
         }

More information about the commits mailing list