#include "libavutil/channel_layout.h"
#include "avcodec.h"
+#include "internal.h"
#include "mathops.h"
#define BITSTREAM_READER_LE
*/
static int smacker_decode_tree(GetBitContext *gb, HuffContext *hc, uint32_t prefix, int length)
{
- if(length > 32) {
+ if(length > 32 || length > 3*SMKTREE_BITS) {
av_log(NULL, AV_LOG_ERROR, "length too long\n");
return AVERROR_INVALIDDATA;
}
tmp2.values = av_mallocz(256 * sizeof(int));
if(get_bits1(gb)) {
- smacker_decode_tree(gb, &tmp1, 0, 0);
+ res = smacker_decode_tree(gb, &tmp1, 0, 0);
+ if (res < 0)
+ return res;
skip_bits1(gb);
- res = init_vlc(&vlc[0], SMKTREE_BITS, tmp1.length,
- tmp1.lengths, sizeof(int), sizeof(int),
- tmp1.bits, sizeof(uint32_t), sizeof(uint32_t), INIT_VLC_LE);
- if(res < 0) {
- av_log(smk->avctx, AV_LOG_ERROR, "Cannot build VLC table\n");
- return AVERROR_INVALIDDATA;
+ if(tmp1.current > 1) {
+ res = init_vlc(&vlc[0], SMKTREE_BITS, tmp1.length,
+ tmp1.lengths, sizeof(int), sizeof(int),
+ tmp1.bits, sizeof(uint32_t), sizeof(uint32_t), INIT_VLC_LE);
+ if(res < 0) {
+ av_log(smk->avctx, AV_LOG_ERROR, "Cannot build VLC table\n");
+ return AVERROR_INVALIDDATA;
+ }
}
- } else {
+ }
+ if (!vlc[0].table) {
av_log(smk->avctx, AV_LOG_ERROR, "Skipping low bytes tree\n");
}
if(get_bits1(gb)){
- smacker_decode_tree(gb, &tmp2, 0, 0);
+ res = smacker_decode_tree(gb, &tmp2, 0, 0);
+ if (res < 0)
+ return res;
skip_bits1(gb);
- res = init_vlc(&vlc[1], SMKTREE_BITS, tmp2.length,
- tmp2.lengths, sizeof(int), sizeof(int),
- tmp2.bits, sizeof(uint32_t), sizeof(uint32_t), INIT_VLC_LE);
- if(res < 0) {
- av_log(smk->avctx, AV_LOG_ERROR, "Cannot build VLC table\n");
- return AVERROR_INVALIDDATA;
+ if(tmp2.current > 1) {
+ res = init_vlc(&vlc[1], SMKTREE_BITS, tmp2.length,
+ tmp2.lengths, sizeof(int), sizeof(int),
+ tmp2.bits, sizeof(uint32_t), sizeof(uint32_t), INIT_VLC_LE);
+ if(res < 0) {
+ av_log(smk->avctx, AV_LOG_ERROR, "Cannot build VLC table\n");
+ return AVERROR_INVALIDDATA;
+ }
}
- } else {
+ }
+ if (!vlc[1].table) {
av_log(smk->avctx, AV_LOG_ERROR, "Skipping high bytes tree\n");
}
return v;
}
-static int decode_frame(AVCodecContext *avctx, void *data, int *data_size, AVPacket *avpkt)
+static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
+ AVPacket *avpkt)
{
SmackVContext * const smk = avctx->priv_data;
uint8_t *out;
}
- *data_size = sizeof(AVFrame);
+ *got_frame = 1;
*(AVFrame*)data = smk->pic;
/* always report that the buffer was completely consumed */
unp_size = AV_RL32(buf);
+ if (unp_size > (1U<<24)) {
+ av_log(avctx, AV_LOG_ERROR, "packet is too big\n");
+ return AVERROR_INVALIDDATA;
+ }
+
init_get_bits(&gb, buf + 4, (buf_size - 4) * 8);
if(!get_bits1(&gb)){
/* get output buffer */
s->frame.nb_samples = unp_size / (avctx->channels * (bits + 1));
- if ((ret = avctx->get_buffer(avctx, &s->frame)) < 0) {
+ if ((ret = ff_get_buffer(avctx, &s->frame)) < 0) {
av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n");
return ret;
}
h[i].lengths = av_mallocz(256 * sizeof(int));
h[i].values = av_mallocz(256 * sizeof(int));
skip_bits1(&gb);
- smacker_decode_tree(&gb, &h[i], 0, 0);
+ res = smacker_decode_tree(&gb, &h[i], 0, 0);
+ if (res < 0)
+ return res;
skip_bits1(&gb);
if(h[i].current > 1) {
res = init_vlc(&vlc[i], SMKTREE_BITS, h[i].length,
projects / ffmpeg / blobdiff