Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

validation improvements, fixes #301 #331

Draft
wants to merge 8 commits into
base: dev-0.6
Choose a base branch
from

Conversation

sscobici
Copy link

@sscobici sscobici commented Dec 27, 2024

Added More Validations for isomp4 to prevent some panics, Fixes #301, #300

  1. Atom Size Validations: Implemented strict, minimum, and maximum size validations for numerous atoms where feasible.
  2. Entry Count Limits: Did not impose limits on entry counts; TODOs related to this are still pending.
  3. Refactored stsc Atom:
  • Initial Validations: Performed during atom creation.
  • Post-Processing Validations: Conducted after other atoms are available, including more complex checks such as comparing entry.first_chunk with the total number of chunks.
  1. Refactored esds Atom: Modified to allow unidentified descriptor without causing panics.

Note: This update does not resolve all potential panic scenarios or address issues related to high memory consumption.
Requires a full regression run on as many files as possible to revalidate the constants put for validations.

@sscobici
Copy link
Author

Was:

symphonia-play .\SYMPHONIA_overflow_a__(1010 bytes) - 5159717075209417268\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1062 bytes) - 7054886487118464630\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1110 bytes) - 16416414715428302980\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1135 bytes) - 5762688587670286759\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1160 bytes) - 10159601185364604534\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1177 bytes) - 5191301567557151468\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1206 bytes) - 1343792105817109847\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1209 bytes) - 17357529992982873563\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1215 bytes) - 10119350924648394036\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1253 bytes) - 12005025846203531974\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1290 bytes) - 5843715259989880471\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1810 bytes) - 11055315504457623187\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(1812 bytes) - 820491196321903588\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(2442 bytes) - 10015537489850667243\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(5497 bytes) - 275172570416177385\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(7425 bytes) - 12568950420352038259\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(8152 bytes) - 12381846688634479276\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(8527 bytes) - 13068298698329211514\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(9285 bytes) - 2972640391061117809\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(9285 bytes) - 9535932891542858688\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(9871 bytes) - 6764396329590796336\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_a__(3277 bytes) - 18415014516421009308\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stts.rs:92:13:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_m__(630 bytes) - 6246091824504013919\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:92:47:
attempt to multiply with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_m__(3558 bytes) - 13233938419089581230\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:92:47:
attempt to multiply with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(4537 bytes) - 17148902608396090807\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(4976 bytes) - 9459114687982296253\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(546 bytes) - 4310843738845041546\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(571 bytes) - 919992671119650868\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(5739 bytes) - 10137435331896739662\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(575 bytes) - 16856085953031595545\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(576 bytes) - 11753230386850930233\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(577 bytes) - 7514189079044424508\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(578 bytes) - 2768918423888579634\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(581 bytes) - 2482124009453262957\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(583 bytes) - 3919740720716820139\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(588 bytes) - 3223092250954388086\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(589 bytes) - 13661093731801895626\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(589 bytes) - 6901825739168338773\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(596 bytes) - 9011356586099876335\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(600 bytes) - 15512513871945364801\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(600 bytes) - 3174906298175447847\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(602 bytes) - 8909172180093650749\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(605 bytes) - 8685766326007054781\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(611 bytes) - 7064170702483503701\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(633 bytes) - 5323321030508242341\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(678 bytes) - 6006928535449648354\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(686 bytes) - 140140012288210461\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(7337 bytes) - 5883312773637441626\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(753 bytes) - 11357222880092380821\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(789 bytes) - 315115294267514947\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(817 bytes) - 3781203992443515236\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(8926 bytes) - 5702767932603597538\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(1097 bytes) - 12291660694512946665\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(1142 bytes) - 2371051702260223537\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(2575 bytes) - 8179797883260871535\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_overflow_s__(2898 bytes) - 13154303271664921839\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\stsc.rs:69:30:
attempt to subtract with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(4820 bytes) - 14354304898029811503\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(498 bytes) - 4958547997762130825\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(500 bytes) - 8339300797808516811\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(5024 bytes) - 16955148229661254493\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(503 bytes) - 6644702089563959154\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(2609 bytes) - 9556649410040155493\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(3217 bytes) - 9196608742251600318\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(511 bytes) - 2319372450397504890\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(517 bytes) - 2369263152272192116\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(548 bytes) - 17364362441707418158\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(550 bytes) - 5264417575936198451\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(5854 bytes) - 8225964299133653626\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(509 bytes) - 12147470873139864157\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(3794 bytes) - 7806254579024445242\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
symphonia-play .\SYMPHONIA_panicked__(944 bytes) - 12494493814325802618\problematic_file.m4a
thread 'main' panicked at symphonia-format-isomp4\src\atoms\esds.rs:79:46:
called `Option::unwrap()` on a `None` value
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Became:

