* Quicktime Animation (RLE) Video Decoder
* Copyright (C) 2004 the ffmpeg project
*
- * This library is free software; you can redistribute it and/or
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
+ * version 2.1 of the License, or (at your option) any later version.
*
- * This library is distributed in the hope that it will be useful,
+ * FFmpeg is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
}
#define CHECK_PIXEL_PTR(n) \
- if (pixel_ptr + n > pixel_limit) { \
- av_log (s->avctx, AV_LOG_INFO, "Problem: pixel_ptr >= pixel_limit (%d >= %d)\n", \
+ if ((pixel_ptr + n > pixel_limit) || (pixel_ptr + n < 0)) { \
+ av_log (s->avctx, AV_LOG_INFO, "Problem: pixel_ptr = %d, pixel_limit = %d\n", \
pixel_ptr + n, pixel_limit); \
return; \
} \
/* there's another skip code in the stream */
CHECK_STREAM_PTR(1);
pixel_ptr += (8 * (s->buf[stream_ptr++] - 1));
+ CHECK_PIXEL_PTR(0); /* make sure pixel_ptr is positive */
} else if (rle_code < 0) {
/* decode the run length code */
rle_code = -rle_code;
/* there's another skip code in the stream */
CHECK_STREAM_PTR(1);
pixel_ptr += (4 * (s->buf[stream_ptr++] - 1));
+ CHECK_PIXEL_PTR(0); /* make sure pixel_ptr is positive */
} else if (rle_code < 0) {
/* decode the run length code */
rle_code = -rle_code;
int header;
int start_line;
int lines_to_change;
- signed char rle_code;
+ int rle_code;
int row_ptr, pixel_ptr;
int row_inc = s->frame.linesize[0];
unsigned short rgb16;
/* there's another skip code in the stream */
CHECK_STREAM_PTR(1);
pixel_ptr += (s->buf[stream_ptr++] - 1) * 2;
+ CHECK_PIXEL_PTR(0); /* make sure pixel_ptr is positive */
} else if (rle_code < 0) {
/* decode the run length code */
rle_code = -rle_code;
int header;
int start_line;
int lines_to_change;
- signed char rle_code;
+ int rle_code;
int row_ptr, pixel_ptr;
int row_inc = s->frame.linesize[0];
unsigned char r, g, b;
/* there's another skip code in the stream */
CHECK_STREAM_PTR(1);
pixel_ptr += (s->buf[stream_ptr++] - 1) * 3;
+ CHECK_PIXEL_PTR(0); /* make sure pixel_ptr is positive */
} else if (rle_code < 0) {
/* decode the run length code */
rle_code = -rle_code;
int header;
int start_line;
int lines_to_change;
- signed char rle_code;
+ int rle_code;
int row_ptr, pixel_ptr;
int row_inc = s->frame.linesize[0];
- unsigned char r, g, b;
+ unsigned char a, r, g, b;
unsigned int argb;
unsigned char *rgb = s->frame.data[0];
int pixel_limit = s->frame.linesize[0] * s->avctx->height;
/* there's another skip code in the stream */
CHECK_STREAM_PTR(1);
pixel_ptr += (s->buf[stream_ptr++] - 1) * 4;
+ CHECK_PIXEL_PTR(0); /* make sure pixel_ptr is positive */
} else if (rle_code < 0) {
/* decode the run length code */
rle_code = -rle_code;
CHECK_STREAM_PTR(4);
- stream_ptr++; /* skip the alpha (?) byte */
+ a = s->buf[stream_ptr++];
r = s->buf[stream_ptr++];
g = s->buf[stream_ptr++];
b = s->buf[stream_ptr++];
- argb = (r << 16) | (g << 8) | (b << 0);
+ argb = (a << 24) | (r << 16) | (g << 8) | (b << 0);
CHECK_PIXEL_PTR(rle_code * 4);
/* copy pixels directly to output */
while (rle_code--) {
- stream_ptr++; /* skip the alpha (?) byte */
+ a = s->buf[stream_ptr++];
r = s->buf[stream_ptr++];
g = s->buf[stream_ptr++];
b = s->buf[stream_ptr++];
- argb = (r << 16) | (g << 8) | (b << 0);
+ argb = (a << 24) | (r << 16) | (g << 8) | (b << 0);
*(unsigned int *)(&rgb[pixel_ptr]) = argb;
pixel_ptr += 4;
}
projects / ffmpeg / blobdiff