Browse code
bink: Factorize bink put_pixel
And make sure to check INTER_BLOCK as had been fixed by Michael
Niedermayer.
Reported-By: Andreas Cadhalpun
CC: libav-stable@libav.org
Luca Barbato authored on 2015/06/03 09:09:31Showing 1 changed files
| ... | ... |
@@ -944,15 +944,32 @@ static int binkb_decode_plane(BinkContext *c, AVFrame *frame, GetBitContext *gb, |
| 944 | 944 |
return 0; |
| 945 | 945 |
} |
| 946 | 946 |
|
| 947 |
+static int bink_put_pixels(BinkContext *c, |
|
| 948 |
+ uint8_t *dst, uint8_t *prev, int stride, |
|
| 949 |
+ uint8_t *ref_start, |
|
| 950 |
+ uint8_t *ref_end) |
|
| 951 |
+{
|
|
| 952 |
+ int xoff = get_value(c, BINK_SRC_X_OFF); |
|
| 953 |
+ int yoff = get_value(c, BINK_SRC_Y_OFF); |
|
| 954 |
+ uint8_t *ref = prev + xoff + yoff * stride; |
|
| 955 |
+ if (ref < ref_start || ref > ref_end) {
|
|
| 956 |
+ av_log(c->avctx, AV_LOG_ERROR, "Copy out of bounds @%d, %d\n", |
|
| 957 |
+ xoff, yoff); |
|
| 958 |
+ return AVERROR_INVALIDDATA; |
|
| 959 |
+ } |
|
| 960 |
+ c->hdsp.put_pixels_tab[1][0](dst, ref, stride, 8); |
|
| 961 |
+ |
|
| 962 |
+ return 0; |
|
| 963 |
+} |
|
| 964 |
+ |
|
| 947 | 965 |
static int bink_decode_plane(BinkContext *c, AVFrame *frame, GetBitContext *gb, |
| 948 | 966 |
int plane_idx, int is_chroma) |
| 949 | 967 |
{
|
| 950 | 968 |
int blk, ret; |
| 951 | 969 |
int i, j, bx, by; |
| 952 |
- uint8_t *dst, *prev, *ref, *ref_start, *ref_end; |
|
| 970 |
+ uint8_t *dst, *prev, *ref_start, *ref_end; |
|
| 953 | 971 |
int v, col[2]; |
| 954 | 972 |
const uint8_t *scan; |
| 955 |
- int xoff, yoff; |
|
| 956 | 973 |
LOCAL_ALIGNED_16(int16_t, block, [64]); |
| 957 | 974 |
LOCAL_ALIGNED_16(uint8_t, ublock, [64]); |
| 958 | 975 |
LOCAL_ALIGNED_16(int32_t, dctblock, [64]); |
| ... | ... |
@@ -1074,15 +1091,10 @@ static int bink_decode_plane(BinkContext *c, AVFrame *frame, GetBitContext *gb, |
| 1074 | 1074 |
prev += 8; |
| 1075 | 1075 |
break; |
| 1076 | 1076 |
case MOTION_BLOCK: |
| 1077 |
- xoff = get_value(c, BINK_SRC_X_OFF); |
|
| 1078 |
- yoff = get_value(c, BINK_SRC_Y_OFF); |
|
| 1079 |
- ref = prev + xoff + yoff * stride; |
|
| 1080 |
- if (ref < ref_start || ref > ref_end) {
|
|
| 1081 |
- av_log(c->avctx, AV_LOG_ERROR, "Copy out of bounds @%d, %d\n", |
|
| 1082 |
- bx*8 + xoff, by*8 + yoff); |
|
| 1083 |
- return AVERROR_INVALIDDATA; |
|
| 1084 |
- } |
|
| 1085 |
- c->hdsp.put_pixels_tab[1][0](dst, ref, stride, 8); |
|
| 1077 |
+ ret = bink_put_pixels(c, dst, prev, stride, |
|
| 1078 |
+ ref_start, ref_end); |
|
| 1079 |
+ if (ret < 0) |
|
| 1080 |
+ return ret; |
|
| 1086 | 1081 |
break; |
| 1087 | 1082 |
case RUN_BLOCK: |
| 1088 | 1083 |
scan = bink_patterns[get_bits(gb, 4)]; |
| ... | ... |
@@ -1108,15 +1120,10 @@ static int bink_decode_plane(BinkContext *c, AVFrame *frame, GetBitContext *gb, |
| 1108 | 1108 |
dst[coordmap[*scan++]] = get_value(c, BINK_SRC_COLORS); |
| 1109 | 1109 |
break; |
| 1110 | 1110 |
case RESIDUE_BLOCK: |
| 1111 |
- xoff = get_value(c, BINK_SRC_X_OFF); |
|
| 1112 |
- yoff = get_value(c, BINK_SRC_Y_OFF); |
|
| 1113 |
- ref = prev + xoff + yoff * stride; |
|
| 1114 |
- if (ref < ref_start || ref > ref_end) {
|
|
| 1115 |
- av_log(c->avctx, AV_LOG_ERROR, "Copy out of bounds @%d, %d\n", |
|
| 1116 |
- bx*8 + xoff, by*8 + yoff); |
|
| 1117 |
- return AVERROR_INVALIDDATA; |
|
| 1118 |
- } |
|
| 1119 |
- c->hdsp.put_pixels_tab[1][0](dst, ref, stride, 8); |
|
| 1111 |
+ ret = bink_put_pixels(c, dst, prev, stride, |
|
| 1112 |
+ ref_start, ref_end); |
|
| 1113 |
+ if (ret < 0) |
|
| 1114 |
+ return ret; |
|
| 1120 | 1115 |
c->bdsp.clear_block(block); |
| 1121 | 1116 |
v = get_bits(gb, 7); |
| 1122 | 1117 |
read_residue(gb, block, v); |
| ... | ... |
@@ -1133,10 +1140,10 @@ static int bink_decode_plane(BinkContext *c, AVFrame *frame, GetBitContext *gb, |
| 1133 | 1133 |
c->bdsp.fill_block_tab[1](dst, v, stride, 8); |
| 1134 | 1134 |
break; |
| 1135 | 1135 |
case INTER_BLOCK: |
| 1136 |
- xoff = get_value(c, BINK_SRC_X_OFF); |
|
| 1137 |
- yoff = get_value(c, BINK_SRC_Y_OFF); |
|
| 1138 |
- ref = prev + xoff + yoff * stride; |
|
| 1139 |
- c->hdsp.put_pixels_tab[1][0](dst, ref, stride, 8); |
|
| 1136 |
+ ret = bink_put_pixels(c, dst, prev, stride, |
|
| 1137 |
+ ref_start, ref_end); |
|
| 1138 |
+ if (ret < 0) |
|
| 1139 |
+ return ret; |
|
| 1140 | 1140 |
memset(dctblock, 0, sizeof(*dctblock) * 64); |
| 1141 | 1141 |
dctblock[0] = get_value(c, BINK_SRC_INTER_DC); |
| 1142 | 1142 |
read_dct_coeffs(gb, dctblock, bink_scan, bink_inter_quant, -1); |