bug fix. huge memory usages for matroska file with errors

[Cause]
  According to the current specifications for matroska,
  it needs to be parsed to the end of the file when tag has no length.
  If a normal tag does not appear immediately, unnecessary memory
  for embl list is used to read the the end of the file.
[Solution]
  To avoid huge memory usages, return error for unknown-length tags.

Change-Id: I756419ddb3b42af423dbf0aace2e9df5e9f21f1d

diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 201fb85..9de1adc 100644 (file)
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -1277,7 +1277,11 @@ static int ebml_parse(MatroskaDemuxContext *matroska,
             return res;
 
 #ifdef FIX_CRASH_ISSUE_FOR_INVALID_FILE
-        if((length == 0xffffffffffffffULL) && (matroska->is_parse_header_finish == 0)) {
+        if ((length == 0xffffffffffffffULL || length == EBML_UNKNOWN_LENGTH) &&
+            (matroska->is_parse_header_finish == 0)) {
+            av_log(matroska->ctx, AV_LOG_WARNING,
+                   "Found invalid length 0x%"PRIx64" element 0x%"PRIX32" at 0x%"PRIx64"."
+                   "Return error for invalid length\n", length, id, pos);
             av_log(matroska->ctx, AV_LOG_ERROR, "WE DETECTED THIS CONTENT IS A TORRENT FILE!!!\n");
             return AVERROR_INVALIDDATA;
         }