Browse code
Merge remote-tracking branch 'qatar/master'
* qatar/master:
qcelpdec: cosmetics: do not add line break before opening bracket in 'for', 'while', 'if/else', and 'switch' statements.
qcelp: check output buffer size before decoding
qcelpdec: fix the return value of qcelp_decode_frame().
sipr: fix the output data size check and only calculate it once.
Synchronize various 4CCs and codec tags from FFmpeg.
qdm2: check output buffer size before decoding
Fix out of bound reads in the QDM2 decoder.
Check for out of bound writes in the QDM2 decoder.
ogg/celt: do not set sample_fmt in the demuxer
Conflicts:
libavcodec/avcodec.h
libavcodec/qdm2.c
libavformat/oggparsecelt.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Michael Niedermayer authored on 2011/10/05 11:07:59Showing 6 changed files
- libavcodec/qcelpdec.c
- libavcodec/qdm2.c
- libavcodec/sipr.c
- libavformat/isom.c
- libavformat/oggparsecelt.c
- libavformat/riff.c
| ... | ... |
@@ -117,18 +117,15 @@ static int decode_lspf(QCELPContext *q, float *lspf) |
| 117 | 117 |
float tmp_lspf, smooth, erasure_coeff; |
| 118 | 118 |
const float *predictors; |
| 119 | 119 |
|
| 120 |
- if(q->bitrate == RATE_OCTAVE || q->bitrate == I_F_Q) |
|
| 121 |
- {
|
|
| 120 |
+ if (q->bitrate == RATE_OCTAVE || q->bitrate == I_F_Q) {
|
|
| 122 | 121 |
predictors = (q->prev_bitrate != RATE_OCTAVE && |
| 123 | 122 |
q->prev_bitrate != I_F_Q ? |
| 124 | 123 |
q->prev_lspf : q->predictor_lspf); |
| 125 | 124 |
|
| 126 |
- if(q->bitrate == RATE_OCTAVE) |
|
| 127 |
- {
|
|
| 125 |
+ if (q->bitrate == RATE_OCTAVE) {
|
|
| 128 | 126 |
q->octave_count++; |
| 129 | 127 |
|
| 130 |
- for(i=0; i<10; i++) |
|
| 131 |
- {
|
|
| 128 |
+ for (i=0; i<10; i++) {
|
|
| 132 | 129 |
q->predictor_lspf[i] = |
| 133 | 130 |
lspf[i] = (q->frame.lspv[i] ? QCELP_LSP_SPREAD_FACTOR |
| 134 | 131 |
: -QCELP_LSP_SPREAD_FACTOR) |
| ... | ... |
@@ -136,8 +133,7 @@ static int decode_lspf(QCELPContext *q, float *lspf) |
| 136 | 136 |
+ (i + 1) * ((1 - QCELP_LSP_OCTAVE_PREDICTOR)/11); |
| 137 | 137 |
} |
| 138 | 138 |
smooth = (q->octave_count < 10 ? .875 : 0.1); |
| 139 |
- }else |
|
| 140 |
- {
|
|
| 139 |
+ } else {
|
|
| 141 | 140 |
erasure_coeff = QCELP_LSP_OCTAVE_PREDICTOR; |
| 142 | 141 |
|
| 143 | 142 |
assert(q->bitrate == I_F_Q); |
| ... | ... |
@@ -145,8 +141,7 @@ static int decode_lspf(QCELPContext *q, float *lspf) |
| 145 | 145 |
if(q->erasure_count > 1) |
| 146 | 146 |
erasure_coeff *= (q->erasure_count < 4 ? 0.9 : 0.7); |
| 147 | 147 |
|
| 148 |
- for(i=0; i<10; i++) |
|
| 149 |
- {
|
|
| 148 |
+ for(i = 0; i < 10; i++) {
|
|
| 150 | 149 |
q->predictor_lspf[i] = |
| 151 | 150 |
lspf[i] = (i + 1) * ( 1 - erasure_coeff)/11 |
| 152 | 151 |
+ erasure_coeff * predictors[i]; |
| ... | ... |
@@ -165,27 +160,23 @@ static int decode_lspf(QCELPContext *q, float *lspf) |
| 165 | 165 |
|
| 166 | 166 |
// Low-pass filter the LSP frequencies. |
| 167 | 167 |
