Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(42)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: media/formats/webm/webm_parser.cc

Issue 516283004: Do not access an invalidated reference in media::WebMListParser::OnListEnd(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "media/formats/webm/webm_parser.h" 5 #include "media/formats/webm/webm_parser.h"
6 6
7 // This file contains code to parse WebM file elements. It was created 7 // This file contains code to parse WebM file elements. It was created
8 // from information in the Matroska spec. 8 // from information in the Matroska spec.
9 // http://www.matroska.org/technical/specs/index.html 9 // http://www.matroska.org/technical/specs/index.html
10 // This file contains code for encrypted WebM. Current WebM 10 // This file contains code for encrypted WebM. Current WebM
(...skipping 889 matching lines...) Expand 10 before | Expand all | Expand 10 after
900 if (size == 0) 900 if (size == 0)
901 return OnListEnd(); 901 return OnListEnd();
902 902
903 return true; 903 return true;
904 } 904 }
905 905
906 bool WebMListParser::OnListEnd() { 906 bool WebMListParser::OnListEnd() {
907 int lists_ended = 0; 907 int lists_ended = 0;
908 for (; !list_state_stack_.empty(); ++lists_ended) { 908 for (; !list_state_stack_.empty(); ++lists_ended) {
909 const ListState& list_state = list_state_stack_.back(); 909 const ListState& list_state = list_state_stack_.back();
910 int64 bytes_parsed = list_state.bytes_parsed_;
911 int id = list_state.id_;
910 912
911 if (list_state.bytes_parsed_ != list_state.size_) 913 if (bytes_parsed != list_state.size_)
912 break; 914 break;
913 915
914 list_state_stack_.pop_back(); 916 list_state_stack_.pop_back();
915 917
916 int64 bytes_parsed = list_state.bytes_parsed_;
917 WebMParserClient* client = NULL; 918 WebMParserClient* client = NULL;
918 if (!list_state_stack_.empty()) { 919 if (!list_state_stack_.empty()) {
919 // Update the bytes_parsed_ for the parent element. 920 // Update the bytes_parsed_ for the parent element.
920 list_state_stack_.back().bytes_parsed_ += bytes_parsed; 921 list_state_stack_.back().bytes_parsed_ += bytes_parsed;
921 client = list_state_stack_.back().client_; 922 client = list_state_stack_.back().client_;
922 } else { 923 } else {
923 client = root_client_; 924 client = root_client_;
924 } 925 }
925 926
926 if (!client->OnListEnd(list_state.id_)) 927 if (!client->OnListEnd(id))
927 return false; 928 return false;
928 } 929 }
929 930
930 DCHECK_GE(lists_ended, 1); 931 DCHECK_GE(lists_ended, 1);
931 932
932 if (list_state_stack_.empty()) 933 if (list_state_stack_.empty())
933 ChangeState(DONE_PARSING_LIST); 934 ChangeState(DONE_PARSING_LIST);
934 935
935 return true; 936 return true;
936 } 937 }
937 938
938 bool WebMListParser::IsSiblingOrAncestor(int id_a, int id_b) const { 939 bool WebMListParser::IsSiblingOrAncestor(int id_a, int id_b) const {
939 DCHECK((id_a == kWebMIdSegment) || (id_a == kWebMIdCluster)); 940 DCHECK((id_a == kWebMIdSegment) || (id_a == kWebMIdCluster));
940 941
941 if (id_a == kWebMIdCluster) { 942 if (id_a == kWebMIdCluster) {
942 // kWebMIdCluster siblings. 943 // kWebMIdCluster siblings.
943 for (size_t i = 0; i < arraysize(kSegmentIds); i++) { 944 for (size_t i = 0; i < arraysize(kSegmentIds); i++) {
944 if (kSegmentIds[i].id_ == id_b) 945 if (kSegmentIds[i].id_ == id_b)
945 return true; 946 return true;
946 } 947 }
947 } 948 }
948 949
949 // kWebMIdSegment siblings. 950 // kWebMIdSegment siblings.
950 return ((id_b == kWebMIdSegment) || (id_b == kWebMIdEBMLHeader)); 951 return ((id_b == kWebMIdSegment) || (id_b == kWebMIdEBMLHeader));
951 } 952 }
952 953
953 } // namespace media 954 } // namespace media
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698