[vorbis-dev] Am I missing something?
Monty
xiphmont at xiph.org
Sun Feb 4 15:17:56 PST 2001
On Sun, Feb 04, 2001 at 05:52:05PM -0500, Martin C. Martin wrote:
> Hey all,
>
> If my understanding is right, there's a serious big in vorbisfile.c, in
> the routine _fetch_headers(), which will only show up when comment
> packet spans multiple pages. The code to read the first 3 Vorbis
> packets ogg_stream_pagein() once, then calls ogg_stream_packetout().
> The problem is that ogg_stream_pagein() only adds a single page to the
> ogg stream state, whereas ogg_stream_packetout(), loops until it finds a
> non-255 lacing value. So, if the comment packet is larger than one
> page, all lacing values will be 255, and ogg_stream_packetout will start
> reading uninitialized memory.
No, you've misunderstood how the buffering works. Packetout says
"need more data" if the comment packet is > 1 page, the inner loop
breaks, a new page is read and then packetout is called again. That
continues for as long as necessary to get a complete packet.
Monty
--- >8 ----
List archives: http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to 'vorbis-dev-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Vorbis-dev
mailing list