[PR #1817] [MERGED] fix(rust): Add bounds checks to prevent panic on malformed CEA-708 data #2561

New Issue

Open

opened 2026-01-29 17:22:47 +00:00 by claunia · 0 comments

claunia commented 2026-01-29 17:22:47 +00:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/CCExtractor/ccextractor/pull/1817
Author: @cfsmp3
Created: 12/14/2025
Status: ✅ Merged
Merged: 12/14/2025
Merged by: @cfsmp3

Base: master ← Head: fix/issue-1616-mp4-hls-crash

---

📝 Commits (2)

• e852057 fix(rust): Add bounds checks to prevent panic on malformed CEA-708 data
• 633d844 fix(rust): cast c_long to i64 in pic.rs for Windows compatibility

📊 Changes

2 files changed (+100 additions, -3 deletions)

View changed files

📝 src/rust/src/decoder/service_decoder.rs (+95 -2)
📝 src/rust/src/es/pic.rs (+5 -1)

📄 Description

Summary

Fixes #1616 - Segmentation fault when extracting from MP4 remuxed from HLS
Fixes #1575 - Regression bug causing ccextractor 0.94 to crash

The CEA-708 decoder could panic when processing truncated or malformed caption data blocks. This PR adds proper bounds checking to prevent panics:

• Fixed EXT1 command handling in process_service_block():

  • Changed &block[1..] to &block[(i+1)..] for correct slice offset when EXT1 appears at non-zero positions
  • Added bounds check before accessing the next byte after EXT1

• Added bounds checks in handle_extended_char():

  • Check for empty block before accessing block[0]
  • Check block.len() >= 2 before accessing block[1] for C3 commands

• Fixed clippy warning in es/pic.rs:

  • Removed unnecessary as i64 cast

Test plan

• Verified with #1616 sample file (MP4 remuxed from HLS)
• Verified with #1575 sample file (EIA-608 and EIA-708 streams.ts) - extracts subtitles correctly
• All 268 Rust tests pass
• Added 4 new unit tests for bounds checking:
  • test_handle_extended_char_empty_block
  • test_handle_extended_char_c3_insufficient_bytes
  • test_process_service_block_ext1_at_end
  • test_process_service_block_ext1_with_truncated_c3
• No clippy warnings
• No formatting issues

🤖 Generated with Claude Code

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/CCExtractor/ccextractor/pull/1817 **Author:** [@cfsmp3](https://github.com/cfsmp3) **Created:** 12/14/2025 **Status:** ✅ Merged **Merged:** 12/14/2025 **Merged by:** [@cfsmp3](https://github.com/cfsmp3) **Base:** `master` ← **Head:** `fix/issue-1616-mp4-hls-crash` --- ### 📝 Commits (2) - [`e852057`](https://github.com/CCExtractor/ccextractor/commit/e852057a9433a4b093b8c390165b90e4f97b0c64) fix(rust): Add bounds checks to prevent panic on malformed CEA-708 data - [`633d844`](https://github.com/CCExtractor/ccextractor/commit/633d84462f3bbcac0ebf1224b67be99d4c477733) fix(rust): cast c_long to i64 in pic.rs for Windows compatibility ### 📊 Changes **2 files changed** (+100 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `src/rust/src/decoder/service_decoder.rs` (+95 -2) 📝 `src/rust/src/es/pic.rs` (+5 -1) </details> ### 📄 Description ## Summary Fixes #1616 - Segmentation fault when extracting from MP4 remuxed from HLS Fixes #1575 - Regression bug causing ccextractor 0.94 to crash The CEA-708 decoder could panic when processing truncated or malformed caption data blocks. This PR adds proper bounds checking to prevent panics: - **Fixed EXT1 command handling** in `process_service_block()`: - Changed `&block[1..]` to `&block[(i+1)..]` for correct slice offset when EXT1 appears at non-zero positions - Added bounds check before accessing the next byte after EXT1 - **Added bounds checks** in `handle_extended_char()`: - Check for empty block before accessing `block[0]` - Check `block.len() >= 2` before accessing `block[1]` for C3 commands - **Fixed clippy warning** in `es/pic.rs`: - Removed unnecessary `as i64` cast ## Test plan - [x] Verified with #1616 sample file (MP4 remuxed from HLS) - [x] Verified with #1575 sample file (EIA-608 and EIA-708 streams.ts) - extracts subtitles correctly - [x] All 268 Rust tests pass - [x] Added 4 new unit tests for bounds checking: - `test_handle_extended_char_empty_block` - `test_handle_extended_char_c3_insufficient_bytes` - `test_process_service_block_ext1_at_end` - `test_process_service_block_ext1_with_truncated_c3` - [x] No clippy warnings - [x] No formatting issues 🤖 Generated with [Claude Code](https://claude.com/claude-code) --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

claunia added the pull-request label 2026-01-29 17:22:47 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

fix/input-scc-option

fix/palette-crate-fedora

pr-1782

fix/flutter-gui-v0.7.0-files

docs/changelog-upcoming

fix/goptime-and-startcredits-bugs

fix/bindgen-upgrade-1608

fix/tesseract-version-check-future-proof

fix/ccx-encoders-spupng-memory-safety

fix/freebsd-remarks

compatibility/xp

v0.96.5

v0.96.4

v0.96.3

v0.96.2

v0.96.1

v0.96

v0.94

v0.93

v0.92

v0.91

v0.90

v0.89

v0.88

v0.87

v0.86

v0.85b

v0.85

v0.84

v0.83

v0.82

v0.81

v0.80

v0.79

v0.78

v0.77

v0.76

v0.75

v0.74

v0.73

v0.72

v0.71

v0.70

Labels

Clear labels

bug

CEA-708

difficulty: easy

difficulty: hard

difficulty: medium

DTMB

DVB

enhancement

enhancement

Flutter GUI

GCI19

good-first-task

GSoC 2021

GSOC-2023

GSOC-2023

GSOC-2023

GSoC-related

Hacktoberfest

HardsubX

help wanted

invalid

JokerTV

Mac / OSX

more-info-needed

needs-commercial-sponsor

needs-commercial-sponsor

needs-commercial-sponsor

needs-confirmation-of-being-broken

OCR

pull-request

Mirrored from GitHub Pull Request

Python

regression

Rust

teletext

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claunia

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ccextractor#2561