symphonia-play .\SYMPHONIA_overflow_a__(1010 bytes) - 5159717075209417268\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1062 bytes) - 7054886487118464630\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1110 bytes) - 16416414715428302980\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1135 bytes) - 5762688587670286759\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1160 bytes) - 10159601185364604534\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1177 bytes) - 5191301567557151468\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1206 bytes) - 1343792105817109847\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1209 bytes) - 17357529992982873563\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1215 bytes) - 10119350924648394036\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1253 bytes) - 12005025846203531974\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1290 bytes) - 5843715259989880471\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1810 bytes) - 11055315504457623187\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(1812 bytes) - 820491196321903588\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(2442 bytes) - 10015537489850667243\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(5497 bytes) - 275172570416177385\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(7425 bytes) - 12568950420352038259\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(8152 bytes) - 12381846688634479276\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(8527 bytes) - 13068298698329211514\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(9285 bytes) - 2972640391061117809\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(9285 bytes) - 9535932891542858688\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(9871 bytes) - 6764396329590796336\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_a__(3277 bytes) - 18415014516421009308\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stts): invalid entry count
symphonia-play .\SYMPHONIA_overflow_m__(630 bytes) - 6246091824504013919\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_overflow_m__(3558 bytes) - 13233938419089581230\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): entry's first chunk is bigger than total chunk number
symphonia-play .\SYMPHONIA_overflow_s__(4537 bytes) - 17148902608396090807\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(4976 bytes) - 9459114687982296253\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(546 bytes) - 4310843738845041546\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(571 bytes) - 919992671119650868\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(5739 bytes) - 10137435331896739662\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(575 bytes) - 16856085953031595545\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(576 bytes) - 11753230386850930233\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(577 bytes) - 7514189079044424508\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(578 bytes) - 2768918423888579634\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(581 bytes) - 2482124009453262957\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(583 bytes) - 3919740720716820139\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(588 bytes) - 3223092250954388086\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(589 bytes) - 13661093731801895626\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(589 bytes) - 6901825739168338773\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(596 bytes) - 9011356586099876335\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(600 bytes) - 15512513871945364801\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(600 bytes) - 3174906298175447847\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(602 bytes) - 8909172180093650749\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(605 bytes) - 8685766326007054781\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(611 bytes) - 7064170702483503701\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(633 bytes) - 5323321030508242341\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(678 bytes) - 6006928535449648354\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(686 bytes) - 140140012288210461\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(7337 bytes) - 5883312773637441626\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(753 bytes) - 11357222880092380821\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(789 bytes) - 315115294267514947\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(817 bytes) - 3781203992443515236\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(8926 bytes) - 5702767932603597538\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc):  entry's first chunk undex should be from 1
symphonia-play .\SYMPHONIA_overflow_s__(1097 bytes) - 12291660694512946665\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(1142 bytes) - 2371051702260223537\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(2575 bytes) - 8179797883260871535\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_overflow_s__(2898 bytes) - 13154303271664921839\problematic_file.m4a
 ERROR symphonia_play > malformed stream: isomp4 (stsc): invalid entry count
symphonia-play .\SYMPHONIA_panicked__(4820 bytes) - 14354304898029811503\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(498 bytes) - 4958547997762130825\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(500 bytes) - 8339300797808516811\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(5024 bytes) - 16955148229661254493\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(503 bytes) - 6644702089563959154\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(2609 bytes) - 9556649410040155493\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(3217 bytes) - 9196608742251600318\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(511 bytes) - 2319372450397504890\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(517 bytes) - 2369263152272192116\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(548 bytes) - 17364362441707418158\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(550 bytes) - 5264417575936198451\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(5854 bytes) - 8225964299133653626\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(509 bytes) - 12147470873139864157\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(3794 bytes) - 7806254579024445242\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file
symphonia-play .\SYMPHONIA_panicked__(944 bytes) - 12494493814325802618\problematic_file.m4a
 ERROR symphonia_play > unexpected end of file

@qarmin qarmin mentioned this pull request Dec 27, 2024
@sscobici sscobici force-pushed the mp4-panic-fixes branch 2 times, most recently from 941897b to 5d913fd Compare December 27, 2024 16:21
@sscobici
Copy link
Author

sscobici commented Dec 27, 2024

added a new commit to fix aac panics.

refactored aac aproximate_frame_count() method. It had some issues which causes panic. Should fix cases from https://github.com/qarmin/Automated-Fuzzer/actions/runs/12516290494 (REPORTS___SYMPHONIA*)

  1. renamed total_len to remaining_len because this is not the length of the whole file, but it was considered such in some places.
  2. first sample point to start from the beginning, file can contain a single frame
  3. check step to be bigger than 0 to avoid panic
  4. skip the rest of the frame after the header is read to avoid looking for sync word in the audio data
  5. break if reading 100 frames overlap next sample point

I haven't tested on VBR aac to observe any improvements, It was mention that aproximate method is not perfect there

@dedobbin please review.

