* Beam Software VB decoder
* Copyright (c) 2007 Konstantin Shishkov
*
- * This file is part of FFmpeg.
+ * This file is part of Libav.
*
- * FFmpeg is free software; you can redistribute it and/or
+ * Libav is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
- * FFmpeg is distributed in the hope that it will be useful,
+ * Libav is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with FFmpeg; if not, write to the Free Software
+ * License along with Libav; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
/**
- * @file libavcodec/vb.c
+ * @file
* VB Video decoder
*/
AVFrame pic;
uint8_t *frame, *prev_frame;
- uint32_t pal[256];
+ uint32_t pal[AVPALETTE_COUNT];
const uint8_t *stream;
} VBDecContext;
0xC631, 0x6310, 0xC060, 0x0136, 0x136C, 0x36C8, 0x6C80, 0x324C
};
-static void vb_decode_palette(VBDecContext *c)
+static void vb_decode_palette(VBDecContext *c, int data_size)
{
int start, size, i;
av_log(c->avctx, AV_LOG_ERROR, "Palette change runs beyond entry 256\n");
return;
}
+ if(size*3+2 > data_size){
+ av_log(c->avctx, AV_LOG_ERROR, "Palette data runs beyond chunk size\n");
+ return;
+ }
for(i = start; i <= start + size; i++)
c->pal[i] = bytestream_get_be24(&c->stream);
}
return buf >= start && (buf + 4) <= end;
}
-static int vb_decode_framedata(VBDecContext *c, const uint8_t *buf, int offset)
+static int vb_decode_framedata(VBDecContext *c, const uint8_t *buf, int data_size, int offset)
{
uint8_t *prev, *cur;
+ const uint8_t* data_end = buf + data_size;
int blk, blocks, t, blk2;
int blocktypes = 0;
int x, y, a, b;
blocks = (c->avctx->width >> 2) * (c->avctx->height >> 2);
blk2 = 0;
for(blk = 0; blk < blocks; blk++){
- if(!(blk & 3))
+ if(!(blk & 3)) {
+ if(buf >= data_end){
+ av_log(c->avctx, AV_LOG_ERROR, "Data pointer out of bounds\n");
+ return -1;
+ }
blocktypes = bytestream_get_byte(&buf);
+ }
switch(blocktypes & 0xC0){
case 0x00: //skip
for(y = 0; y < 4; y++)
case 0x40:
t = bytestream_get_byte(&buf);
if(!t){ //raw block
+ if(buf + 16 > data_end){
+ av_log(c->avctx, AV_LOG_ERROR, "Insufficient data\n");
+ return -1;
+ }
for(y = 0; y < 4; y++)
memcpy(cur + y*width, buf + y*4, 4);
buf += 16;
memset(cur + y*width, t, 4);
break;
case 0xC0: // pattern fill
+ if(buf + 2 > data_end){
+ av_log(c->avctx, AV_LOG_ERROR, "Insufficient data\n");
+ return -1;
+ }
t = bytestream_get_byte(&buf);
pattype = t >> 6;
pattern = vb_patterns[t & 0x3F];
av_log(avctx, AV_LOG_ERROR, "Frame size is too big\n");
return -1;
}
- vb_decode_framedata(c, c->stream, offset);
+ vb_decode_framedata(c, c->stream, size, offset);
c->stream += size - 4;
rest -= size;
}
av_log(avctx, AV_LOG_ERROR, "Palette size is too big\n");
return -1;
}
- vb_decode_palette(c);
+ vb_decode_palette(c, size);
rest -= size;
}
c->avctx = avctx;
avctx->pix_fmt = PIX_FMT_PAL8;
- c->frame = av_malloc( avctx->width * avctx->height);
- c->prev_frame = av_malloc( avctx->width * avctx->height);
-
- memset(c->pal, 0, sizeof(c->pal));
+ c->frame = av_mallocz(avctx->width * avctx->height);
+ c->prev_frame = av_mallocz(avctx->width * avctx->height);
return 0;
}
return 0;
}
-AVCodec vb_decoder = {
- "vb",
- CODEC_TYPE_VIDEO,
- CODEC_ID_VB,
- sizeof(VBDecContext),
- decode_init,
- NULL,
- decode_end,
- decode_frame,
+AVCodec ff_vb_decoder = {
+ .name = "vb",
+ .type = AVMEDIA_TYPE_VIDEO,
+ .id = CODEC_ID_VB,
+ .priv_data_size = sizeof(VBDecContext),
+ .init = decode_init,
+ .close = decode_end,
+ .decode = decode_frame,
.long_name = NULL_IF_CONFIG_SMALL("Beam Software VB"),
};
projects / ffmpeg / blobdiff