Mercurial > libavcodec.hg

comparison huffyuv.c @ 2511:366e8a09eb6e libavcodec

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
buffer overflows one found by Milan Cutka one by me
author michael
date Thu, 17 Feb 2005 19:00:42 +0000
parents 236562127b89
children d3885f927bc7
comparison
equal deleted inserted replaced
2510:5e9f8eef19b9 2511:366e8a09eb6e
346 fprintf(stderr, "v1 huffyuv is not supported \n"); 346 fprintf(stderr, "v1 huffyuv is not supported \n");
347 return -1; 347 return -1;
348 #endif 348 #endif
349 } 349 }
350 350
351 static void alloc_temp(HYuvContext *s){
352 int i;
353
354 if(s->bitstream_bpp<24){
355 for(i=0; i<3; i++){
356 s->temp[i]= av_malloc(s->width + 16);
357 }
358 }else{
359 s->temp[0]= av_malloc(4*s->width + 16);
360 }
361 }
362
351 static int common_init(AVCodecContext *avctx){ 363 static int common_init(AVCodecContext *avctx){
352 HYuvContext *s = avctx->priv_data; 364 HYuvContext *s = avctx->priv_data;
353 int i;
354 365
355 s->avctx= avctx; 366 s->avctx= avctx;
356 s->flags= avctx->flags; 367 s->flags= avctx->flags;
357 368
358 dsputil_init(&s->dsp, avctx); 369 dsputil_init(&s->dsp, avctx);
359 370
360 s->width= avctx->width; 371 s->width= avctx->width;
361 s->height= avctx->height; 372 s->height= avctx->height;
362 assert(s->width>0 && s->height>0); 373 assert(s->width>0 && s->height>0);
363 374
364 for(i=0; i<3; i++){
365 s->temp[i]= av_malloc(avctx->width + 16);
366 }
367 return 0; 375 return 0;
368 } 376 }
369 377
370 static int decode_init(AVCodecContext *avctx) 378 static int decode_init(AVCodecContext *avctx)
371 { 379 {
454 break; 462 break;
455 default: 463 default:
456 assert(0); 464 assert(0);
457 } 465 }
458 466
467 alloc_temp(s);
468
459 // av_log(NULL, AV_LOG_DEBUG, "pred:%d bpp:%d hbpp:%d il:%d\n", s->predictor, s->bitstream_bpp, avctx->bits_per_sample, s->interlaced); 469 // av_log(NULL, AV_LOG_DEBUG, "pred:%d bpp:%d hbpp:%d il:%d\n", s->predictor, s->bitstream_bpp, avctx->bits_per_sample, s->interlaced);
460 470
461 return 0; 471 return 0;
462 } 472 }
463 473
596 for(j=0; j<256; j++) 606 for(j=0; j<256; j++)
597 s->stats[i][j]= 0; 607 s->stats[i][j]= 0;
598 } 608 }
599 609
600 // printf("pred:%d bpp:%d hbpp:%d il:%d\n", s->predictor, s->bitstream_bpp, avctx->bits_per_sample, s->interlaced); 610 // printf("pred:%d bpp:%d hbpp:%d il:%d\n", s->predictor, s->bitstream_bpp, avctx->bits_per_sample, s->interlaced);
611
612 alloc_temp(s);
601 613
602 s->picture_number=0; 614 s->picture_number=0;
603 615
604 return 0; 616 return 0;
605 } 617 }
1146 vdst= p->data[2] + p->linesize[2]*cy; 1158 vdst= p->data[2] + p->linesize[2]*cy;
1147 1159
1148 if(s->predictor == PLANE && s->interlaced < cy){ 1160 if(s->predictor == PLANE && s->interlaced < cy){
1149 s->dsp.diff_bytes(s->temp[1], ydst, ydst - fake_ystride, width); 1161 s->dsp.diff_bytes(s->temp[1], ydst, ydst - fake_ystride, width);
1150 s->dsp.diff_bytes(s->temp[2], udst, udst - fake_ustride, width2); 1162 s->dsp.diff_bytes(s->temp[2], udst, udst - fake_ustride, width2);
1151 s->dsp.diff_bytes(s->temp[2] + 1250, vdst, vdst - fake_vstride, width2); 1163 s->dsp.diff_bytes(s->temp[2] + width2, vdst, vdst - fake_vstride, width2);
1152 1164
1153 lefty= sub_left_prediction(s, s->temp[0], s->temp[1], width , lefty); 1165 lefty= sub_left_prediction(s, s->temp[0], s->temp[1], width , lefty);
1154 leftu= sub_left_prediction(s, s->temp[1], s->temp[2], width2, leftu); 1166 leftu= sub_left_prediction(s, s->temp[1], s->temp[2], width2, leftu);
1155 leftv= sub_left_prediction(s, s->temp[2], s->temp[2] + 1250, width2, leftv); 1167 leftv= sub_left_prediction(s, s->temp[2], s->temp[2] + width2, width2, leftv);
1156 }else{ 1168 }else{
1157 lefty= sub_left_prediction(s, s->temp[0], ydst, width , lefty); 1169 lefty= sub_left_prediction(s, s->temp[0], ydst, width , lefty);
1158 leftu= sub_left_prediction(s, s->temp[1], udst, width2, leftu); 1170 leftu= sub_left_prediction(s, s->temp[1], udst, width2, leftu);
1159 leftv= sub_left_prediction(s, s->temp[2], vdst, width2, leftv); 1171 leftv= sub_left_prediction(s, s->temp[2], vdst, width2, leftv);
1160 } 1172 }