}
static void init_vlcs(FourXContext *f){
- static int done = 0;
int i;
- if (!done) {
- done = 1;
-
- for(i=0; i<4; i++){
- init_vlc(&block_type_vlc[i], BLOCK_TYPE_VLC_BITS, 7,
- &block_type_tab[i][0][1], 2, 1,
- &block_type_tab[i][0][0], 2, 1);
- }
+ for(i=0; i<4; i++){
+ init_vlc(&block_type_vlc[i], BLOCK_TYPE_VLC_BITS, 7,
+ &block_type_tab[i][0][1], 2, 1,
+ &block_type_tab[i][0][0], 2, 1, 1);
}
}
uint16_t *src= (uint16_t*)f->last_picture.data[0];
uint16_t *dst= (uint16_t*)f->current_picture.data[0];
const int stride= f->current_picture.linesize[0]>>1;
- const int bitstream_size= get32(buf+8);
- const int bytestream_size= get32(buf+16);
- const int wordstream_size= get32(buf+12);
+ const unsigned int bitstream_size= get32(buf+8);
+ const unsigned int bytestream_size= get32(buf+16);
+ const unsigned int wordstream_size= get32(buf+12);
- if(bitstream_size+ bytestream_size+ wordstream_size + 20 != length)
+ if(bitstream_size+ bytestream_size+ wordstream_size + 20 != length
+ || bitstream_size > (1<<26)
+ || bytestream_size > (1<<26)
+ || wordstream_size > (1<<26)
+ ){
av_log(f->avctx, AV_LOG_ERROR, "lengths %d %d %d %d\n", bitstream_size, bytestream_size, wordstream_size,
bitstream_size+ bytestream_size+ wordstream_size - length);
+ return -1;
+ }
f->bitstream_buffer= av_fast_realloc(f->bitstream_buffer, &f->bitstream_buffer_size, bitstream_size + FF_INPUT_BUFFER_PADDING_SIZE);
f->dsp.bswap_buf((uint32_t*)f->bitstream_buffer, (uint32_t*)(buf + 20), bitstream_size/4);
init_vlc(&f->pre_vlc, ACDC_VLC_BITS, 257,
len_tab , 1, 1,
- bits_tab, 4, 4);
+ bits_tab, 4, 4, 0);
return ptr;
}
const int height= f->avctx->height;
uint16_t *dst= (uint16_t*)f->current_picture.data[0];
const int stride= f->current_picture.linesize[0]>>1;
- const int bitstream_size= get32(buf);
+ const unsigned int bitstream_size= get32(buf);
const int token_count __attribute__((unused)) = get32(buf + bitstream_size + 8);
- int prestream_size= 4*get32(buf + bitstream_size + 4);
+ unsigned int prestream_size= 4*get32(buf + bitstream_size + 4);
uint8_t *prestream= buf + bitstream_size + 12;
- if(prestream_size + bitstream_size + 12 != length)
- av_log(f->avctx, AV_LOG_ERROR, "size missmatch %d %d %d\n", prestream_size, bitstream_size, length);
+ if(prestream_size + bitstream_size + 12 != length
+ || bitstream_size > (1<<26)
+ || prestream_size > (1<<26)){
+ av_log(f->avctx, AV_LOG_ERROR, "size mismatch %d %d %d\n", prestream_size, bitstream_size, length);
+ return -1;
+ }
prestream= read_huffman_tables(f, prestream);
}
if(get_vlc2(&f->pre_gb, f->pre_vlc.table, ACDC_VLC_BITS, 3) != 256)
- av_log(f->avctx, AV_LOG_ERROR, "end missmatch\n");
+ av_log(f->avctx, AV_LOG_ERROR, "end mismatch\n");
return 0;
}
AVFrame *p, temp;
int i, frame_4cc, frame_size;
- *data_size = 0;
-
- /* special case for last picture */
- if (buf_size == 0) {
- return 0;
- }
-
frame_4cc= get32(buf);
if(buf_size != get32(buf+4)+8){
- av_log(f->avctx, AV_LOG_ERROR, "size missmatch %d %d\n", buf_size, get32(buf+4));
+ av_log(f->avctx, AV_LOG_ERROR, "size mismatch %d %d\n", buf_size, get32(buf+4));
}
if(frame_4cc == ff_get_fourcc("cfrm")){
frame_size= cfrm->size;
if(id != avctx->frame_number){
- av_log(f->avctx, AV_LOG_ERROR, "cframe id missmatch %d %d\n", id, avctx->frame_number);
+ av_log(f->avctx, AV_LOG_ERROR, "cframe id mismatch %d %d\n", id, avctx->frame_number);
}
cfrm->size= cfrm->id= 0;
projects / ffmpeg / blobdiff