@sscobici sscobici changed the title isomp4 validation improvements, fixes #301 isomp4, aac: validation improvements, fixes #301 Dec 27, 2024
@sscobici
Copy link
Author

fixed elst atom entry count sizes

@sscobici sscobici marked this pull request as draft January 3, 2025 23:55
@sscobici
Copy link
Author

sscobici commented Jan 4, 2025

Added commit: core: advance reader's position if pattern cannot be found

This addresses out-of-memory errors mentioned in the following comment: Issue #301 Comment.

Issue description:

  • For a big buffer where the pattern was not found at the end, the reader advanced its position to the end of the buffer.
  • For a buffer smaller than the pattern length, the reader did not advance its position.

This commit ensures that the reader's position is always advanced, resolving the issue.

@sscobici
Copy link
Author

sscobici commented Jan 4, 2025

Added commit: convert FourCc assertions to decode_error

This addresses some panic errors mentioned in the following comment: #301 (comment).

@sscobici
Copy link
Author

sscobici commented Jan 4, 2025

Added commit: mkv: report decode error on invalid vint width

This addresses some panic errors mentioned in the following comment: #301 (comment).

@pdeljanov
Copy link
Owner

Happy new year, @sscobici!

I'll be back to working on Symphonia in a few days, however, I wanted to drop in here to give you a heads up since you're touching a lot of files.

I have a WIP change that rewrites MKV's EBML iterator entirely. The previous code was not fully compliant with the spec, but also had many fundamental issues. So please avoid modifying the MKV reader as any changes there will become a conflict.

While working on those changes, I also realized that MP4, RIFF, and MKV are all roughly the same (i.e., nested chunk based structure) and thus all had roughly the same problems (e.g., reading out of bounds, etc.). Therefore, I'd like to apply a similar approach as the new EBML iterator to MP4's Atom iterator, and RIFF's Chunk iterator.

In this PR I noticed that you've added size checks to some atom. I'm not very fond of this solution because it's not a very scalable solution, and is difficult for parent atoms. Also, it involves a lot of "magic numbers". I think the new EBML iterator provides a good solution to this problem that's more general. So, I'd also recommend avoiding making further changes like this as well.

The new EBML iterator requires some additional polishing before I'm ready to merge it, but I just wanted to give you this heads up.

@sscobici
Copy link
Author

sscobici commented Jan 8, 2025

Added commit: aac: add validation for Ics.info.max_sfb, fixes out of range panic during decoding.

@sscobici
Copy link
Author

added commits:

  • riff: fix overflow with u16 for frames_per_block calculation
  • report unsupported error for more than 2 channels

@pdeljanov
Copy link
Owner

Checking in since its been more than a few days. I'm almost ready to push those changes mentioned, however I still have one more issue to solve before I can do that.

@sscobici
Copy link
Author

Added: metadata: validate min chunk length for jpeg
Will wait for mp4 refactoring to new approach, will work on changes for adding PTS/DTS for mkv

Feedback - error message from the new ebml iterator is very generic and it would be good if this can be improved (reader position offset, element name (path)). But this is for future.

@sscobici
Copy link
Author

added: mkv: detect parent overrun after the header parsing

@sscobici sscobici changed the title isomp4, aac: validation improvements, fixes #301 validation improvements, fixes #301 Jan 16, 2025
@sscobici
Copy link
Author

sscobici commented Jan 17, 2025

Regarding the latest commit about overrun in mkv, should this ever be allowed? What is the overall strategy for demuxer? Validation of correctness or max effort for packet and format extraction? When it should error, when it should warn and skip or try to recover?

@sscobici
Copy link
Author

added: alac: validate mid_side_shift to not overflow
@pdeljanov can you check if mid_side_shift should also be not more than config.bit_depth?

@pdeljanov
Copy link
Owner

pdeljanov commented Jan 18, 2025

Hey, let's start trying to get some of these fixes merged in.

I think we will need to split this PR. My recommendation would be to do one PR per major component (i.e., core, riff, aac, etc.) while holding off on the MP4 changes for now. I can leave more pointed feedback on those smaller PRs.

Regarding the latest commit about overrun in mkv, should this ever be allowed? What is the overall strategy for demuxer? Validation of correctness or max effort for packet and format extraction? When it should error, when it should warn and skip or try to recover?

