Compare commits
80 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Michael Niedermayer
|
9079c70d20 | ||
|
Michael Niedermayer
|
4f71435248 | ||
|
Michael Niedermayer
|
934878f2a6 | ||
|
Michael Niedermayer
|
38d9a782a5 | ||
|
Michael Niedermayer
|
6de5ec8ef8 | ||
|
Michael Niedermayer
|
0d2b67d17c | ||
|
Michael Niedermayer
|
d40bb6f5e9 | ||
|
Michael Niedermayer
|
aadfec7d6c | ||
|
Michael Niedermayer
|
47c0626ec7 | ||
|
Michael Niedermayer
|
2f75ebe24a | ||
|
Michael Niedermayer
|
a9081b36f4 | ||
|
Michael Niedermayer
|
b120685dca | ||
|
Michael Niedermayer
|
b44a3cd06e | ||
|
Michael Niedermayer
|
a930db5c82 | ||
|
Michael Niedermayer
|
f10252e47d | ||
|
Brice Waegeneire
|
4627033a23 | ||
|
Vodyannikov Aleksandr
|
20c440edbc | ||
|
Michael Niedermayer
|
ab81ea1035 | ||
|
Michael Niedermayer
|
2f2904030f | ||
|
Michael Niedermayer
|
064d0c6462 | ||
|
Michael Niedermayer
|
9ce4350c48 | ||
|
Michael Niedermayer
|
6ae1b70cb4 | ||
|
Michael Niedermayer
|
dbb121688c | ||
|
Michael Niedermayer
|
1667b3ea0f | ||
|
Michael Niedermayer
|
20d4514f25 | ||
|
Michael Niedermayer
|
8d3ac812ff | ||
|
Michael Niedermayer
|
ba3a4a94bc | ||
|
Michael Niedermayer
|
fb55620369 | ||
|
Michael Niedermayer
|
0a36341e96 | ||
|
Michael Niedermayer
|
1a21edf7b8 | ||
|
Michael Niedermayer
|
94c8e53034 | ||
|
Michael Niedermayer
|
132037ad5b | ||
|
Michael Niedermayer
|
f3cb2eedeb | ||
|
Michael Niedermayer
|
736c73a243 | ||
|
Michael Niedermayer
|
0272afe70d | ||
|
Michael Niedermayer
|
165b2ee692 | ||
|
Michael Niedermayer
|
ea153eb52c | ||
|
Michael Niedermayer
|
f21e96109d | ||
|
Michael Niedermayer
|
94f3c06678 | ||
|
Michael Niedermayer
|
3ed986522a | ||
|
Michael Niedermayer
|
f1116294aa | ||
|
Michael Niedermayer
|
0749384f0a | ||
|
Michael Niedermayer
|
fe8960ab86 | ||
|
Michael Niedermayer
|
5b8a97d000 | ||
|
Michael Niedermayer
|
ada21bca55 | ||
|
Michael Niedermayer
|
72403ba2b9 | ||
|
Michael Niedermayer
|
eaf2bacca1 | ||
|
Michael Niedermayer
|
cf61bf8107 | ||
|
Michael Niedermayer
|
93456ca3ea | ||
|
Anton Mitrofanov
|
b2522f35ec | ||
|
Anton Mitrofanov
|
e8558abeaf | ||
|
Anton Mitrofanov
|
b8d0d76740 | ||
|
Michael Niedermayer
|
4384481fbc | ||
|
Michael Niedermayer
|
347cc89daf | ||
|
Michael Niedermayer
|
7119574f48 | ||
|
Michael Niedermayer
|
f17443cdcd | ||
|
Michael Niedermayer
|
ee2396cefd | ||
|
Michael Niedermayer
|
01ed8d93b2 | ||
|
Michael Niedermayer
|
1729101c44 | ||
|
Michael Niedermayer
|
15cc151709 | ||
|
Michael Niedermayer
|
0a709e2a10 | ||
|
Michael Niedermayer
|
10d821309b | ||
|
Michael Niedermayer
|
f8a331598e | ||
|
Michael Niedermayer
|
f33c3ccbe7 | ||
|
Michael Niedermayer
|
7a86581afd | ||
|
Michael Niedermayer
|
3c98e4be89 | ||
|
Michael Niedermayer
|
d2567caea9 | ||
|
Michael Niedermayer
|
452c78a09c | ||
|
Michael Niedermayer
|
cce9471373 | ||
|
Michael Niedermayer
|
34282abc57 | ||
|
Michael Niedermayer
|
e1b6d78bf7 | ||
|
Michael Niedermayer
|
53a32fdf0a | ||
|
Michael Niedermayer
|
f3ac7e40d6 | ||
|
Michael Niedermayer
|
5217145824 | ||
|
Michael Niedermayer
|
311f2f5aba | ||
|
Michael Niedermayer
|
460abcd671 | ||
|
Michael Niedermayer
|
741c341968 | ||
|
Michael Niedermayer
|
ad9ce1fa1d | ||
|
Michael Niedermayer
|
50c2ef91d3 | ||
|
Matthieu Bouron
|
20f5e2c177 |
@@ -2,6 +2,87 @@ Entries are sorted chronologically from oldest to youngest within each release,
|
||||
releases are sorted from youngest to oldest.
|
||||
|
||||
|
||||
version 3.3.3:
|
||||
- avcodec/dirac_dwt: Fix multiple integer overflows in COMPOSE_DD97iH0()
|
||||
- avcodec/diracdec: Fix integer overflow in divide3()
|
||||
- avcodec/takdec: Fix integer overflow in decode_subframe()
|
||||
- avformat/rtmppkt: Convert ff_amf_get_field_value() to bytestream2
|
||||
- avformat/rtmppkt: Convert ff_amf_tag_size() to bytestream2
|
||||
- avcodec/diracdec: Fix integer overflow in signed multiplication in UNPACK_ARITH()
|
||||
- avcodec/pixlet: Simplify nbits computation
|
||||
- avcodec/dnxhddec: Move mb height check out of non hr branch
|
||||
- avcodec/hevc_ps: fix integer overflow in log2_parallel_merge_level_minus2
|
||||
- avformat/oggparsecelt: Do not re-allocate os->private
|
||||
- avcodec/ylc: Fix shift overflow
|
||||
- avcodec/aacps: Fix multiple integer overflow in map_val_34_to_20()
|
||||
- avcodec/aacdec_fixed: fix: left shift of negative value -1
|
||||
- avcodec/dirac_vlc: Fix undefined shift
|
||||
- doc/filters: typo in frei0r
|
||||
- avcodec/cfhd: Fix decoding regression due to height check
|
||||
- avcodec/aacdec_template (fixed point): Check gain in decode_cce() to avoid undefined shifts later
|
||||
- avcodec/ffv1dec_template: Fix signed integer overflow
|
||||
- avcodec/aacdec_template: Fix undefined integer overflow in apply_tns()
|
||||
- avcodec/magicyuv: Check that vlc len is not too large
|
||||
- avcodec/mjpegdec: Clip DC also on the negative side.
|
||||
- avcodec/aacps (fixed point): Fix multiple signed integer overflows
|
||||
- avcodec/ylc: Fix vlc of 31 bits
|
||||
- avcodec/sbrdsp_fixed: Fix integer overflow in sbr_hf_apply_noise()
|
||||
- avcodec/hevcdec: do not let updated extradata corrupt state
|
||||
- avcodec/wavpack: Fix invalid shift
|
||||
- avcodec/h264_slice: Fix signed integer overflow
|
||||
- avcodec/hevc_ps: Fix integer overflow with beta/tc offsets
|
||||
- avcodec/cfhd: Fix invalid left shift of negative value
|
||||
- avcodec/vb: Check vertical GMC component before multiply
|
||||
- avcodec/hevcdec: do basic validity check on delta_chroma_weight and offset
|
||||
- avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int()
|
||||
- avcodec/apedec: Fix integer overflow
|
||||
- avcodec/wavpack: Fix integer overflow in wv_unpack_stereo()
|
||||
- avcodec/hevc_ps: Fix max_dec_buffer check
|
||||
- avcodec/mpeg4videodec: Fix GMC with videos of dimension 1
|
||||
- avcodec/wavpack: Fix integer overflow
|
||||
- avcodec/takdec: Fix integer overflow
|
||||
- avcodec/tiff: Update pointer only when the result is used
|
||||
- avcodec/cfhd: Check bpc before setting bpc in context
|
||||
- avcodec/cfhd: Fix undefined shift
|
||||
- avcodec/hevc_filter: Fix invalid shift
|
||||
- avcodec/mpeg4videodec: Fix overflow in virtual_ref computation
|
||||
- avcodec/lpc: signed integer overflow in compute_lpc_coefs() (aacdec_fixed)
|
||||
- avcodec/wavpack: Fix undefined integer negation
|
||||
- avcodec/aacdec_fixed: Check s for being too small
|
||||
- avcodec/htmlsubtitles: Replace very slow redundant sscanf() calls by cleaner and faster code
|
||||
- avcodec/h264: Fix mix of lossless and lossy MBs decoding
|
||||
- avcodec/h264_mb: Fix 8x8dct in lossless for new versions of x264
|
||||
- avcodec/h264_cabac: Fix CABAC+8x8dct in 4:4:4
|
||||
- avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P output
|
||||
- avcodec/jpeg2000dsp: Reorder operations in ict_int() to avoid 2 integer overflows
|
||||
- avcodec/hevcpred_template: Fix left shift of negative value
|
||||
- avcodec/hevcdec: Fix signed integer overflow in decode_lt_rps()
|
||||
- avcodec/jpeg2000dec: Check nonzerobits more completely
|
||||
- avcodec/shorten: Sanity check maxnlpc
|
||||
- avcodec/truemotion2: Move skip computation after checks
|
||||
- avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2()
|
||||
- avcodec/dnxhd_parser: Do not return invalid value from dnxhd_find_frame_end() on error
|
||||
- avcodec/hevcdec: Check nb_sps
|
||||
- avcodec/hevc_refs: Check nb_refs in add_candidate_ref()
|
||||
- avcodec/mpeg4videodec: Check sprite delta upshift against overflowing.
|
||||
- avcodec/mpeg4videodec: Fix integer overflow in num_sprite_warping_points=2 case
|
||||
- avcodec/aacsbr_fixed: Check shift in sbr_hf_assemble()
|
||||
- avcodec/sbrdsp_fixed: Return an error from sbr_hf_apply_noise() if operations are impossible
|
||||
- avcodec/libvpxdec: Check that display dimensions fit in the storage dimensions
|
||||
- avcodec/jpeg2000dwt: Fix runtime error: left shift of negative value -123
|
||||
- avcodec/wavpack: Fix runtime error: signed integer overflow: 1886191616 + 277872640 cannot be represented in type 'int'
|
||||
- avcodec/snowdec: Fix runtime error: left shift of negative value -1
|
||||
- avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1297616
|
||||
- avcodec/tiff: Fix leak of geotags[].val
|
||||
- avcodec/ra144: Fix runtime error: signed integer overflow: -2200 * 1033073 cannot be represented in type 'int'
|
||||
- avcodec/flicvideo: Fix runtime error: signed integer overflow: 4864 * 459296 cannot be represented in type 'int'
|
||||
- avcodec/cfhd: Check band parameters before storing them
|
||||
- avcodec/h264_parse: Check picture structure when initializig weight table
|
||||
- avcodec/indeo4: Check remaining data in Pic hdr extension parsing code
|
||||
- avcodec/ac3dec_fixed: Fix multiple runtime error: signed integer overflow: -39271008 * 59 cannot be represented in type 'int'
|
||||
- lavc/aarch64/simple_idct: fix idct_col4_top coefficient
|
||||
|
||||
|
||||
version 3.3.2:
|
||||
- avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * 40448 cannot be represented in type 'int'
|
||||
- avcodec/pafvideo: Fix assertion failure
|
||||
|
||||
+1
-1
@@ -38,7 +38,7 @@ PROJECT_NAME = FFmpeg
|
||||
# could be handy for archiving the generated documentation or if some version
|
||||
# control system is used.
|
||||
|
||||
PROJECT_NUMBER = 3.3.2
|
||||
PROJECT_NUMBER = 3.3.3
|
||||
|
||||
# Using the PROJECT_BRIEF tag one can provide an optional one line description
|
||||
# for a project that appears at the top of each page and should give viewer a
|
||||
|
||||
+1
-1
@@ -8263,7 +8263,7 @@ It accepts the following parameters:
|
||||
@item filter_name
|
||||
The name of the frei0r effect to load. If the environment variable
|
||||
@env{FREI0R_PATH} is defined, the frei0r effect is searched for in each of the
|
||||
directories specified by the colon-separated list in @env{FREIOR_PATH}.
|
||||
directories specified by the colon-separated list in @env{FREI0R_PATH}.
|
||||
Otherwise, the standard frei0r paths are searched, in this order:
|
||||
@file{HOME/.frei0r-1/lib/}, @file{/usr/local/lib/frei0r-1/},
|
||||
@file{/usr/lib/frei0r-1/}.
|
||||
|
||||
@@ -35,6 +35,7 @@
|
||||
#define AAC_RENAME(x) x ## _fixed
|
||||
#define AAC_RENAME_32(x) x ## _fixed_32
|
||||
typedef int INTFLOAT;
|
||||
typedef unsigned UINTFLOAT; ///< Equivalent to INTFLOAT, Used as temporal cast to avoid undefined sign overflow operations.
|
||||
typedef int64_t INT64FLOAT;
|
||||
typedef int16_t SHORTFLOAT;
|
||||
typedef SoftFloat AAC_FLOAT;
|
||||
@@ -83,6 +84,7 @@ typedef int AAC_SIGNE;
|
||||
#define AAC_RENAME(x) x
|
||||
#define AAC_RENAME_32(x) x
|
||||
typedef float INTFLOAT;
|
||||
typedef float UINTFLOAT;
|
||||
typedef float INT64FLOAT;
|
||||
typedef float SHORTFLOAT;
|
||||
typedef float AAC_FLOAT;
|
||||
|
||||
@@ -181,14 +181,15 @@ static void subband_scale(int *dst, int *src, int scale, int offset, int len)
|
||||
out = (int)(((int64_t)src[i] * c) >> 32);
|
||||
dst[i] = ((int)(out+round) >> s) * ssign;
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else if (s > -32) {
|
||||
s = s + 32;
|
||||
round = 1 << (s-1);
|
||||
for (i=0; i<len; i++) {
|
||||
out = (int)((int64_t)((int64_t)src[i] * c + round) >> s);
|
||||
dst[i] = out * (unsigned)ssign;
|
||||
}
|
||||
} else {
|
||||
av_log(NULL, AV_LOG_ERROR, "Overflow in subband_scale()\n");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -389,7 +390,7 @@ static void apply_dependent_coupling_fixed(AACContext *ac,
|
||||
for (k = offsets[i]; k < offsets[i + 1]; k++) {
|
||||
tmp = (int)(((int64_t)src[group * 128 + k] * c + \
|
||||
(int64_t)0x1000000000) >> 37);
|
||||
dest[group * 128 + k] += tmp << shift;
|
||||
dest[group * 128 + k] += tmp * (1 << shift);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -429,7 +430,7 @@ static void apply_independent_coupling_fixed(AACContext *ac,
|
||||
else {
|
||||
for (i = 0; i < len; i++) {
|
||||
tmp = (int)(((int64_t)src[i] * c + (int64_t)0x1000000000) >> 37);
|
||||
dest[i] += tmp << shift;
|
||||
dest[i] += tmp * (1 << shift);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2199,6 +2199,10 @@ static int decode_cce(AACContext *ac, GetBitContext *gb, ChannelElement *che)
|
||||
cge = coup->coupling_point == AFTER_IMDCT ? 1 : get_bits1(gb);
|
||||
gain = cge ? get_vlc2(gb, vlc_scalefactors.table, 7, 3) - 60: 0;
|
||||
gain_cache = GET_GAIN(scale, gain);
|
||||
#if USE_FIXED
|
||||
if ((abs(gain_cache)-1024) >> 3 > 30)
|
||||
return AVERROR(ERANGE);
|
||||
#endif
|
||||
}
|
||||
if (coup->coupling_point == AFTER_IMDCT) {
|
||||
coup->gain[c][0] = gain_cache;
|
||||
@@ -2216,6 +2220,10 @@ static int decode_cce(AACContext *ac, GetBitContext *gb, ChannelElement *che)
|
||||
t >>= 1;
|
||||
}
|
||||
gain_cache = GET_GAIN(scale, t) * s;
|
||||
#if USE_FIXED
|
||||
if ((abs(gain_cache)-1024) >> 3 > 30)
|
||||
return AVERROR(ERANGE);
|
||||
#endif
|
||||
}
|
||||
}
|
||||
coup->gain[c][idx] = gain_cache;
|
||||
@@ -2389,7 +2397,7 @@ static int decode_extension_payload(AACContext *ac, GetBitContext *gb, int cnt,
|
||||
* @param decode 1 if tool is used normally, 0 if tool is used in LTP.
|
||||
* @param coef spectral coefficients
|
||||
*/
|
||||
static void apply_tns(INTFLOAT coef[1024], TemporalNoiseShaping *tns,
|
||||
static void apply_tns(INTFLOAT coef_param[1024], TemporalNoiseShaping *tns,
|
||||
IndividualChannelStream *ics, int decode)
|
||||
{
|
||||
const int mmm = FFMIN(ics->tns_max_bands, ics->max_sfb);
|
||||
@@ -2397,6 +2405,7 @@ static void apply_tns(INTFLOAT coef[1024], TemporalNoiseShaping *tns,
|
||||
int bottom, top, order, start, end, size, inc;
|
||||
INTFLOAT lpc[TNS_MAX_ORDER];
|
||||
INTFLOAT tmp[TNS_MAX_ORDER+1];
|
||||
UINTFLOAT *coef = coef_param;
|
||||
|
||||
for (w = 0; w < ics->num_windows; w++) {
|
||||
bottom = ics->num_swb;
|
||||
@@ -2426,7 +2435,7 @@ static void apply_tns(INTFLOAT coef[1024], TemporalNoiseShaping *tns,
|
||||
// ar filter
|
||||
for (m = 0; m < size; m++, start += inc)
|
||||
for (i = 1; i <= FFMIN(m, order); i++)
|
||||
coef[start] -= AAC_MUL26(coef[start - i * inc], lpc[i - 1]);
|
||||
coef[start] -= AAC_MUL26((INTFLOAT)coef[start - i * inc], lpc[i - 1]);
|
||||
} else {
|
||||
// ma filter
|
||||
for (m = 0; m < size; m++, start += inc) {
|
||||
|
||||
+12
-21
@@ -499,13 +499,13 @@ static void map_idx_34_to_20(int8_t *par_mapped, const int8_t *par, int full)
|
||||
static void map_val_34_to_20(INTFLOAT par[PS_MAX_NR_IIDICC])
|
||||
{
|
||||
#if USE_FIXED
|
||||
par[ 0] = (int)(((int64_t)(par[ 0] + (par[ 1]>>1)) * 1431655765 + \
|
||||
par[ 0] = (int)(((int64_t)(par[ 0] + (unsigned)(par[ 1]>>1)) * 1431655765 + \
|
||||
0x40000000) >> 31);
|
||||
par[ 1] = (int)(((int64_t)((par[ 1]>>1) + par[ 2]) * 1431655765 + \
|
||||
par[ 1] = (int)(((int64_t)((par[ 1]>>1) + (unsigned)par[ 2]) * 1431655765 + \
|
||||
0x40000000) >> 31);
|
||||
par[ 2] = (int)(((int64_t)(par[ 3] + (par[ 4]>>1)) * 1431655765 + \
|
||||
par[ 2] = (int)(((int64_t)(par[ 3] + (unsigned)(par[ 4]>>1)) * 1431655765 + \
|
||||
0x40000000) >> 31);
|
||||
par[ 3] = (int)(((int64_t)((par[ 4]>>1) + par[ 5]) * 1431655765 + \
|
||||
par[ 3] = (int)(((int64_t)((par[ 4]>>1) + (unsigned)par[ 5]) * 1431655765 + \
|
||||
0x40000000) >> 31);
|
||||
#else
|
||||
par[ 0] = (2*par[ 0] + par[ 1]) * 0.33333333f;
|
||||
@@ -692,26 +692,17 @@ static void decorrelation(PSContext *ps, INTFLOAT (*out)[32][2], const INTFLOAT
|
||||
for (i = 0; i < NR_PAR_BANDS[is34]; i++) {
|
||||
for (n = n0; n < nL; n++) {
|
||||
int decayed_peak;
|
||||
int denom;
|
||||
|
||||
decayed_peak = (int)(((int64_t)peak_decay_factor * \
|
||||
peak_decay_nrg[i] + 0x40000000) >> 31);
|
||||
peak_decay_nrg[i] = FFMAX(decayed_peak, power[i][n]);
|
||||
power_smooth[i] += (power[i][n] - power_smooth[i] + 2) >> 2;
|
||||
peak_decay_diff_smooth[i] += (peak_decay_nrg[i] - power[i][n] - \
|
||||
peak_decay_diff_smooth[i] + 2) >> 2;
|
||||
denom = peak_decay_diff_smooth[i] + (peak_decay_diff_smooth[i] >> 1);
|
||||
if (denom > power_smooth[i]) {
|
||||
int p = power_smooth[i];
|
||||
while (denom < 0x40000000) {
|
||||
denom <<= 1;
|
||||
p <<= 1;
|
||||
}
|
||||
transient_gain[i][n] = p / (denom >> 16);
|
||||
}
|
||||
else {
|
||||
transient_gain[i][n] = 1 << 16;
|
||||
}
|
||||
power_smooth[i] += (power[i][n] + 2LL - power_smooth[i]) >> 2;
|
||||
peak_decay_diff_smooth[i] += (peak_decay_nrg[i] + 2LL - power[i][n] - \
|
||||
peak_decay_diff_smooth[i]) >> 2;
|
||||
|
||||
if (peak_decay_diff_smooth[i]) {
|
||||
transient_gain[i][n] = FFMIN(power_smooth[i]*43691LL / peak_decay_diff_smooth[i], 1<<16);
|
||||
} else
|
||||
transient_gain[i][n] = 1 << 16;
|
||||
}
|
||||
}
|
||||
#else
|
||||
|
||||
@@ -575,22 +575,30 @@ static void sbr_hf_assemble(int Y1[38][64][2],
|
||||
|
||||
SoftFloat *in = sbr->s_m[e];
|
||||
for (m = 0; m+1 < m_max; m+=2) {
|
||||
int shift2;
|
||||
shift = 22 - in[m ].exp;
|
||||
shift2= 22 - in[m+1].exp;
|
||||
if (shift < 1 || shift2 < 1) {
|
||||
av_log(NULL, AV_LOG_ERROR, "Overflow in sbr_hf_assemble, shift=%d,%d\n", shift, shift2);
|
||||
return;
|
||||
}
|
||||
if (shift < 32) {
|
||||
round = 1 << (shift-1);
|
||||
out[2*m ] += (in[m ].mant * A + round) >> shift;
|
||||
}
|
||||
|
||||
shift = 22 - in[m+1].exp;
|
||||
if (shift < 32) {
|
||||
round = 1 << (shift-1);
|
||||
out[2*m+2] += (in[m+1].mant * B + round) >> shift;
|
||||
if (shift2 < 32) {
|
||||
round = 1 << (shift2-1);
|
||||
out[2*m+2] += (in[m+1].mant * B + round) >> shift2;
|
||||
}
|
||||
}
|
||||
if(m_max&1)
|
||||
{
|
||||
shift = 22 - in[m ].exp;
|
||||
if (shift < 32) {
|
||||
if (shift < 1) {
|
||||
av_log(NULL, AV_LOG_ERROR, "Overflow in sbr_hf_assemble, shift=%d\n", shift);
|
||||
return;
|
||||
} else if (shift < 32) {
|
||||
round = 1 << (shift-1);
|
||||
out[2*m ] += (in[m ].mant * A + round) >> shift;
|
||||
}
|
||||
|
||||
@@ -74,7 +74,7 @@ endconst
|
||||
.endm
|
||||
|
||||
.macro idct_col4_top y1, y2, y3, y4, i, l
|
||||
smull\i v7.4S, \y3\l, z1
|
||||
smull\i v7.4S, \y3\l, z2
|
||||
smull\i v16.4S, \y3\l, z6
|
||||
smull\i v17.4S, \y2\l, z1
|
||||
add v19.4S, v23.4S, v7.4S
|
||||
|
||||
@@ -65,7 +65,7 @@ static void scale_coefs (
|
||||
int len)
|
||||
{
|
||||
int i, shift, round;
|
||||
int16_t mul;
|
||||
unsigned mul;
|
||||
int temp, temp1, temp2, temp3, temp4, temp5, temp6, temp7;
|
||||
|
||||
mul = (dynrng & 0x1f) + 0x20;
|
||||
|
||||
+5
-3
@@ -1412,6 +1412,7 @@ static int ape_decode_frame(AVCodecContext *avctx, void *data,
|
||||
int32_t *sample24;
|
||||
int i, ch, ret;
|
||||
int blockstodecode;
|
||||
uint64_t decoded_buffer_size;
|
||||
|
||||
/* this should never be negative, but bad things will happen if it is, so
|
||||
check it just to make sure. */
|
||||
@@ -1467,7 +1468,7 @@ static int ape_decode_frame(AVCodecContext *avctx, void *data,
|
||||
skip_bits_long(&s->gb, offset);
|
||||
}
|
||||
|
||||
if (!nblocks || nblocks > INT_MAX) {
|
||||
if (!nblocks || nblocks > INT_MAX / 2 / sizeof(*s->decoded_buffer) - 8) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid sample count: %"PRIu32".\n",
|
||||
nblocks);
|
||||
return AVERROR_INVALIDDATA;
|
||||
@@ -1493,8 +1494,9 @@ static int ape_decode_frame(AVCodecContext *avctx, void *data,
|
||||
blockstodecode = s->samples;
|
||||
|
||||
/* reallocate decoded sample buffer if needed */
|
||||
av_fast_malloc(&s->decoded_buffer, &s->decoded_size,
|
||||
2 * FFALIGN(blockstodecode, 8) * sizeof(*s->decoded_buffer));
|
||||
decoded_buffer_size = 2LL * FFALIGN(blockstodecode, 8) * sizeof(*s->decoded_buffer);
|
||||
av_assert0(decoded_buffer_size <= INT_MAX);
|
||||
av_fast_malloc(&s->decoded_buffer, &s->decoded_size, decoded_buffer_size);
|
||||
if (!s->decoded_buffer)
|
||||
return AVERROR(ENOMEM);
|
||||
memset(s->decoded_buffer, 0, s->decoded_size);
|
||||
|
||||
+19
-14
@@ -258,6 +258,11 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
s->coded_height = data;
|
||||
} else if (tag == 101) {
|
||||
av_log(avctx, AV_LOG_DEBUG, "Bits per component: %"PRIu16"\n", data);
|
||||
if (data < 1 || data > 31) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Bits per component %d is invalid\n", data);
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->bpc = data;
|
||||
} else if (tag == 12) {
|
||||
av_log(avctx, AV_LOG_DEBUG, "Channel Count: %"PRIu16"\n", data);
|
||||
@@ -317,22 +322,22 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
s->prescale_shift[2] = (data >> 6) & 0x7;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Prescale shift (VC-5): %x\n", data);
|
||||
} else if (tag == 27) {
|
||||
s->plane[s->channel_num].band[0][0].width = data;
|
||||
s->plane[s->channel_num].band[0][0].stride = data;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Lowpass width %"PRIu16"\n", data);
|
||||
if (data < 3 || data > s->plane[s->channel_num].band[0][0].a_width) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid lowpass width\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[0][0].width = data;
|
||||
s->plane[s->channel_num].band[0][0].stride = data;
|
||||
} else if (tag == 28) {
|
||||
s->plane[s->channel_num].band[0][0].height = data;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Lowpass height %"PRIu16"\n", data);
|
||||
if (data < 3 || data > s->plane[s->channel_num].band[0][0].height) {
|
||||
if (data < 3 || data > s->plane[s->channel_num].band[0][0].a_height) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid lowpass height\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[0][0].height = data;
|
||||
} else if (tag == 1)
|
||||
av_log(avctx, AV_LOG_DEBUG, "Sample type? %"PRIu16"\n", data);
|
||||
else if (tag == 10) {
|
||||
@@ -363,39 +368,39 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
av_log(avctx, AV_LOG_DEBUG, "Tag/Value = %x %x\n", tag2, val2);
|
||||
}
|
||||
} else if (tag == 41) {
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].width = data;
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].stride = FFALIGN(data, 8);
|
||||
av_log(avctx, AV_LOG_DEBUG, "Highpass width %i channel %i level %i subband %i\n", data, s->channel_num, s->level, s->subband_num);
|
||||
if (data < 3) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid highpass width\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].width = data;
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].stride = FFALIGN(data, 8);
|
||||
} else if (tag == 42) {
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].height = data;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Highpass height %i\n", data);
|
||||
if (data < 3) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid highpass height\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].height = data;
|
||||
} else if (tag == 49) {
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].width = data;
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].stride = FFALIGN(data, 8);
|
||||
av_log(avctx, AV_LOG_DEBUG, "Highpass width2 %i\n", data);
|
||||
if (data < 3) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid highpass width2\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].width = data;
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].stride = FFALIGN(data, 8);
|
||||
} else if (tag == 50) {
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].height = data;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Highpass height2 %i\n", data);
|
||||
if (data < 3) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid highpass height2\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->plane[s->channel_num].band[s->level][s->subband_num].height = data;
|
||||
} else if (tag == 71) {
|
||||
s->codebook = data;
|
||||
av_log(avctx, AV_LOG_DEBUG, "Codebook %i\n", s->codebook);
|
||||
@@ -404,12 +409,12 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
av_log(avctx, AV_LOG_DEBUG, "Other codebook? %i\n", s->codebook);
|
||||
} else if (tag == 70) {
|
||||
av_log(avctx, AV_LOG_DEBUG, "Subsampling or bit-depth flag? %i\n", data);
|
||||
s->bpc = data;
|
||||
if (!(s->bpc == 10 || s->bpc == 12)) {
|
||||
if (!(data == 10 || data == 12)) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Invalid bits per channel\n");
|
||||
ret = AVERROR(EINVAL);
|
||||
break;
|
||||
}
|
||||
s->bpc = data;
|
||||
} else if (tag == 84) {
|
||||
av_log(avctx, AV_LOG_DEBUG, "Sample format? %i\n", data);
|
||||
if (data == 1)
|
||||
@@ -658,7 +663,7 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
output = s->plane[plane].subband[0];
|
||||
for (i = 0; i < lowpass_height * 2; i++) {
|
||||
for (j = 0; j < lowpass_width * 2; j++)
|
||||
output[j] <<= 2;
|
||||
output[j] *= 4;
|
||||
|
||||
output += lowpass_width * 2;
|
||||
}
|
||||
@@ -711,7 +716,7 @@ static int cfhd_decode(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
output = s->plane[plane].subband[0];
|
||||
for (i = 0; i < lowpass_height * 2; i++) {
|
||||
for (j = 0; j < lowpass_width * 2; j++)
|
||||
output[j] <<= 2;
|
||||
output[j] *= 4;
|
||||
|
||||
output += lowpass_width * 2;
|
||||
}
|
||||
|
||||
@@ -99,7 +99,7 @@ void ff_spatial_idwt_slice2(DWTContext *d, int y);
|
||||
(b1 + ((b0 + b2 + 1) >> 1))
|
||||
|
||||
#define COMPOSE_DD97iH0(b0, b1, b2, b3, b4)\
|
||||
(b2 + ((-b0 + 9*b1 + 9*b3 - b4 + 8) >> 4))
|
||||
(b2 + ((int)(-b0 + 9U*b1 + 9U*b3 - b4 + 8) >> 4))
|
||||
|
||||
#define COMPOSE_DD137iL0(b0, b1, b2, b3, b4)\
|
||||
(b2 - ((-b0 + 9*b1 + 9*b3 - b4 + 16) >> 5))
|
||||
|
||||
@@ -216,9 +216,14 @@ static void generate_offset_lut(DiracGolombLUT *lut, int off)
|
||||
INIT_RESIDUE(res);
|
||||
SET_RESIDUE(res, idx, LUT_BITS);
|
||||
|
||||
l->preamble = CONVERT_TO_RESIDUE(res >> (RSIZE_BITS - off), off);
|
||||
l->preamble_bits = off;
|
||||
l->sign = ((l->preamble >> (RSIZE_BITS - l->preamble_bits)) & 1) ? -1 : +1;
|
||||
if (off) {
|
||||
l->preamble = CONVERT_TO_RESIDUE(res >> (RSIZE_BITS - off), off);
|
||||
l->sign = ((l->preamble >> (RSIZE_BITS - l->preamble_bits)) & 1) ? -1 : +1;
|
||||
} else {
|
||||
l->preamble = 0;
|
||||
l->sign = 1;
|
||||
}
|
||||
|
||||
search_for_golomb(l, res << off, LUT_BITS - off);
|
||||
}
|
||||
|
||||
@@ -249,7 +249,7 @@ enum dirac_subband {
|
||||
/* magic number division by 3 from schroedinger */
|
||||
static inline int divide3(int x)
|
||||
{
|
||||
return ((x+1)*21845 + 10922) >> 16;
|
||||
return (int)((x+1U)*21845 + 10922) >> 16;
|
||||
}
|
||||
|
||||
static DiracFrame *remove_frame(DiracFrame *framelist[], int picnum)
|
||||
@@ -454,7 +454,8 @@ static inline int coeff_unpack_golomb(GetBitContext *gb, int qfactor, int qoffse
|
||||
static inline void coeff_unpack_arith_##n(DiracArith *c, int qfactor, int qoffset, \
|
||||
SubBand *b, type *buf, int x, int y) \
|
||||
{ \
|
||||
int coeff, sign, sign_pred = 0, pred_ctx = CTX_ZPZN_F1; \
|
||||
int sign, sign_pred = 0, pred_ctx = CTX_ZPZN_F1; \
|
||||
unsigned coeff; \
|
||||
const int mstride = -(b->stride >> (1+b->pshift)); \
|
||||
if (b->parent) { \
|
||||
const type *pbuf = (type *)b->parent->ibuf; \
|
||||
|
||||
@@ -81,16 +81,18 @@ static int dnxhd_find_frame_end(DNXHDParserContext *dctx,
|
||||
dctx->w = (state >> 32) & 0xFFFF;
|
||||
} else if (dctx->cur_byte == 42) {
|
||||
int cid = (state >> 32) & 0xFFFFFFFF;
|
||||
int remaining;
|
||||
|
||||
if (cid <= 0)
|
||||
continue;
|
||||
|
||||
dctx->remaining = avpriv_dnxhd_get_frame_size(cid);
|
||||
if (dctx->remaining <= 0) {
|
||||
dctx->remaining = dnxhd_get_hr_frame_size(cid, dctx->w, dctx->h);
|
||||
if (dctx->remaining <= 0)
|
||||
return dctx->remaining;
|
||||
remaining = avpriv_dnxhd_get_frame_size(cid);
|
||||
if (remaining <= 0) {
|
||||
remaining = dnxhd_get_hr_frame_size(cid, dctx->w, dctx->h);
|
||||
if (remaining <= 0)
|
||||
continue;
|
||||
}
|
||||
dctx->remaining = remaining;
|
||||
if (buf_size - i + 47 >= dctx->remaining) {
|
||||
int remaining = dctx->remaining;
|
||||
|
||||
|
||||
@@ -298,14 +298,18 @@ static int dnxhd_decode_header(DNXHDContext *ctx, AVFrame *frame,
|
||||
if (ctx->mb_height > 68 && ff_dnxhd_check_header_prefix_hr(header_prefix)) {
|
||||
ctx->data_offset = 0x170 + (ctx->mb_height << 2);
|
||||
} else {
|
||||
if (ctx->mb_height > 68 ||
|
||||
(ctx->mb_height << frame->interlaced_frame) > (ctx->height + 15) >> 4) {
|
||||
if (ctx->mb_height > 68) {
|
||||
av_log(ctx->avctx, AV_LOG_ERROR,
|
||||
"mb height too big: %d\n", ctx->mb_height);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
ctx->data_offset = 0x280;
|
||||
}
|
||||
if ((ctx->mb_height << frame->interlaced_frame) > (ctx->height + 15) >> 4) {
|
||||
av_log(ctx->avctx, AV_LOG_ERROR,
|
||||
"mb height too big: %d\n", ctx->mb_height);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
|
||||
if (buf_size < ctx->data_offset) {
|
||||
av_log(ctx->avctx, AV_LOG_ERROR,
|
||||
|
||||
@@ -96,7 +96,7 @@ static av_always_inline void RENAME(decode_line)(FFV1Context *s, int w,
|
||||
}
|
||||
|
||||
if (sign)
|
||||
diff = -diff;
|
||||
diff = -(unsigned)diff;
|
||||
|
||||
sample[1][x] = av_mod_uintp2(RENAME(predict)(sample[1] + x, sample[0] + x) + diff, bits);
|
||||
}
|
||||
|
||||
@@ -272,10 +272,14 @@ static int flic_decode_frame_8BPP(AVCodecContext *avctx,
|
||||
while (compressed_lines > 0) {
|
||||
if (bytestream2_tell(&g2) + 2 > stream_ptr_after_chunk)
|
||||
break;
|
||||
if (y_ptr > pixel_limit)
|
||||
return AVERROR_INVALIDDATA;
|
||||
line_packets = bytestream2_get_le16(&g2);
|
||||
if ((line_packets & 0xC000) == 0xC000) {
|
||||
// line skip opcode
|
||||
line_packets = -line_packets;
|
||||
if (line_packets > s->avctx->height)
|
||||
return AVERROR_INVALIDDATA;
|
||||
y_ptr += line_packets * s->frame->linesize[0];
|
||||
} else if ((line_packets & 0xC000) == 0x4000) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Undefined opcode (%x) in DELTA_FLI\n", line_packets);
|
||||
@@ -324,6 +328,8 @@ static int flic_decode_frame_8BPP(AVCodecContext *avctx,
|
||||
case FLI_LC:
|
||||
/* line compressed */
|
||||
starting_line = bytestream2_get_le16(&g2);
|
||||
if (starting_line >= s->avctx->height)
|
||||
return AVERROR_INVALIDDATA;
|
||||
y_ptr = 0;
|
||||
y_ptr += starting_line * s->frame->linesize[0];
|
||||
|
||||
@@ -560,9 +566,13 @@ static int flic_decode_frame_15_16BPP(AVCodecContext *avctx,
|
||||
while (compressed_lines > 0) {
|
||||
if (bytestream2_tell(&g2) + 2 > stream_ptr_after_chunk)
|
||||
break;
|
||||
if (y_ptr > pixel_limit)
|
||||
return AVERROR_INVALIDDATA;
|
||||
line_packets = bytestream2_get_le16(&g2);
|
||||
if (line_packets < 0) {
|
||||
line_packets = -line_packets;
|
||||
if (line_packets > s->avctx->height)
|
||||
return AVERROR_INVALIDDATA;
|
||||
y_ptr += line_packets * s->frame->linesize[0];
|
||||
} else {
|
||||
compressed_lines--;
|
||||
@@ -847,9 +857,13 @@ static int flic_decode_frame_24BPP(AVCodecContext *avctx,
|
||||
while (compressed_lines > 0) {
|
||||
if (bytestream2_tell(&g2) + 2 > stream_ptr_after_chunk)
|
||||
break;
|
||||
if (y_ptr > pixel_limit)
|
||||
return AVERROR_INVALIDDATA;
|
||||
line_packets = bytestream2_get_le16(&g2);
|
||||
if (line_packets < 0) {
|
||||
line_packets = -line_packets;
|
||||
if (line_packets > s->avctx->height)
|
||||
return AVERROR_INVALIDDATA;
|
||||
y_ptr += line_packets * s->frame->linesize[0];
|
||||
} else {
|
||||
compressed_lines--;
|
||||
|
||||
+41
-22
@@ -2347,21 +2347,40 @@ decode_intra_mb:
|
||||
if (CHROMA444(h) && IS_8x8DCT(mb_type)){
|
||||
int i;
|
||||
uint8_t *nnz_cache = sl->non_zero_count_cache;
|
||||
for (i = 0; i < 2; i++){
|
||||
if (sl->left_type[LEFT(i)] && !IS_8x8DCT(sl->left_type[LEFT(i)])) {
|
||||
nnz_cache[3+8* 1 + 2*8*i]=
|
||||
nnz_cache[3+8* 2 + 2*8*i]=
|
||||
nnz_cache[3+8* 6 + 2*8*i]=
|
||||
nnz_cache[3+8* 7 + 2*8*i]=
|
||||
nnz_cache[3+8*11 + 2*8*i]=
|
||||
nnz_cache[3+8*12 + 2*8*i]= IS_INTRA(mb_type) ? 64 : 0;
|
||||
if (h->sei.unregistered.x264_build < 151U) {
|
||||
for (i = 0; i < 2; i++){
|
||||
if (sl->left_type[LEFT(i)] && !IS_8x8DCT(sl->left_type[LEFT(i)])) {
|
||||
nnz_cache[3+8* 1 + 2*8*i]=
|
||||
nnz_cache[3+8* 2 + 2*8*i]=
|
||||
nnz_cache[3+8* 6 + 2*8*i]=
|
||||
nnz_cache[3+8* 7 + 2*8*i]=
|
||||
nnz_cache[3+8*11 + 2*8*i]=
|
||||
nnz_cache[3+8*12 + 2*8*i]= IS_INTRA(mb_type) ? 64 : 0;
|
||||
}
|
||||
}
|
||||
if (sl->top_type && !IS_8x8DCT(sl->top_type)){
|
||||
uint32_t top_empty = !IS_INTRA(mb_type) ? 0 : 0x40404040;
|
||||
AV_WN32A(&nnz_cache[4+8* 0], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8* 5], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8*10], top_empty);
|
||||
}
|
||||
} else {
|
||||
for (i = 0; i < 2; i++){
|
||||
if (sl->left_type[LEFT(i)] && !IS_8x8DCT(sl->left_type[LEFT(i)])) {
|
||||
nnz_cache[3+8* 1 + 2*8*i]=
|
||||
nnz_cache[3+8* 2 + 2*8*i]=
|
||||
nnz_cache[3+8* 6 + 2*8*i]=
|
||||
nnz_cache[3+8* 7 + 2*8*i]=
|
||||
nnz_cache[3+8*11 + 2*8*i]=
|
||||
nnz_cache[3+8*12 + 2*8*i]= !IS_INTRA_PCM(sl->left_type[LEFT(i)]) ? 0 : 64;
|
||||
}
|
||||
}
|
||||
if (sl->top_type && !IS_8x8DCT(sl->top_type)){
|
||||
uint32_t top_empty = !IS_INTRA_PCM(sl->top_type) ? 0 : 0x40404040;
|
||||
AV_WN32A(&nnz_cache[4+8* 0], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8* 5], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8*10], top_empty);
|
||||
}
|
||||
}
|
||||
if (sl->top_type && !IS_8x8DCT(sl->top_type)){
|
||||
uint32_t top_empty = !IS_INTRA(mb_type) ? 0 : 0x40404040;
|
||||
AV_WN32A(&nnz_cache[4+8* 0], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8* 5], top_empty);
|
||||
AV_WN32A(&nnz_cache[4+8*10], top_empty);
|
||||
}
|
||||
}
|
||||
h->cur_pic.mb_type[mb_xy] = mb_type;
|
||||
@@ -2370,14 +2389,6 @@ decode_intra_mb:
|
||||
const uint8_t *scan, *scan8x8;
|
||||
const uint32_t *qmul;
|
||||
|
||||
if(IS_INTERLACED(mb_type)){
|
||||
scan8x8 = sl->qscale ? h->field_scan8x8 : h->field_scan8x8_q0;
|
||||
scan = sl->qscale ? h->field_scan : h->field_scan_q0;
|
||||
}else{
|
||||
scan8x8 = sl->qscale ? h->zigzag_scan8x8 : h->zigzag_scan8x8_q0;
|
||||
scan = sl->qscale ? h->zigzag_scan : h->zigzag_scan_q0;
|
||||
}
|
||||
|
||||
// decode_cabac_mb_dqp
|
||||
if(get_cabac_noinline( &sl->cabac, &sl->cabac_state[60 + (sl->last_qscale_diff != 0)])){
|
||||
int val = 1;
|
||||
@@ -2408,6 +2419,14 @@ decode_intra_mb:
|
||||
}else
|
||||
sl->last_qscale_diff=0;
|
||||
|
||||
if(IS_INTERLACED(mb_type)){
|
||||
scan8x8 = sl->qscale ? h->field_scan8x8 : h->field_scan8x8_q0;
|
||||
scan = sl->qscale ? h->field_scan : h->field_scan_q0;
|
||||
}else{
|
||||
scan8x8 = sl->qscale ? h->zigzag_scan8x8 : h->zigzag_scan8x8_q0;
|
||||
scan = sl->qscale ? h->zigzag_scan : h->zigzag_scan_q0;
|
||||
}
|
||||
|
||||
decode_cabac_luma_residual(h, sl, scan, scan8x8, pixel_shift, mb_type, cbp, 0);
|
||||
if (CHROMA444(h)) {
|
||||
decode_cabac_luma_residual(h, sl, scan, scan8x8, pixel_shift, mb_type, cbp, 1);
|
||||
|
||||
@@ -1102,14 +1102,6 @@ decode_intra_mb:
|
||||
const uint8_t *scan, *scan8x8;
|
||||
const int max_qp = 51 + 6 * (h->ps.sps->bit_depth_luma - 8);
|
||||
|
||||
if(IS_INTERLACED(mb_type)){
|
||||
scan8x8 = sl->qscale ? h->field_scan8x8_cavlc : h->field_scan8x8_cavlc_q0;
|
||||
scan = sl->qscale ? h->field_scan : h->field_scan_q0;
|
||||
}else{
|
||||
scan8x8 = sl->qscale ? h->zigzag_scan8x8_cavlc : h->zigzag_scan8x8_cavlc_q0;
|
||||
scan = sl->qscale ? h->zigzag_scan : h->zigzag_scan_q0;
|
||||
}
|
||||
|
||||
dquant= get_se_golomb(&sl->gb);
|
||||
|
||||
sl->qscale += (unsigned)dquant;
|
||||
@@ -1126,6 +1118,14 @@ decode_intra_mb:
|
||||
sl->chroma_qp[0] = get_chroma_qp(h->ps.pps, 0, sl->qscale);
|
||||
sl->chroma_qp[1] = get_chroma_qp(h->ps.pps, 1, sl->qscale);
|
||||
|
||||
if(IS_INTERLACED(mb_type)){
|
||||
scan8x8 = sl->qscale ? h->field_scan8x8_cavlc : h->field_scan8x8_cavlc_q0;
|
||||
scan = sl->qscale ? h->field_scan : h->field_scan_q0;
|
||||
}else{
|
||||
scan8x8 = sl->qscale ? h->zigzag_scan8x8_cavlc : h->zigzag_scan8x8_cavlc_q0;
|
||||
scan = sl->qscale ? h->zigzag_scan : h->zigzag_scan_q0;
|
||||
}
|
||||
|
||||
if ((ret = decode_luma_residual(h, sl, gb, scan, scan8x8, pixel_shift, mb_type, cbp, 0)) < 0 ) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -637,7 +637,7 @@ static av_always_inline void hl_decode_mb_predict_luma(const H264Context *h,
|
||||
uint8_t *const ptr = dest_y + block_offset[i];
|
||||
const int dir = sl->intra4x4_pred_mode_cache[scan8[i]];
|
||||
if (transform_bypass && h->ps.sps->profile_idc == 244 && dir <= 1) {
|
||||
if (h->sei.unregistered.x264_build != -1) {
|
||||
if (h->sei.unregistered.x264_build < 151U) {
|
||||
h->hpc.pred8x8l_add[dir](ptr, sl->mb + (i * 16 + p * 256 << pixel_shift), linesize);
|
||||
} else
|
||||
h->hpc.pred8x8l_filter_add[dir](ptr, sl->mb + (i * 16 + p * 256 << pixel_shift),
|
||||
|
||||
@@ -26,7 +26,8 @@
|
||||
|
||||
int ff_h264_pred_weight_table(GetBitContext *gb, const SPS *sps,
|
||||
const int *ref_count, int slice_type_nos,
|
||||
H264PredWeightTable *pwt, void *logctx)
|
||||
H264PredWeightTable *pwt,
|
||||
int picture_structure, void *logctx)
|
||||
{
|
||||
int list, i, j;
|
||||
int luma_def, chroma_def;
|
||||
@@ -98,11 +99,13 @@ int ff_h264_pred_weight_table(GetBitContext *gb, const SPS *sps,
|
||||
}
|
||||
|
||||
// for MBAFF
|
||||
pwt->luma_weight[16 + 2 * i][list][0] = pwt->luma_weight[16 + 2 * i + 1][list][0] = pwt->luma_weight[i][list][0];
|
||||
pwt->luma_weight[16 + 2 * i][list][1] = pwt->luma_weight[16 + 2 * i + 1][list][1] = pwt->luma_weight[i][list][1];
|
||||
for (j = 0; j < 2; j++) {
|
||||
pwt->chroma_weight[16 + 2 * i][list][j][0] = pwt->chroma_weight[16 + 2 * i + 1][list][j][0] = pwt->chroma_weight[i][list][j][0];
|
||||
pwt->chroma_weight[16 + 2 * i][list][j][1] = pwt->chroma_weight[16 + 2 * i + 1][list][j][1] = pwt->chroma_weight[i][list][j][1];
|
||||
if (picture_structure == PICT_FRAME) {
|
||||
pwt->luma_weight[16 + 2 * i][list][0] = pwt->luma_weight[16 + 2 * i + 1][list][0] = pwt->luma_weight[i][list][0];
|
||||
pwt->luma_weight[16 + 2 * i][list][1] = pwt->luma_weight[16 + 2 * i + 1][list][1] = pwt->luma_weight[i][list][1];
|
||||
for (j = 0; j < 2; j++) {
|
||||
pwt->chroma_weight[16 + 2 * i][list][j][0] = pwt->chroma_weight[16 + 2 * i + 1][list][j][0] = pwt->chroma_weight[i][list][j][0];
|
||||
pwt->chroma_weight[16 + 2 * i][list][j][1] = pwt->chroma_weight[16 + 2 * i + 1][list][j][1] = pwt->chroma_weight[i][list][j][1];
|
||||
}
|
||||
}
|
||||
}
|
||||
if (slice_type_nos != AV_PICTURE_TYPE_B)
|
||||
|
||||
@@ -55,7 +55,8 @@ typedef struct H264POCContext {
|
||||
|
||||
int ff_h264_pred_weight_table(GetBitContext *gb, const SPS *sps,
|
||||
const int *ref_count, int slice_type_nos,
|
||||
H264PredWeightTable *pwt, void *logctx);
|
||||
H264PredWeightTable *pwt,
|
||||
int picture_structure, void *logctx);
|
||||
|
||||
/**
|
||||
* Check if the top & left blocks are available if needed & change the
|
||||
|
||||
@@ -202,7 +202,7 @@ static int scan_mmco_reset(AVCodecParserContext *s, GetBitContext *gb,
|
||||
if ((p->ps.pps->weighted_pred && slice_type_nos == AV_PICTURE_TYPE_P) ||
|
||||
(p->ps.pps->weighted_bipred_idc == 1 && slice_type_nos == AV_PICTURE_TYPE_B))
|
||||
ff_h264_pred_weight_table(gb, p->ps.sps, ref_count, slice_type_nos,
|
||||
&pwt, logctx);
|
||||
&pwt, p->picture_structure, logctx);
|
||||
|
||||
if (get_bits1(gb)) { // adaptive_ref_pic_marking_mode_flag
|
||||
int i;
|
||||
|
||||
@@ -1782,7 +1782,8 @@ static int h264_slice_header_parse(const H264Context *h, H264SliceContext *sl,
|
||||
(pps->weighted_bipred_idc == 1 &&
|
||||
sl->slice_type_nos == AV_PICTURE_TYPE_B)) {
|
||||
ret = ff_h264_pred_weight_table(&sl->gb, sps, sl->ref_count,
|
||||
sl->slice_type_nos, &sl->pwt, h->avctx);
|
||||
sl->slice_type_nos, &sl->pwt,
|
||||
picture_structure, h->avctx);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
}
|
||||
@@ -1804,7 +1805,7 @@ static int h264_slice_header_parse(const H264Context *h, H264SliceContext *sl,
|
||||
}
|
||||
|
||||
sl->last_qscale_diff = 0;
|
||||
tmp = pps->init_qp + get_se_golomb(&sl->gb);
|
||||
tmp = pps->init_qp + (unsigned)get_se_golomb(&sl->gb);
|
||||
if (tmp > 51 + 6 * (sps->bit_depth_luma - 8)) {
|
||||
av_log(h->avctx, AV_LOG_ERROR, "QP %u out of range\n", tmp);
|
||||
return AVERROR_INVALIDDATA;
|
||||
|
||||
@@ -470,7 +470,7 @@ static int get_pcm(HEVCContext *s, int x, int y)
|
||||
|
||||
#define TC_CALC(qp, bs) \
|
||||
tctable[av_clip((qp) + DEFAULT_INTRA_TC_OFFSET * ((bs) - 1) + \
|
||||
(tc_offset >> 1 << 1), \
|
||||
(tc_offset & -2), \
|
||||
0, MAX_QP + DEFAULT_INTRA_TC_OFFSET)]
|
||||
|
||||
static void deblocking_filter_CTB(HEVCContext *s, int x0, int y0)
|
||||
|
||||
+15
-11
@@ -939,9 +939,9 @@ int ff_hevc_parse_sps(HEVCSPS *sps, GetBitContext *gb, unsigned int *sps_id,
|
||||
sps->temporal_layer[i].max_dec_pic_buffering = get_ue_golomb_long(gb) + 1;
|
||||
sps->temporal_layer[i].num_reorder_pics = get_ue_golomb_long(gb);
|
||||
sps->temporal_layer[i].max_latency_increase = get_ue_golomb_long(gb) - 1;
|
||||
if (sps->temporal_layer[i].max_dec_pic_buffering > HEVC_MAX_DPB_SIZE) {
|
||||
if (sps->temporal_layer[i].max_dec_pic_buffering > (unsigned)HEVC_MAX_DPB_SIZE) {
|
||||
av_log(avctx, AV_LOG_ERROR, "sps_max_dec_pic_buffering_minus1 out of range: %d\n",
|
||||
sps->temporal_layer[i].max_dec_pic_buffering - 1);
|
||||
sps->temporal_layer[i].max_dec_pic_buffering - 1U);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
if (sps->temporal_layer[i].num_reorder_pics > sps->temporal_layer[i].max_dec_pic_buffering - 1) {
|
||||
@@ -1438,6 +1438,7 @@ int ff_hevc_decode_nal_pps(GetBitContext *gb, AVCodecContext *avctx,
|
||||
int i, ret = 0;
|
||||
unsigned int pps_id = 0;
|
||||
ptrdiff_t nal_size;
|
||||
unsigned log2_parallel_merge_level_minus2;
|
||||
|
||||
AVBufferRef *pps_buf;
|
||||
HEVCPPS *pps = av_mallocz(sizeof(*pps));
|
||||
@@ -1608,20 +1609,22 @@ int ff_hevc_decode_nal_pps(GetBitContext *gb, AVCodecContext *avctx,
|
||||
pps->deblocking_filter_override_enabled_flag = get_bits1(gb);
|
||||
pps->disable_dbf = get_bits1(gb);
|
||||
if (!pps->disable_dbf) {
|
||||
pps->beta_offset = get_se_golomb(gb) * 2;
|
||||
pps->tc_offset = get_se_golomb(gb) * 2;
|
||||
if (pps->beta_offset/2 < -6 || pps->beta_offset/2 > 6) {
|
||||
int beta_offset_div2 = get_se_golomb(gb);
|
||||
int tc_offset_div2 = get_se_golomb(gb) ;
|
||||
if (beta_offset_div2 < -6 || beta_offset_div2 > 6) {
|
||||
av_log(avctx, AV_LOG_ERROR, "pps_beta_offset_div2 out of range: %d\n",
|
||||
pps->beta_offset/2);
|
||||
beta_offset_div2);
|
||||
ret = AVERROR_INVALIDDATA;
|
||||
goto err;
|
||||
}
|
||||
if (pps->tc_offset/2 < -6 || pps->tc_offset/2 > 6) {
|
||||
if (tc_offset_div2 < -6 || tc_offset_div2 > 6) {
|
||||
av_log(avctx, AV_LOG_ERROR, "pps_tc_offset_div2 out of range: %d\n",
|
||||
pps->tc_offset/2);
|
||||
tc_offset_div2);
|
||||
ret = AVERROR_INVALIDDATA;
|
||||
goto err;
|
||||
}
|
||||
pps->beta_offset = 2 * beta_offset_div2;
|
||||
pps->tc_offset = 2 * tc_offset_div2;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1633,13 +1636,14 @@ int ff_hevc_decode_nal_pps(GetBitContext *gb, AVCodecContext *avctx,
|
||||
goto err;
|
||||
}
|
||||
pps->lists_modification_present_flag = get_bits1(gb);
|
||||
pps->log2_parallel_merge_level = get_ue_golomb_long(gb) + 2;
|
||||
if (pps->log2_parallel_merge_level > sps->log2_ctb_size) {
|
||||
log2_parallel_merge_level_minus2 = get_ue_golomb_long(gb);
|
||||
if (log2_parallel_merge_level_minus2 > sps->log2_ctb_size) {
|
||||
av_log(avctx, AV_LOG_ERROR, "log2_parallel_merge_level_minus2 out of range: %d\n",
|
||||
pps->log2_parallel_merge_level - 2);
|
||||
log2_parallel_merge_level_minus2);
|
||||
ret = AVERROR_INVALIDDATA;
|
||||
goto err;
|
||||
}
|
||||
pps->log2_parallel_merge_level = log2_parallel_merge_level_minus2 + 2;
|
||||
|
||||
pps->slice_header_extension_present_flag = get_bits1(gb);
|
||||
|
||||
|
||||
@@ -439,7 +439,7 @@ static int add_candidate_ref(HEVCContext *s, RefPicList *list,
|
||||
{
|
||||
HEVCFrame *ref = find_ref_idx(s, poc);
|
||||
|
||||
if (ref == s->ref)
|
||||
if (ref == s->ref || list->nb_refs >= HEVC_MAX_REFS)
|
||||
return AVERROR_INVALIDDATA;
|
||||
|
||||
if (!ref) {
|
||||
|
||||
+29
-8
@@ -138,7 +138,7 @@ fail:
|
||||
return AVERROR(ENOMEM);
|
||||
}
|
||||
|
||||
static void pred_weight_table(HEVCContext *s, GetBitContext *gb)
|
||||
static int pred_weight_table(HEVCContext *s, GetBitContext *gb)
|
||||
{
|
||||
int i = 0;
|
||||
int j = 0;
|
||||
@@ -181,6 +181,12 @@ static void pred_weight_table(HEVCContext *s, GetBitContext *gb)
|
||||
for (j = 0; j < 2; j++) {
|
||||
int delta_chroma_weight_l0 = get_se_golomb(gb);
|
||||
int delta_chroma_offset_l0 = get_se_golomb(gb);
|
||||
|
||||
if ( (int8_t)delta_chroma_weight_l0 != delta_chroma_weight_l0
|
||||
|| delta_chroma_offset_l0 < -(1<<17) || delta_chroma_offset_l0 > (1<<17)) {
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
|
||||
s->sh.chroma_weight_l0[i][j] = (1 << s->sh.chroma_log2_weight_denom) + delta_chroma_weight_l0;
|
||||
s->sh.chroma_offset_l0[i][j] = av_clip((delta_chroma_offset_l0 - ((128 * s->sh.chroma_weight_l0[i][j])
|
||||
>> s->sh.chroma_log2_weight_denom) + 128), -128, 127);
|
||||
@@ -217,6 +223,12 @@ static void pred_weight_table(HEVCContext *s, GetBitContext *gb)
|
||||
for (j = 0; j < 2; j++) {
|
||||
int delta_chroma_weight_l1 = get_se_golomb(gb);
|
||||
int delta_chroma_offset_l1 = get_se_golomb(gb);
|
||||
|
||||
if ( (int8_t)delta_chroma_weight_l1 != delta_chroma_weight_l1
|
||||
|| delta_chroma_offset_l1 < -(1<<17) || delta_chroma_offset_l1 > (1<<17)) {
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
|
||||
s->sh.chroma_weight_l1[i][j] = (1 << s->sh.chroma_log2_weight_denom) + delta_chroma_weight_l1;
|
||||
s->sh.chroma_offset_l1[i][j] = av_clip((delta_chroma_offset_l1 - ((128 * s->sh.chroma_weight_l1[i][j])
|
||||
>> s->sh.chroma_log2_weight_denom) + 128), -128, 127);
|
||||
@@ -229,6 +241,7 @@ static void pred_weight_table(HEVCContext *s, GetBitContext *gb)
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int decode_lt_rps(HEVCContext *s, LongTermRPS *rps, GetBitContext *gb)
|
||||
@@ -247,6 +260,8 @@ static int decode_lt_rps(HEVCContext *s, LongTermRPS *rps, GetBitContext *gb)
|
||||
nb_sps = get_ue_golomb_long(gb);
|
||||
nb_sh = get_ue_golomb_long(gb);
|
||||
|
||||
if (nb_sps > sps->num_long_term_ref_pics_sps)
|
||||
return AVERROR_INVALIDDATA;
|
||||
if (nb_sh + (uint64_t)nb_sps > FF_ARRAY_ELEMS(rps->poc))
|
||||
return AVERROR_INVALIDDATA;
|
||||
|
||||
@@ -270,12 +285,16 @@ static int decode_lt_rps(HEVCContext *s, LongTermRPS *rps, GetBitContext *gb)
|
||||
|
||||
delta_poc_msb_present = get_bits1(gb);
|
||||
if (delta_poc_msb_present) {
|
||||
int delta = get_ue_golomb_long(gb);
|
||||
int64_t delta = get_ue_golomb_long(gb);
|
||||
int64_t poc;
|
||||
|
||||
if (i && i != nb_sps)
|
||||
delta += prev_delta_msb;
|
||||
|
||||
rps->poc[i] += s->poc - delta * max_poc_lsb - s->sh.pic_order_cnt_lsb;
|
||||
poc = rps->poc[i] + s->poc - delta * max_poc_lsb - s->sh.pic_order_cnt_lsb;
|
||||
if (poc != (int32_t)poc)
|
||||
return AVERROR_INVALIDDATA;
|
||||
rps->poc[i] = poc;
|
||||
prev_delta_msb = delta;
|
||||
}
|
||||
}
|
||||
@@ -676,7 +695,9 @@ static int hls_slice_header(HEVCContext *s)
|
||||
|
||||
if ((s->ps.pps->weighted_pred_flag && sh->slice_type == HEVC_SLICE_P) ||
|
||||
(s->ps.pps->weighted_bipred_flag && sh->slice_type == HEVC_SLICE_B)) {
|
||||
pred_weight_table(s, gb);
|
||||
int ret = pred_weight_table(s, gb);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
}
|
||||
|
||||
sh->max_num_merge_cand = 5 - get_ue_golomb_long(gb);
|
||||
@@ -2974,7 +2995,7 @@ static int verify_md5(HEVCContext *s, AVFrame *frame)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int hevc_decode_extradata(HEVCContext *s, uint8_t *buf, int length)
|
||||
static int hevc_decode_extradata(HEVCContext *s, uint8_t *buf, int length, int first)
|
||||
{
|
||||
AVCodecContext *avctx = s->avctx;
|
||||
GetByteContext gb;
|
||||
@@ -3036,7 +3057,7 @@ static int hevc_decode_extradata(HEVCContext *s, uint8_t *buf, int length)
|
||||
|
||||
/* export stream parameters from the first SPS */
|
||||
for (i = 0; i < FF_ARRAY_ELEMS(s->ps.sps_list); i++) {
|
||||
if (s->ps.sps_list[i]) {
|
||||
if (first && s->ps.sps_list[i]) {
|
||||
const HEVCSPS *sps = (const HEVCSPS*)s->ps.sps_list[i]->data;
|
||||
export_stream_params(s->avctx, &s->ps, sps);
|
||||
break;
|
||||
@@ -3066,7 +3087,7 @@ static int hevc_decode_frame(AVCodecContext *avctx, void *data, int *got_output,
|
||||
