[opus] [PATCH] Fixed LibOpusEnc packet buffer reallocation by excluding the MAX_HEADER_SIZE parameter from the calculation of the new buffer size.

sven.fisch.er at web.de sven.fisch.er at web.de
Mon Feb 8 23:37:10 UTC 2021 

Hi!

I'm currently converting some Flac-files to Opus, using a modified "gapless" version of OpusEnc. Doing so I encountered a few albums that crashed the encoder, due to a memory access violation.

This seemed to be very specific to the order in which files are processed and the included meta data (tags and pictures). So I had a look at the source code and I thing there's a bug in the current version of LibOpusEnc. At some point the packet buffer needes to be resized, but the MAX_HEADER_SIZE parameter causes an inconsistency. If the buffer must be enlarged by a small number of bytes and this number is smaller than the maximum header size, the buffer won't be resized.

I've tried to prepare a patch for this issue (see below). It would be great if someone could have a look at this. Thanks.

Kind regards,
Sven

 

>From 347472e6ebdb9164ff9733e08ffb7a6dbd23d0df Mon Sep 17 00:00:00 2001
From: Sven Fischer
Date: Mon, 8 Feb 2021 22:53:49 +0100
Subject: [PATCH] Fixed libopusenc packet buffer reallocation by excluding the MAX_HEADER_SIZE parameter from the calculation of the new buffer size.
---
 src/ogg_packer.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ogg_packer.c b/src/ogg_packer.c
index 39d5534..e7d28a6 100644
--- a/src/ogg_packer.c
+++ b/src/ogg_packer.c
@@ -241,10 +241,10 @@ unsigned char *oggp_get_packet_buffer(oggpacker *oggp, oggp_int32 bytes) {
     if (oggp->buf_fill + bytes > oggp->buf_size) {
       size_t newsize;
       unsigned char *newbuf;
-      newsize = oggp->buf_fill + bytes + MAX_HEADER_SIZE;
+      newsize = oggp->buf_fill + bytes;
       /* Making sure we don't need to do that too often. */
       newsize = newsize*3/2;
-      newbuf = realloc(oggp->alloc_buf, newsize);
+      newbuf = realloc(oggp->alloc_buf, newsize + MAX_HEADER_SIZE);
       if (newbuf != NULL) {
         oggp->alloc_buf = newbuf;
         oggp->buf_size = newsize;
-- 
2.25.1
 

More information about the opus mailing list