Nice find. The EBML spec is a bit open-ended about this. However, I think this is just a special case of checking if the child element exceeds the parent element. In this case the EBML iterator just skips to the end of the parent element. However, the difference in this case is that we already consumed bytes to read the header and so we would need to rewind the reader to undo those reads.

So, I have two recommendations:

First, you can handle the overrun like this instead:

if header.data_pos() > parent_end {
    self.reader.seek_buffered(header.pos());
    log::debug!("element out-of-bounds, ignoring");
    return Ok(None);
}

This rewinds back to the start of the header, and then ends the iteration of the parent element.

Second, add a third condition here to check if parent_end - pos < EbmlElementHeader::MIN_SIZE (define the constant, 2) and return Ok(None). This saves some the trouble of rewinding later for some simple cases.

if let Some(parent_end) = parent_end {
let pos = self.reader.pos();
if pos == parent_end {
// Iteration of the current parent element is done.
return Ok(None);
}
else if pos > parent_end {
// The parent element was overrun.
log::warn!("overran parent element by {} bytes", pos - parent_end);
return Err(EbmlError::Overrun);
}
}

Regarding the latest commit about overrun in mkv, should this ever be allowed? What is the overall strategy for demuxer? Validation of correctness or max effort for packet and format extraction? When it should error, when it should warn and skip or try to recover?

The reference implementation does not clamp the value, nor does it consider it an error. Yay, undefined behaviour! However, to prevent a panic, we should clamp it to a max of 31.

@sscobici
Copy link
Author

regarding mp4:

  1. Should self.reader.pos() be used instead of header.data_pos()?
    The former does not perform a summation operation and is also consistent with the ignore statement below: self.reader.ignore_bytes(parent_end - self.reader.pos())?;

  2. Overrun
    Should all overruns be handled consistently? In line 494, an overrun is reported as: Err(EbmlError::Overrun)
    Now, we propose using seek_buffered for header overruns instead.

I am unsure whether seek_buffered can always succeed, especially in streaming scenarios or edge cases where the buffer advances forward and no longer retains previous bytes to seek back.

Would it be beneficial for all overruns to first check whether seeking back is possible before applying seek_buffered, instead of immediately returning Err(EbmlError::Overrun)? Probably not, but I wanted to ask.

Ideally, overruns should not occur if parent_end is known, preventing the need to seek back. However, implementing this may require additional checks that could impact performance, , so I agree that seeking back is probably the better option.

@pdeljanov
Copy link
Owner

pdeljanov commented Jan 18, 2025

regarding mp4:

I think you are referring to MKV for the message..

  1. Should self.reader.pos() be used instead of header.data_pos()?
    The former does not perform a summation operation and is also consistent with the ignore statement below: self.reader.ignore_bytes(parent_end - self.reader.pos())?;

They should be equal here since the reader should be positioned right after the element header, and the data position is always after the header. If you'd prefer to use self.reader.pos(), then use a local variable to save the position since it is being used multiple times.

  1. Overrun
    Should all overruns be handled consistently? In line 494, an overrun is reported as: Err(EbmlError::Overrun)
    Now, we propose using seek_buffered for header overruns instead.

The overrun on line 494 is one that would have had to occur when the iterator was in the control of the caller. (i.e., they read too much before calling next_header). Which means the overrun could be unbounded in length. Therefore, we'd have to do a proper seek on the underlying media source which is not always possible and may fail itself to resolve all cases.

I'm pretty certain this scenario can only happen due to programmer error and not due to invalid data in the file.

I am unsure whether seek_buffered can always succeed, especially in streaming scenarios or edge cases where the buffer advances forward and no longer retains previous bytes to seek back.

Yes, it'll always succeed. seek_buffered seeks within MediaSourceStream's (MSS) internal ring buffer. MSS guarantees a minimum of 1 kB of previously read data can be rewound in all cases (the minimum ring buffer size). The ring buffer is usually 32 kB in practice. MSS users can request a guaranteed amount by calling ensure_seekback_buffer with the desired size before their read operation. However, in the case you're addressing (header overrun), the maximum overrun is 16 bytes, so the call will always succeed with no additional effort.

Would it be beneficial for all overruns to first check whether seeking back is possible before applying seek_buffered, instead of immediately returning Err(EbmlError::Overrun)? Probably not, but I wanted to ask.

I'm torn, because, on the one hand, whatever was read and caused the overrun likely read bad data. On the other hand, if the overrun on line 494 can be resolved by using seek_buffered to get to parent_end, then you can safely return Ok(None).

I'm leaning towards keeping it a hard error for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants