Mercurial > libavcodec.hg
changeset 1289:57172377849a libavcodec
fix mpeg1/2 decoding if there are no 0 bytes after the bitstream
print mpeg1/2 startcodes support
author | michaelni |
---|---|
date | Fri, 30 May 2003 00:02:25 +0000 |
parents | 10c21dffe5ab |
children | dae280b939ca |
files | avcodec.h mpeg12.c |
diffstat | 2 files changed, 22 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/avcodec.h Thu May 29 21:34:25 2003 +0000 +++ b/avcodec.h Fri May 30 00:02:25 2003 +0000 @@ -118,8 +118,11 @@ #define AVCODEC_MAX_AUDIO_FRAME_SIZE 131072 /** - * Required number of zero bytes at the end of the input bitstream for decoding. - * to avoid overreading (and possibly segfaulting) + * Required number of additionally allocated bytes at the end of the input bitstream for decoding. + * this is mainly needed because some optimized bitstream readers read + * 32 or 64 bit at once and could read over the end<br> + * Note, if the first 23 bits of the additional bytes are not 0 then damaged + * MPEG bitstreams could cause overread and segfault */ #define FF_INPUT_BUFFER_PADDING_SIZE 8
--- a/mpeg12.c Thu May 29 21:34:25 2003 +0000 +++ b/mpeg12.c Fri May 30 00:02:25 2003 +0000 @@ -1934,6 +1934,17 @@ s->mb_x = 0; s->mb_y++; + + if(s->mb_y<<field_pic >= s->mb_height){ + int left= s->gb.size_in_bits - get_bits_count(&s->gb); + + if(left < 0 || (left && show_bits(&s->gb, FFMIN(left, 23))) + || (avctx->error_resilience >= FF_ER_AGGRESSIVE && left>8)){ + fprintf(stderr, "end missmatch left=%d\n", left); + return -1; + }else + goto eos; + } } /* skip mb handling */ @@ -1963,10 +1974,6 @@ } } } - if(s->mb_y<<field_pic >= s->mb_height){ - fprintf(stderr, "slice too long\n"); - return -1; - } } eos: // end of slice *buf += get_bits_count(&s->gb)/8 - 1; @@ -2248,9 +2255,14 @@ } return FFMAX(0, buf_ptr - buf - s2->parse_context.last_index); } + + input_size = buf_end - buf_ptr; + + if(avctx->debug & FF_DEBUG_STARTCODE){ + printf("%3X at %d left %d\n", start_code, buf_ptr-buf, input_size); + } /* prepare data for next start code */ - input_size = buf_end - buf_ptr; switch(start_code) { case SEQ_START_CODE: mpeg1_decode_sequence(avctx, buf_ptr,