new_extradata = av_packet_get_side_data(avpkt, AV_PKT_DATA_NEW_EXTRADATA,
|
||||
&new_extradata_size);
|
||||
if (new_extradata && new_extradata_size > 0) {
|
||||
ret = hevc_decode_extradata(s, new_extradata, new_extradata_size);
|
||||
ret = hevc_decode_extradata(s, new_extradata, new_extradata_size, 0);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
}
|
||||
@@ -3349,7 +3370,7 @@ static av_cold int hevc_decode_init(AVCodecContext *avctx)
|
||||
s->threads_number = 1;
|
||||
|
||||
if (avctx->extradata_size > 0 && avctx->extradata) {
|
||||
ret = hevc_decode_extradata(s, avctx->extradata, avctx->extradata_size);
|
||||
ret = hevc_decode_extradata(s, avctx->extradata, avctx->extradata_size, 1);
|
||||
if (ret < 0) {
|
||||
hevc_decode_free(avctx);
|
||||
return ret;
|
||||
|
||||
@@ -35,7 +35,7 @@ static av_always_inline void FUNC(intra_pred)(HEVCContext *s, int x0, int y0,
|
||||
#define MVF(x, y) \
|
||||
(s->ref->tab_mvf[(x) + (y) * min_pu_width])
|
||||
#define MVF_PU(x, y) \
|
||||
MVF(PU(x0 + ((x) << hshift)), PU(y0 + ((y) << vshift)))
|
||||
MVF(PU(x0 + ((x) * (1 << hshift))), PU(y0 + ((y) * (1 << vshift))))
|
||||
#define IS_INTRA(x, y) \
|
||||
(MVF_PU(x, y).pred_flag == PF_INTRA)
|
||||
#define MIN_TB_ADDR_ZS(x, y) \
|
||||
|
||||
@@ -56,6 +56,7 @@ int ff_htmlmarkup_to_ass(void *log_ctx, AVBPrint *dst, const char *in)
|
||||
char *param, buffer[128], tmp[128];
|
||||
int len, tag_close, sptr = 1, line_start = 1, an = 0, end = 0;
|
||||
SrtStack stack[16];
|
||||
int closing_brace_missing = 0;
|
||||
|
||||
stack[0].tag[0] = 0;
|
||||
strcpy(stack[0].param[PARAM_SIZE], "{\\fs}");
|
||||
@@ -83,11 +84,20 @@ int ff_htmlmarkup_to_ass(void *log_ctx, AVBPrint *dst, const char *in)
|
||||
and all microdvd like styles such as {Y:xxx} */
|
||||
len = 0;
|
||||
an += sscanf(in, "{\\an%*1u}%n", &len) >= 0 && len > 0;
|
||||
if ((an != 1 && (len = 0, sscanf(in, "{\\%*[^}]}%n", &len) >= 0 && len > 0)) ||
|
||||
(len = 0, sscanf(in, "{%*1[CcFfoPSsYy]:%*[^}]}%n", &len) >= 0 && len > 0)) {
|
||||
in += len - 1;
|
||||
} else
|
||||
av_bprint_chars(dst, *in, 1);
|
||||
|
||||
if (!closing_brace_missing) {
|
||||
if ( (an != 1 && in[1] == '\\')
|
||||
|| (in[1] && strchr("CcFfoPSsYy", in[1]) && in[2] == ':')) {
|
||||
char *bracep = strchr(in+2, '}');
|
||||
if (bracep) {
|
||||
in = bracep;
|
||||
break;
|
||||
} else
|
||||
closing_brace_missing = 1;
|
||||
}
|
||||
}
|
||||
|
||||
av_bprint_chars(dst, *in, 1);
|
||||
break;
|
||||
case '<':
|
||||
tag_close = in[1] == '/';
|
||||
|
||||
@@ -237,6 +237,8 @@ static int decode_pic_hdr(IVI45DecContext *ctx, AVCodecContext *avctx)
|
||||
/* skip picture header extension if any */
|
||||
while (get_bits1(&ctx->gb)) {
|
||||
ff_dlog(avctx, "Pic hdr extension encountered!\n");
|
||||
if (get_bits_left(&ctx->gb) < 10)
|
||||
return AVERROR_INVALIDDATA;
|
||||
skip_bits(&ctx->gb, 8);
|
||||
}
|
||||
|
||||
|
||||
@@ -215,7 +215,7 @@ typedef struct Jpeg2000Component {
|
||||
/* misc tools */
|
||||
static inline int ff_jpeg2000_ceildivpow2(int a, int b)
|
||||
{
|
||||
return -(((int64_t)(-a)) >> b);
|
||||
return -((-(int64_t)a) >> b);
|
||||
}
|
||||
|
||||
static inline int ff_jpeg2000_ceildiv(int a, int b)
|
||||
|
||||
@@ -960,9 +960,9 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
|
||||
if (!cblk->npasses) {
|
||||
int v = expn[bandno] + numgbits - 1 -
|
||||
tag_tree_decode(s, prec->zerobits + cblkno, 100);
|
||||
if (v < 0) {
|
||||
if (v < 0 || v > 30) {
|
||||
av_log(s->avctx, AV_LOG_ERROR,
|
||||
"nonzerobits %d invalid\n", v);
|
||||
"nonzerobits %d invalid or unsupported\n", v);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
cblk->nonzerobits = v;
|
||||
|
||||
@@ -64,10 +64,10 @@ static void ict_int(void *_src0, void *_src1, void *_src2, int csize)
|
||||
int i;
|
||||
|
||||
for (i = 0; i < csize; i++) {
|
||||
i0 = *src0 + (((i_ict_params[0] * *src2) + (1 << 15)) >> 16);
|
||||
i0 = *src0 + *src2 + (((26345 * *src2) + (1 << 15)) >> 16);
|
||||
i1 = *src0 - (((i_ict_params[1] * *src1) + (1 << 15)) >> 16)
|
||||
- (((i_ict_params[2] * *src2) + (1 << 15)) >> 16);
|
||||
i2 = *src0 + (((i_ict_params[3] * *src1) + (1 << 15)) >> 16);
|
||||
i2 = *src0 + (2 * *src1) + (((-14942 * *src1) + (1 << 15)) >> 16);
|
||||
*src0++ = i0;
|
||||
*src1++ = i1;
|
||||
*src2++ = i2;
|
||||
|
||||
@@ -488,7 +488,7 @@ static void dwt_decode97_int(DWTContext *s, int32_t *t)
|
||||
line += 5;
|
||||
|
||||
for (i = 0; i < w * h; i++)
|
||||
data[i] <<= I_PRESHIFT;
|
||||
data[i] *= 1LL << I_PRESHIFT;
|
||||
|
||||
for (lev = 0; lev < s->ndeclevels; lev++) {
|
||||
int lh = s->linelen[lev][0],
|
||||
|
||||
@@ -244,6 +244,13 @@ static int vpx_decode(AVCodecContext *avctx,
|
||||
(img_alpha = vpx_codec_get_frame(&ctx->decoder_alpha, &iter_alpha)))) {
|
||||
uint8_t *planes[4];
|
||||
int linesizes[4];
|
||||
|
||||
if (img->d_w > img->w || img->d_h > img->h) {
|
||||
av_log(avctx, AV_LOG_ERROR, "Display dimensions %dx%d exceed storage %dx%d\n",
|
||||
img->d_w, img->d_h, img->w, img->h);
|
||||
return AVERROR_EXTERNAL;
|
||||
}
|
||||
|
||||
if ((ret = set_pix_fmt(avctx, img, ctx->has_alpha_channel)) < 0) {
|
||||
#ifdef VPX_IMG_FMT_HIGHBITDEPTH
|
||||
av_log(avctx, AV_LOG_ERROR, "Unsupported output colorspace (%d) / bit_depth (%d)\n",
|
||||
|
||||
+5
-2
@@ -117,11 +117,14 @@ void ff_lpc_end(LPCContext *s);
|
||||
|
||||
#if USE_FIXED
|
||||
typedef int LPC_TYPE;
|
||||
typedef unsigned LPC_TYPE_U;
|
||||
#else
|
||||
#ifdef LPC_USE_DOUBLE
|
||||
typedef double LPC_TYPE;
|
||||
typedef double LPC_TYPE_U;
|
||||
#else
|
||||
typedef float LPC_TYPE;
|
||||
typedef float LPC_TYPE_U;
|
||||
#endif
|
||||
#endif // USE_FIXED
|
||||
|
||||
@@ -192,8 +195,8 @@ static inline int AAC_RENAME(compute_lpc_coefs)(const LPC_TYPE *autoc, int max_o
|
||||
for(j=0; j < (i+1)>>1; j++) {
|
||||
LPC_TYPE f = lpc_last[ j];
|
||||
LPC_TYPE b = lpc_last[i-1-j];
|
||||
lpc[ j] = f + AAC_MUL26(r, b);
|
||||
lpc[i-1-j] = b + AAC_MUL26(r, f);
|
||||
lpc[ j] = f + (LPC_TYPE_U)AAC_MUL26(r, b);
|
||||
lpc[i-1-j] = b + (LPC_TYPE_U)AAC_MUL26(r, f);
|
||||
}
|
||||
|
||||
if (fail && err < 0)
|
||||
|
||||
@@ -97,7 +97,7 @@ static int huff_build10(VLC *vlc, uint8_t *len)
|
||||
for (i = 0; i < 1024; i++) {
|
||||
he[i].sym = 1023 - i;
|
||||
he[i].len = len[i];
|
||||
if (len[i] == 0)
|
||||
if (len[i] == 0 || len[i] > 32)
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
AV_QSORT(he, 1024, HuffEntry, huff_cmp_len10);
|
||||
@@ -129,7 +129,7 @@ static int huff_build(VLC *vlc, uint8_t *len)
|
||||
for (i = 0; i < 256; i++) {
|
||||
he[i].sym = 255 - i;
|
||||
he[i].len = len[i];
|
||||
if (len[i] == 0)
|
||||
if (len[i] == 0 || len[i] > 32)
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
AV_QSORT(he, 256, HuffEntry, huff_cmp_len);
|
||||
|
||||
@@ -697,7 +697,7 @@ static int decode_block(MJpegDecodeContext *s, int16_t *block, int component,
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
val = val * quant_matrix[0] + s->last_dc[component];
|
||||
val = FFMIN(val, 32767);
|
||||
val = av_clip_int16(val);
|
||||
s->last_dc[component] = val;
|
||||
block[0] = val;
|
||||
/* AC coefs */
|
||||
|
||||
+39
-37
@@ -171,7 +171,7 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext *ctx, GetBitContext *g
|
||||
int a = 2 << s->sprite_warping_accuracy;
|
||||
int rho = 3 - s->sprite_warping_accuracy;
|
||||
int r = 16 / a;
|
||||
int alpha = 0;
|
||||
int alpha = 1;
|
||||
int beta = 0;
|
||||
int w = s->width;
|
||||
int h = s->height;
|
||||
@@ -243,18 +243,18 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext *ctx, GetBitContext *g
|
||||
* from w&h based to w2&h2 based which are of the 2^x form. */
|
||||
virtual_ref[0][0] = 16 * (vop_ref[0][0] + w2) +
|
||||
ROUNDED_DIV(((w - w2) *
|
||||
(r * sprite_ref[0][0] - 16 * vop_ref[0][0]) +
|
||||
w2 * (r * sprite_ref[1][0] - 16 * vop_ref[1][0])), w);
|
||||
(r * sprite_ref[0][0] - 16LL * vop_ref[0][0]) +
|
||||
w2 * (r * sprite_ref[1][0] - 16LL * vop_ref[1][0])), w);
|
||||
virtual_ref[0][1] = 16 * vop_ref[0][1] +
|
||||
ROUNDED_DIV(((w - w2) *
|
||||
(r * sprite_ref[0][1] - 16 * vop_ref[0][1]) +
|
||||
w2 * (r * sprite_ref[1][1] - 16 * vop_ref[1][1])), w);
|
||||
(r * sprite_ref[0][1] - 16LL * vop_ref[0][1]) +
|
||||
w2 * (r * sprite_ref[1][1] - 16LL * vop_ref[1][1])), w);
|
||||
virtual_ref[1][0] = 16 * vop_ref[0][0] +
|
||||
ROUNDED_DIV(((h - h2) * (r * sprite_ref[0][0] - 16 * vop_ref[0][0]) +
|
||||
h2 * (r * sprite_ref[2][0] - 16 * vop_ref[2][0])), h);
|
||||
ROUNDED_DIV(((h - h2) * (r * sprite_ref[0][0] - 16LL * vop_ref[0][0]) +
|
||||
h2 * (r * sprite_ref[2][0] - 16LL * vop_ref[2][0])), h);
|
||||
virtual_ref[1][1] = 16 * (vop_ref[0][1] + h2) +
|
||||
ROUNDED_DIV(((h - h2) * (r * sprite_ref[0][1] - 16 * vop_ref[0][1]) +
|
||||
h2 * (r * sprite_ref[2][1] - 16 * vop_ref[2][1])), h);
|
||||
ROUNDED_DIV(((h - h2) * (r * sprite_ref[0][1] - 16LL * vop_ref[0][1]) +
|
||||
h2 * (r * sprite_ref[2][1] - 16LL * vop_ref[2][1])), h);
|
||||
|
||||
switch (ctx->num_sprite_warping_points) {
|
||||
case 0:
|
||||
@@ -284,26 +284,26 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext *ctx, GetBitContext *g
|
||||
ctx->sprite_shift[1] = 0;
|
||||
break;
|
||||
case 2:
|
||||
sprite_offset[0][0] = (sprite_ref[0][0] * (1 << alpha + rho)) +
|
||||
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
(-vop_ref[0][0]) +
|
||||
(r * sprite_ref[0][1] - virtual_ref[0][1]) *
|
||||
(-vop_ref[0][1]) + (1 << (alpha + rho - 1));
|
||||