ff_weighted_vector_sumf(lspf, lspf, q->prev_lspf, smooth, 1.0-smooth, 10); |
| 168 |
- }else |
|
| 169 |
- {
|
|
| 168 |
+ } else {
|
|
| 170 | 169 |
q->octave_count = 0; |
| 171 | 170 |
|
| 172 | 171 |
tmp_lspf = 0.; |
| 173 |
- for(i=0; i<5 ; i++) |
|
| 174 |
- {
|
|
| 172 |
+ for (i = 0; i < 5; i++) {
|
|
| 175 | 173 |
lspf[2*i+0] = tmp_lspf += qcelp_lspvq[i][q->frame.lspv[i]][0] * 0.0001; |
| 176 | 174 |
lspf[2*i+1] = tmp_lspf += qcelp_lspvq[i][q->frame.lspv[i]][1] * 0.0001; |
| 177 | 175 |
} |
| 178 | 176 |
|
| 179 | 177 |
// Check for badly received packets. |
| 180 |
- if(q->bitrate == RATE_QUARTER) |
|
| 181 |
- {
|
|
| 178 |
+ if (q->bitrate == RATE_QUARTER) {
|
|
| 182 | 179 |
if(lspf[9] <= .70 || lspf[9] >= .97) |
| 183 | 180 |
return -1; |
| 184 | 181 |
for(i=3; i<10; i++) |
| 185 | 182 |
if(fabs(lspf[i] - lspf[i-2]) < .08) |
| 186 | 183 |
return -1; |
| 187 |
- }else |
|
| 188 |
- {
|
|
| 184 |
+ } else {
|
|
| 189 | 185 |
if(lspf[9] <= .66 || lspf[9] >= .985) |
| 190 | 186 |
return -1; |
| 191 | 187 |
for(i=4; i<10; i++) |
| ... | ... |
@@ -209,26 +200,21 @@ static void decode_gain_and_index(QCELPContext *q, |
| 209 | 209 |
int i, subframes_count, g1[16]; |
| 210 | 210 |
float slope; |
| 211 | 211 |
|
| 212 |
- if(q->bitrate >= RATE_QUARTER) |
|
| 213 |
- {
|
|
| 214 |
- switch(q->bitrate) |
|
| 215 |
- {
|
|
| 212 |
+ if (q->bitrate >= RATE_QUARTER) {
|
|
| 213 |
+ switch (q->bitrate) {
|
|
| 216 | 214 |
case RATE_FULL: subframes_count = 16; break; |
| 217 | 215 |
case RATE_HALF: subframes_count = 4; break; |
| 218 | 216 |
default: subframes_count = 5; |
| 219 | 217 |
} |
| 220 |
- for(i=0; i<subframes_count; i++) |
|
| 221 |
- {
|
|
| 218 |
+ for(i = 0; i < subframes_count; i++) {
|
|
| 222 | 219 |
g1[i] = 4 * q->frame.cbgain[i]; |
| 223 |
- if(q->bitrate == RATE_FULL && !((i+1) & 3)) |
|
| 224 |
- {
|
|
| 220 |
+ if (q->bitrate == RATE_FULL && !((i+1) & 3)) {
|
|
| 225 | 221 |
g1[i] += av_clip((g1[i-1] + g1[i-2] + g1[i-3]) / 3 - 6, 0, 32); |
| 226 | 222 |
} |
| 227 | 223 |
|
| 228 | 224 |
gain[i] = qcelp_g12ga[g1[i]]; |
| 229 | 225 |
|
| 230 |
- if(q->frame.cbsign[i]) |
|
| 231 |
- {
|
|
| 226 |
+ if (q->frame.cbsign[i]) {
|
|
| 232 | 227 |
gain[i] = -gain[i]; |
| 233 | 228 |
q->frame.cindex[i] = (q->frame.cindex[i]-89) & 127; |
| 234 | 229 |
} |
| ... | ... |
@@ -238,8 +224,7 @@ static void decode_gain_and_index(QCELPContext *q, |
| 238 | 238 |
q->prev_g1[1] = g1[i-1]; |
| 239 | 239 |
q->last_codebook_gain = qcelp_g12ga[g1[i-1]]; |
| 240 | 240 |
|
| 241 |
- if(q->bitrate == RATE_QUARTER) |
|
| 242 |
- {
|
|
| 241 |
+ if (q->bitrate == RATE_QUARTER) {
|
|
| 243 | 242 |
// Provide smoothing of the unvoiced excitation energy. |
| 244 | 243 |
gain[7] = gain[4]; |
| 245 | 244 |
gain[6] = 0.4*gain[3] + 0.6*gain[4]; |
| ... | ... |
@@ -249,20 +234,16 @@ static void decode_gain_and_index(QCELPContext *q, |
| 249 | 249 |
gain[2] = gain[1]; |
| 250 | 250 |
gain[1] = 0.6*gain[0] + 0.4*gain[1]; |
| 251 | 251 |
} |
| 252 |
- }else if (q->bitrate != SILENCE) |
|
| 253 |
- {
|
|
| 254 |
- if(q->bitrate == RATE_OCTAVE) |
|
| 255 |
- {
|
|
| 252 |
+ } else if (q->bitrate != SILENCE) {
|
|
| 253 |
+ if (q->bitrate == RATE_OCTAVE) {
|
|
| 256 | 254 |
g1[0] = 2 * q->frame.cbgain[0] |
| 257 | 255 |
+ av_clip((q->prev_g1[0] + q->prev_g1[1]) / 2 - 5, 0, 54); |
| 258 | 256 |
subframes_count = 8; |
| 259 |
- }else |
|
| 260 |
- {
|
|
| 257 |
+ } else {
|
|
| 261 | 258 |
assert(q->bitrate == I_F_Q); |
| 262 | 259 |
|
| 263 | 260 |
g1[0] = q->prev_g1[1]; |
| 264 |
- switch(q->erasure_count) |
|
| 265 |
- {
|
|
| 261 |
+ switch (q->erasure_count) {
|
|
| 266 | 262 |
case 1 : break; |
| 267 | 263 |
case 2 : g1[0] -= 1; break; |
| 268 | 264 |
case 3 : g1[0] -= 2; break; |
| ... | ... |
@@ -296,8 +277,7 @@ static int codebook_sanity_check_for_rate_quarter(const uint8_t *cbgain) |
| 296 | 296 |
{
|
| 297 | 297 |
int i, diff, prev_diff=0; |
| 298 | 298 |
|
| 299 |
- for(i=1; i<5; i++) |
|
| 300 |
- {
|
|
| 299 |
+ for(i=1; i<5; i++) {
|
|
| 301 | 300 |
diff = cbgain[i] - cbgain[i-1]; |
| 302 | 301 |
if(FFABS(diff) > 10) |
| 303 | 302 |
return -1; |
| ... | ... |
@@ -336,11 +316,9 @@ static void compute_svector(QCELPContext *q, const float *gain, |
| 336 | 336 |
uint16_t cbseed, cindex; |
| 337 | 337 |
float *rnd, tmp_gain, fir_filter_value; |
| 338 | 338 |
|
| 339 |
- switch(q->bitrate) |
|
| 340 |
- {
|
|
| 339 |
+ switch (q->bitrate) {
|
|
| 341 | 340 |
case RATE_FULL: |
| 342 |
- for(i=0; i<16; i++) |
|
| 343 |
- {
|
|
| 341 |
+ for (i = 0; i < 16; i++) {
|
|
| 344 | 342 |
tmp_gain = gain[i] * QCELP_RATE_FULL_CODEBOOK_RATIO; |
| 345 | 343 |
cindex = -q->frame.cindex[i]; |
| 346 | 344 |
for(j=0; j<10; j++) |
| ... | ... |
@@ -348,8 +326,7 @@ static void compute_svector(QCELPContext *q, const float *gain, |
| 348 | 348 |
} |
| 349 | 349 |
break; |
| 350 | 350 |
case RATE_HALF: |
| 351 |
- for(i=0; i<4; i++) |
|
| 352 |
- {
|
|
| 351 |
+ for (i = 0; i < 4; i++) {
|
|
| 353 | 352 |
tmp_gain = gain[i] * QCELP_RATE_HALF_CODEBOOK_RATIO; |
| 354 | 353 |
cindex = -q->frame.cindex[i]; |
| 355 | 354 |
for (j = 0; j < 40; j++) |
| ... | ... |
@@ -363,11 +340,9 @@ static void compute_svector(QCELPContext *q, const float *gain, |
| 363 | 363 |
(0x0007 & q->frame.lspv[1])<< 3 | |
| 364 | 364 |
(0x0038 & q->frame.lspv[0])>> 3 ; |
| 365 | 365 |
rnd = q->rnd_fir_filter_mem + 20; |
| 366 |
- for(i=0; i<8; i++) |
|
| 367 |
- {
|
|
| 366 |
+ for (i = 0; i < 8; i++) {
|
|
| 368 | 367 |
tmp_gain = gain[i] * (QCELP_SQRT1887 / 32768.0); |
| 369 |
- for(k=0; k<20; k++) |
|
| 370 |
- {
|
|
| 368 |
+ for (k = 0; k < 20; k++) {
|
|
| 371 | 369 |
cbseed = 521 * cbseed + 259; |
| 372 | 370 |
*rnd = (int16_t)cbseed; |
| 373 | 371 |
|
| ... | ... |
@@ -386,11 +361,9 @@ static void compute_svector(QCELPContext *q, const float *gain, |
| 386 | 386 |
break; |
| 387 | 387 |
case RATE_OCTAVE: |