sprite_offset[0][1] = (sprite_ref[0][1] * (1 << alpha + rho)) +
|
||||
(-r * sprite_ref[0][1] + virtual_ref[0][1]) *
|
||||
(-vop_ref[0][0]) +
|
||||
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
(-vop_ref[0][1]) + (1 << (alpha + rho - 1));
|
||||
sprite_offset[1][0] = ((-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
(-2 * vop_ref[0][0] + 1) +
|
||||
(r * sprite_ref[0][1] - virtual_ref[0][1]) *
|
||||
(-2 * vop_ref[0][1] + 1) + 2 * w2 * r *
|
||||
sprite_ref[0][0] - 16 * w2 + (1 << (alpha + rho + 1)));
|
||||
sprite_offset[1][1] = ((-r * sprite_ref[0][1] + virtual_ref[0][1]) *
|
||||
(-2 * vop_ref[0][0] + 1) +
|
||||
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
(-2 * vop_ref[0][1] + 1) + 2 * w2 * r *
|
||||
sprite_ref[0][1] - 16 * w2 + (1 << (alpha + rho + 1)));
|
||||
sprite_offset[0][0] = ((int64_t) sprite_ref[0][0] * (1 << alpha + rho)) +
|
||||
((int64_t) -r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
((int64_t) -vop_ref[0][0]) +
|
||||
((int64_t) r * sprite_ref[0][1] - virtual_ref[0][1]) *
|
||||
((int64_t) -vop_ref[0][1]) + (1 << (alpha + rho - 1));
|
||||
sprite_offset[0][1] = ((int64_t) sprite_ref[0][1] * (1 << alpha + rho)) +
|
||||
((int64_t) -r * sprite_ref[0][1] + virtual_ref[0][1]) *
|
||||
((int64_t) -vop_ref[0][0]) +
|
||||
((int64_t) -r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
((int64_t) -vop_ref[0][1]) + (1 << (alpha + rho - 1));
|
||||
sprite_offset[1][0] = (((int64_t)-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
((int64_t)-2 * vop_ref[0][0] + 1) +
|
||||
((int64_t) r * sprite_ref[0][1] - virtual_ref[0][1]) *
|
||||
((int64_t)-2 * vop_ref[0][1] + 1) + 2 * w2 * r *
|
||||
(int64_t) sprite_ref[0][0] - 16 * w2 + (1 << (alpha + rho + 1)));
|
||||
sprite_offset[1][1] = (((int64_t)-r * sprite_ref[0][1] + virtual_ref[0][1]) *
|
||||
((int64_t)-2 * vop_ref[0][0] + 1) +
|
||||
((int64_t)-r * sprite_ref[0][0] + virtual_ref[0][0]) *
|
||||
((int64_t)-2 * vop_ref[0][1] + 1) + 2 * w2 * r *
|
||||
(int64_t) sprite_ref[0][1] - 16 * w2 + (1 << (alpha + rho + 1)));
|
||||
s->sprite_delta[0][0] = (-r * sprite_ref[0][0] + virtual_ref[0][0]);
|
||||
s->sprite_delta[0][1] = (+r * sprite_ref[0][1] - virtual_ref[0][1]);
|
||||
s->sprite_delta[1][0] = (-r * sprite_ref[0][1] + virtual_ref[0][1]);
|
||||
@@ -361,14 +361,16 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext *ctx, GetBitContext *g
|
||||
int shift_y = 16 - ctx->sprite_shift[0];
|
||||
int shift_c = 16 - ctx->sprite_shift[1];
|
||||
|
||||
if (shift_c < 0 || shift_y < 0 ||
|
||||
FFABS(sprite_offset[0][0]) >= INT_MAX >> shift_y ||
|
||||
FFABS(sprite_offset[1][0]) >= INT_MAX >> shift_c ||
|
||||
FFABS(sprite_offset[0][1]) >= INT_MAX >> shift_y ||
|
||||
FFABS(sprite_offset[1][1]) >= INT_MAX >> shift_c
|
||||
) {
|
||||
avpriv_request_sample(s->avctx, "Too large sprite shift or offset");
|
||||
goto overflow;
|
||||
for (i = 0; i < 2; i++) {
|
||||
if (shift_c < 0 || shift_y < 0 ||
|
||||
FFABS( sprite_offset[0][i]) >= INT_MAX >> shift_y ||
|
||||
FFABS( sprite_offset[1][i]) >= INT_MAX >> shift_c ||
|
||||
FFABS(s->sprite_delta[0][i]) >= INT_MAX >> shift_y ||
|
||||
FFABS(s->sprite_delta[1][i]) >= INT_MAX >> shift_y
|
||||
) {
|
||||
avpriv_request_sample(s->avctx, "Too large sprite shift, delta or offset");
|
||||
goto overflow;
|
||||
}
|
||||
}
|
||||
|
||||
for (i = 0; i < 2; i++) {
|
||||
|
||||
+2
-2
@@ -206,8 +206,8 @@ static int read_high_coeffs(AVCodecContext *avctx, uint8_t *src, int16_t *dst, i
|
||||
if ((ret = init_get_bits8(b, src, bytestream2_get_bytes_left(&ctx->gb))) < 0)
|
||||
return ret;
|
||||
|
||||
if ((a >= 0) + (a ^ (a >> 31)) - (a >> 31) != 1) {
|
||||
nbits = 33 - ff_clz((a >= 0) + (a ^ (a >> 31)) - (a >> 31) - 1);
|
||||
if (a ^ (a >> 31)) {
|
||||
nbits = 33 - ff_clz(a ^ (a >> 31));
|
||||
if (nbits > 16)
|
||||
return AVERROR_INVALIDDATA;
|
||||
} else {
|
||||
|
||||
+1
-1
@@ -1601,7 +1601,7 @@ void ff_eval_coefs(int *coefs, const int *refl)
|
||||
b1[i] = refl[i] * 16;
|
||||
|
||||
for (j=0; j < i; j++)
|
||||
b1[j] = ((refl[i] * b2[i-j-1]) >> 12) + b2[j];
|
||||
b1[j] = ((int)(refl[i] * (unsigned)b2[i-j-1]) >> 12) + b2[j];
|
||||
|
||||
FFSWAP(int *, b1, b2);
|
||||
}
|
||||
|
||||
@@ -242,7 +242,7 @@ static void sbr_hf_g_filt_c(int (*Y)[2], const int (*X_high)[40][2],
|
||||
}
|
||||
}
|
||||
|
||||
static av_always_inline void sbr_hf_apply_noise(int (*Y)[2],
|
||||
static av_always_inline int sbr_hf_apply_noise(int (*Y)[2],
|
||||
const SoftFloat *s_m,
|
||||
const SoftFloat *q_filt,
|
||||
int noise,
|
||||
@@ -253,14 +253,17 @@ static av_always_inline void sbr_hf_apply_noise(int (*Y)[2],
|
||||
int m;
|
||||
|
||||
for (m = 0; m < m_max; m++) {
|
||||
int y0 = Y[m][0];
|
||||
int y1 = Y[m][1];
|
||||
unsigned y0 = Y[m][0];
|
||||
unsigned y1 = Y[m][1];
|
||||
noise = (noise + 1) & 0x1ff;
|
||||
if (s_m[m].mant) {
|
||||
int shift, round;
|
||||
|
||||
shift = 22 - s_m[m].exp;
|
||||
if (shift < 30) {
|
||||
if (shift < 1) {
|
||||
av_log(NULL, AV_LOG_ERROR, "Overflow in sbr_hf_apply_noise, shift=%d\n", shift);
|
||||
return AVERROR(ERANGE);
|
||||
} else if (shift < 30) {
|
||||
round = 1 << (shift-1);
|
||||
y0 += (s_m[m].mant * phi_sign0 + round) >> shift;
|
||||
y1 += (s_m[m].mant * phi_sign1 + round) >> shift;
|
||||
@@ -270,7 +273,10 @@ static av_always_inline void sbr_hf_apply_noise(int (*Y)[2],
|
||||
int64_t accu;
|
||||
|
||||
shift = 22 - q_filt[m].exp;
|
||||
if (shift < 30) {
|
||||
if (shift < 1) {
|
||||
av_log(NULL, AV_LOG_ERROR, "Overflow in sbr_hf_apply_noise, shift=%d\n", shift);
|
||||
return AVERROR(ERANGE);
|
||||
} else if (shift < 30) {
|
||||
round = 1 << (shift-1);
|
||||
|
||||
accu = (int64_t)q_filt[m].mant * ff_sbr_noise_table_fixed[noise][0];
|
||||
@@ -286,6 +292,7 @@ static av_always_inline void sbr_hf_apply_noise(int (*Y)[2],
|
||||
Y[m][1] = y1;
|
||||
phi_sign1 = -phi_sign1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
#include "sbrdsp_template.c"
|
||||
|
||||
@@ -445,6 +445,10 @@ static int read_header(ShortenContext *s)
|
||||
s->blocksize = blocksize;
|
||||
|
||||
maxnlpc = get_uint(s, LPCQSIZE);
|
||||
if (maxnlpc > 1024U) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "maxnlpc is: %d\n", maxnlpc);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
s->nmean = get_uint(s, 0);
|
||||
|
||||
skip_bytes = get_uint(s, NSKIPSIZE);
|
||||
|
||||
@@ -586,7 +586,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
for(; yq<slice_h && yq<h; yq++){
|
||||
IDWTELEM * line = slice_buffer_get_line(&s->sb, yq);
|
||||
for(x=0; x<w; x++){
|
||||
line[x] <<= FRAC_BITS;
|
||||
line[x] *= 1<<FRAC_BITS;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+3
-3
@@ -483,7 +483,7 @@ static int decode_subframe(TAKDecContext *s, int32_t *decoded,
|
||||
int v = 1 << (filter_quant - 1);
|
||||
|
||||
if (filter_order & -16)
|
||||
v += s->adsp.scalarproduct_int16(&s->residues[i], s->filter,
|
||||
v += (unsigned)s->adsp.scalarproduct_int16(&s->residues[i], s->filter,
|
||||
filter_order & -16);
|
||||
for (j = filter_order & -16; j < filter_order; j += 4) {
|
||||
v += s->residues[i + j + 3] * s->filter[j + 3] +
|
||||
@@ -491,7 +491,7 @@ static int decode_subframe(TAKDecContext *s, int32_t *decoded,
|
||||
s->residues[i + j + 1] * s->filter[j + 1] +
|
||||
s->residues[i + j ] * s->filter[j ];
|
||||
}
|
||||
v = (av_clip_intp2(v >> filter_quant, 13) * (1 << dshift)) - *decoded;
|
||||
v = (av_clip_intp2(v >> filter_quant, 13) * (1 << dshift)) - (unsigned)*decoded;
|
||||
*decoded++ = v;
|
||||
s->residues[filter_order + i] = v >> dshift;
|
||||
}
|
||||
@@ -889,7 +889,7 @@ static int tak_decode_frame(AVCodecContext *avctx, void *data,
|
||||
uint8_t *samples = (uint8_t *)frame->extended_data[chan];
|
||||
int32_t *decoded = s->decoded[chan];
|
||||
for (i = 0; i < s->nb_samples; i++)
|
||||
samples[i] = decoded[i] + 0x80;
|
||||
samples[i] = decoded[i] + 0x80U;
|
||||
}
|
||||
break;
|
||||
case AV_SAMPLE_FMT_S16P:
|
||||
|
||||
+4
-1
@@ -1111,6 +1111,8 @@ static int tiff_decode_tag(TiffContext *s, AVFrame *frame)
|
||||
if (s->geotags[i].count == 0
|
||||
|| s->geotags[i].offset + s->geotags[i].count > count) {
|
||||
av_log(s->avctx, AV_LOG_WARNING, "Invalid GeoTIFF key %d\n", s->geotags[i].key);
|
||||
} else if (s->geotags[i].val) {
|
||||
av_log(s->avctx, AV_LOG_WARNING, "Duplicate GeoTIFF key %d\n", s->geotags[i].key);
|
||||
} else {
|
||||
char *ap = doubles2str(&dp[s->geotags[i].offset], s->geotags[i].count, ", ");
|
||||
if (!ap) {
|
||||
@@ -1301,6 +1303,8 @@ static int decode_frame(AVCodecContext *avctx,
|
||||
stride = p->linesize[plane];
|
||||
dst = p->data[plane];
|
||||
for (i = 0; i < s->height; i += s->rps) {
|
||||
if (i)
|
||||
dst += s->rps * stride;
|
||||
if (s->stripsizesoff)
|
||||
ssize = ff_tget(&stripsizes, s->sstype, le);
|
||||
else
|
||||
@@ -1321,7 +1325,6 @@ static int decode_frame(AVCodecContext *avctx,
|
||||
return ret;
|
||||
break;
|
||||
}
|
||||
dst += s->rps * stride;
|
||||
}
|
||||
if (s->predictor == 2) {
|
||||
if (s->photometric == TIFF_PHOTOMETRIC_YCBCR) {
|
||||
|
||||
@@ -298,15 +298,15 @@ static int tm2_read_stream(TM2Context *ctx, const uint8_t *buf, int stream_id, i
|
||||
/* get stream length in dwords */
|
||||
bytestream2_init(&gb, buf, buf_size);
|
||||
len = bytestream2_get_be32(&gb);
|
||||
skip = len * 4 + 4;
|
||||
|
||||
if (len == 0)
|
||||
return 4;
|
||||
|
||||
if (len >= INT_MAX / 4 - 1 || len < 0 || skip > buf_size) {
|
||||
if (len >= INT_MAX / 4 - 1 || len < 0 || len * 4 + 4 > buf_size) {
|
||||
av_log(ctx->avctx, AV_LOG_ERROR, "Error, invalid stream size.\n");
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
skip = len * 4 + 4;
|
||||
|
||||
toks = bytestream2_get_be32(&gb);
|
||||
if (toks & 1) {
|
||||
|
||||
@@ -205,6 +205,10 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
|
||||
if (flags & VB_HAS_GMC) {
|
||||
i = (int16_t)bytestream2_get_le16(&c->stream);
|
||||
j = (int16_t)bytestream2_get_le16(&c->stream);
|
||||
if (FFABS(j) > avctx->height) {
|
||||
av_log(avctx, AV_LOG_ERROR, "GMV out of range\n");
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
offset = i + j * avctx->width;
|
||||
}
|
||||
if (flags & VB_HAS_VIDEO) {
|
||||
|
||||
@@ -225,7 +225,7 @@ static int wv_get_value(WavpackFrameContext *ctx, GetBitContext *gb,
|
||||
INC_MED(1);
|
||||
DEC_MED(2);
|
||||
} else {
|
||||
base = GET_MED(0) + GET_MED(1) + GET_MED(2) * (t - 2);
|
||||
base = GET_MED(0) + GET_MED(1) + GET_MED(2) * (t - 2U);
|
||||
add = GET_MED(2) - 1;
|
||||
INC_MED(0);
|
||||
INC_MED(1);
|
||||
@@ -313,8 +313,8 @@ static float wv_get_value_float(WavpackFrameContext *s, uint32_t *crc, int S)
|
||||
S <<= s->float_shift;
|
||||
sign = S < 0;
|
||||
if (sign)
|
||||
S = -S;
|
||||
if (S >= 0x1000000) {
|
||||
S = -(unsigned)S;
|
||||
if (S >= 0x1000000U) {
|
||||
if (s->got_extra_bits && get_bits1(&s->gb_extra_bits))
|
||||
S = get_bits(&s->gb_extra_bits, 23);
|
||||
else
|
||||
@@ -480,7 +480,7 @@ static inline int wv_unpack_stereo(WavpackFrameContext *s, GetBitContext *gb,
|
||||
}
|
||||
|
||||
if (type == AV_SAMPLE_FMT_S16P) {
|
||||
if (FFABS(L) + FFABS(R) > (1<<19)) {
|
||||
if (FFABS(L) + (unsigned)FFABS(R) > (1<<19)) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "sample %d %d too large\n", L, R);
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
@@ -846,9 +846,9 @@ static int wavpack_decode_block(AVCodecContext *avctx, int block_no,
|
||||
continue;
|
||||
}
|
||||
bytestream2_get_buffer(&gb, val, 4);
|
||||
if (val[0] > 31) {
|
||||
if (val[0] > 30) {
|
||||
av_log(avctx, AV_LOG_ERROR,
|
||||
"Invalid INT32INFO, extra_bits = %d (> 32)\n", val[0]);
|
||||
"Invalid INT32INFO, extra_bits = %d (> 30)\n", val[0]);
|
||||
continue;
|
||||
} else if (val[0]) {
|
||||
s->extra_bits = val[0];
|
||||
|
||||
@@ -94,7 +94,7 @@ typedef struct Decorr {
|
||||
typedef struct WvChannel {
|
||||
int median[3];
|
||||
int slow_level, error_limit;
|
||||
int bitrate_acc, bitrate_delta;
|
||||
unsigned bitrate_acc, bitrate_delta;
|
||||
} WvChannel;
|
||||
|
||||
// macros for manipulating median values
|
||||
|
||||
+1
-1
@@ -69,7 +69,7 @@ static void get_tree_codes(uint32_t *bits, int16_t *lens, uint8_t *xlat,
|
||||
|
||||
s = nodes[node].sym;
|
||||
if (s != -1) {
|
||||
bits[*pos] = (~pfx) & ((1 << FFMAX(pl, 1)) - 1);
|
||||
bits[*pos] = (~pfx) & ((1ULL << FFMAX(pl, 1)) - 1);
|
||||
lens[*pos] = FFMAX(pl, 1);
|
||||
xlat[*pos] = s + (pl == 0);
|
||||
(*pos)++;
|
||||
|
||||
@@ -65,9 +65,14 @@ static int celt_header(AVFormatContext *s, int idx)
|
||||
st->codecpar->channels = nb_channels;
|
||||
if (sample_rate)
|
||||
avpriv_set_pts_info(st, 64, 1, sample_rate);
|
||||
priv->extra_headers_left = 1 + extra_headers;
|
||||
av_free(os->private);
|
||||
|
||||
if (os->private) {
|
||||
av_free(priv);
|
||||
priv = os->private;
|
||||
}
|
||||
os->private = priv;
|
||||
priv->extra_headers_left = 1 + extra_headers;
|
||||
|
||||
AV_WL32(st->codecpar->extradata + 0, overlap);
|
||||
AV_WL32(st->codecpar->extradata + 4, version);
|
||||
return 1;
|
||||
|
||||
+85
-40
@@ -433,97 +433,142 @@ void ff_rtmp_packet_destroy(RTMPPacket *pkt)
|
||||
pkt->size = 0;
|
||||
}
|
||||
|
||||
int ff_amf_tag_size(const uint8_t *data, const uint8_t *data_end)
|
||||
static int amf_tag_skip(GetByteContext *gb)
|
||||
{
|
||||
const uint8_t *base = data;
|
||||
AMFDataType type;
|
||||
unsigned nb = -1;
|
||||
int parse_key = 1;
|
||||
|
||||
if (data >= data_end)
|
||||
if (bytestream2_get_bytes_left(gb) < 1)
|
||||
return -1;
|
||||
switch ((type = *data++)) {
|
||||
case AMF_DATA_TYPE_NUMBER: return 9;
|
||||
case AMF_DATA_TYPE_BOOL: return 2;
|
||||
case AMF_DATA_TYPE_STRING: return 3 + AV_RB16(data);
|
||||
case AMF_DATA_TYPE_LONG_STRING: return 5 + AV_RB32(data);
|
||||
case AMF_DATA_TYPE_NULL: return 1;
|
||||
case AMF_DATA_TYPE_DATE: return 11;
|
||||
|
||||
type = bytestream2_get_byte(gb);
|
||||
switch (type) {
|
||||
case AMF_DATA_TYPE_NUMBER:
|
||||
bytestream2_get_be64(gb);
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_BOOL:
|
||||
bytestream2_get_byte(gb);
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_STRING:
|
||||
bytestream2_skip(gb, bytestream2_get_be16(gb));
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_LONG_STRING:
|
||||
bytestream2_skip(gb, bytestream2_get_be32(gb));
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_NULL:
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_DATE:
|
||||
bytestream2_skip(gb, 10);
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_ARRAY:
|
||||
parse_key = 0;
|
||||
case AMF_DATA_TYPE_MIXEDARRAY:
|
||||
nb = bytestream_get_be32(&data);
|
||||
nb = bytestream2_get_be32(gb);
|
||||
case AMF_DATA_TYPE_OBJECT:
|
||||
while (nb-- > 0 || type != AMF_DATA_TYPE_ARRAY) {
|
||||
int t;
|
||||
if (parse_key) {
|
||||
int size = bytestream_get_be16(&data);
|
||||
int size = bytestream2_get_be16(gb);
|
||||
if (!size) {
|
||||
data++;
|
||||
bytestream2_get_byte(gb);
|
||||
break;
|
||||
}
|
||||
if (size < 0 || size >= data_end - data)
|
||||
if (size < 0 || size >= bytestream2_get_bytes_left(gb))
|
||||
return -1;
|
||||
data += size;
|
||||
bytestream2_skip(gb, size);
|
||||
}
|
||||
t = ff_amf_tag_size(data, data_end);
|
||||
if (t < 0 || t >= data_end - data)
|
||||
t = amf_tag_skip(gb);
|
||||
if (t < 0 || bytestream2_get_bytes_left(gb) <= 0)
|
||||
return -1;
|
||||
data += t;
|
||||
}
|
||||
return data - base;
|
||||
case AMF_DATA_TYPE_OBJECT_END: return 1;
|
||||
return 0;
|
||||
case AMF_DATA_TYPE_OBJECT_END: return 0;
|
||||
default: return -1;
|
||||
}
|
||||
}
|
||||
|
||||
int ff_amf_get_field_value(const uint8_t *data, const uint8_t *data_end,
|
||||
int ff_amf_tag_size(const uint8_t *data, const uint8_t *data_end)
|
||||
{
|
||||
GetByteContext gb;
|
||||
int ret;
|
||||
|
||||
if (data >= data_end)
|
||||
return -1;
|
||||
|
||||
bytestream2_init(&gb, data, data_end - data);
|
||||
|
||||
ret = amf_tag_skip(&gb);
|
||||
if (ret < 0 || bytestream2_get_bytes_left(&gb) <= 0)
|
||||
return -1;
|
||||
av_assert0(bytestream2_tell(&gb) >= 0 && bytestream2_tell(&gb) <= data_end - data);
|
||||
return bytestream2_tell(&gb);
|
||||
}
|
||||
|
||||
static int amf_get_field_value2(GetByteContext *gb,
|
||||
const uint8_t *name, uint8_t *dst, int dst_size)
|
||||
{
|
||||
int namelen = strlen(name);
|
||||
int len;
|
||||
|
||||
while (*data != AMF_DATA_TYPE_OBJECT && data < data_end) {
|
||||
len = ff_amf_tag_size(data, data_end);
|
||||
if (len < 0)
|
||||
len = data_end - data;
|
||||
data += len;
|
||||
while (bytestream2_peek_byte(gb) != AMF_DATA_TYPE_OBJECT && bytestream2_get_bytes_left(gb) > 0) {
|
||||
int ret = amf_tag_skip(gb);
|
||||
if (ret < 0)
|
||||
return -1;
|
||||
}
|
||||
if (data_end - data < 3)
|
||||
if (bytestream2_get_bytes_left(gb) < 3)
|
||||
return -1;
|
||||
data++;
|
||||
bytestream2_get_byte(gb);
|
||||
|
||||
for (;;) {
|
||||
int size = bytestream_get_be16(&data);
|
||||
int size = bytestream2_get_be16(gb);
|
||||
if (!size)
|
||||
break;
|
||||
if (size < 0 || size >= data_end - data)
|
||||
if (size < 0 || size >= bytestream2_get_bytes_left(gb))
|
||||
return -1;
|
||||
data += size;
|
||||
if (size == namelen && !memcmp(data-size, name, namelen)) {
|
||||
switch (*data++) {
|
||||
bytestream2_skip(gb, size);
|
||||
if (size == namelen && !memcmp(gb->buffer-size, name, namelen)) {
|
||||
switch (bytestream2_get_byte(gb)) {
|
||||
case AMF_DATA_TYPE_NUMBER:
|
||||
snprintf(dst, dst_size, "%g", av_int2double(AV_RB64(data)));
|
||||
snprintf(dst, dst_size, "%g", av_int2double(bytestream2_get_be64(gb)));
|
||||
break;
|
||||
case AMF_DATA_TYPE_BOOL:
|
||||
snprintf(dst, dst_size, "%s", *data ? "true" : "false");
|
||||
snprintf(dst, dst_size, "%s", bytestream2_get_byte(gb) ? "true" : "false");
|
||||
break;
|
||||
case AMF_DATA_TYPE_STRING:
|
||||
len = bytestream_get_be16(&data);
|
||||
av_strlcpy(dst, data, FFMIN(len+1, dst_size));
|
||||
len = bytestream2_get_be16(gb);
|
||||
if (dst_size < 1)
|
||||
return -1;
|
||||
if (dst_size < len + 1)
|
||||
len = dst_size - 1;
|
||||
bytestream2_get_buffer(gb, dst, len);
|
||||
dst[len] = 0;
|
||||
break;
|
||||
default:
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
len = ff_amf_tag_size(data, data_end);
|
||||
if (len < 0 || len >= data_end - data)
|
||||
len = amf_tag_skip(gb);
|
||||
if (len < 0 || bytestream2_get_bytes_left(gb) <= 0)
|
||||
return -1;
|
||||
data += len;
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
int ff_amf_get_field_value(const uint8_t *data, const uint8_t *data_end,
|
||||
const uint8_t *name, uint8_t *dst, int dst_size)
|
||||
{
|
||||
GetByteContext gb;
|
||||
|
||||
if (data >= data_end)
|
||||
return -1;
|
||||
|
||||
bytestream2_init(&gb, data, data_end - data);
|
||||
|
||||
return amf_get_field_value2(&gb, name, dst, dst_size);
|
||||
}
|
||||
|
||||
static const char* rtmp_packet_type(int type)
|
||||
{
|
||||
switch (type) {
|
||||
|
||||
Reference in New Issue
Block a user