| 388 | 388 |
cbseed = q->first16bits; |
| 389 |
- for(i=0; i<8; i++) |
|
| 390 |
- {
|
|
| 389 |
+ for (i = 0; i < 8; i++) {
|
|
| 391 | 390 |
tmp_gain = gain[i] * (QCELP_SQRT1887 / 32768.0); |
| 392 |
- for(j=0; j<20; j++) |
|
| 393 |
- {
|
|
| 391 |
+ for (j = 0; j < 20; j++) {
|
|
| 394 | 392 |
cbseed = 521 * cbseed + 259; |
| 395 | 393 |
*cdn_vector++ = tmp_gain * (int16_t)cbseed; |
| 396 | 394 |
} |
| ... | ... |
@@ -398,8 +371,7 @@ static void compute_svector(QCELPContext *q, const float *gain, |
| 398 | 398 |
break; |
| 399 | 399 |
case I_F_Q: |
| 400 | 400 |
cbseed = -44; // random codebook index |
| 401 |
- for(i=0; i<4; i++) |
|
| 402 |
- {
|
|
| 401 |
+ for (i = 0; i < 4; i++) {
|
|
| 403 | 402 |
tmp_gain = gain[i] * QCELP_RATE_FULL_CODEBOOK_RATIO; |
| 404 | 403 |
for(j=0; j<40; j++) |
| 405 | 404 |
*cdn_vector++ = tmp_gain * qcelp_rate_full_codebook[cbseed++ & 127]; |
| ... | ... |
@@ -459,15 +431,11 @@ static const float *do_pitchfilter(float memory[303], const float v_in[160], |
| 459 | 459 |
|
| 460 | 460 |
v_out = memory + 143; // Output vector starts at memory[143]. |
| 461 | 461 |
|
| 462 |
- for(i=0; i<4; i++) |
|
| 463 |
- {
|
|
| 464 |
- if(gain[i]) |
|
| 465 |
- {
|
|
| 462 |
+ for (i = 0; i < 4; i++) {
|
|
| 463 |
+ if (gain[i]) {
|
|
| 466 | 464 |
v_lag = memory + 143 + 40 * i - lag[i]; |
| 467 |
- for(v_len=v_in+40; v_in<v_len; v_in++) |
|
| 468 |
- {
|
|
| 469 |
- if(pfrac[i]) // If it is a fractional lag... |
|
| 470 |
- {
|
|
| 465 |
+ for (v_len = v_in + 40; v_in < v_len; v_in++) {
|
|
| 466 |
+ if (pfrac[i]) { // If it is a fractional lag...
|
|
| 471 | 467 |
for(j=0, *v_out=0.; j<4; j++) |
| 472 | 468 |
*v_out += qcelp_hammsinc_table[j] * (v_lag[j-4] + v_lag[3-j]); |
| 473 | 469 |
}else |
| ... | ... |
@@ -478,8 +446,7 @@ static const float *do_pitchfilter(float memory[303], const float v_in[160], |
| 478 | 478 |
v_lag++; |
| 479 | 479 |
v_out++; |
| 480 | 480 |
} |
| 481 |
- }else |
|
| 482 |
- {
|
|
| 481 |
+ } else {
|
|
| 483 | 482 |
memcpy(v_out, v_in, 40 * sizeof(float)); |
| 484 | 483 |
v_in += 40; |
| 485 | 484 |
v_out += 40; |
| ... | ... |
@@ -504,31 +471,25 @@ static void apply_pitch_filters(QCELPContext *q, float *cdn_vector) |
| 504 | 504 |
|
| 505 | 505 |
if(q->bitrate >= RATE_HALF || |
| 506 | 506 |
q->bitrate == SILENCE || |
| 507 |
- (q->bitrate == I_F_Q && (q->prev_bitrate >= RATE_HALF))) |
|
| 508 |
- {
|
|
| 507 |
+ (q->bitrate == I_F_Q && (q->prev_bitrate >= RATE_HALF))) {
|
|
| 509 | 508 |
|
| 510 |
- if(q->bitrate >= RATE_HALF) |
|
| 511 |
- {
|
|
| 509 |
+ if(q->bitrate >= RATE_HALF) {
|
|
| 512 | 510 |
|
| 513 | 511 |
// Compute gain & lag for the whole frame. |
| 514 |
- for(i=0; i<4; i++) |
|
| 515 |
- {
|
|
| 512 |
+ for (i = 0; i < 4; i++) {
|
|
| 516 | 513 |
q->pitch_gain[i] = q->frame.plag[i] ? (q->frame.pgain[i] + 1) * 0.25 : 0.0; |
| 517 | 514 |
|
| 518 | 515 |
q->pitch_lag[i] = q->frame.plag[i] + 16; |
| 519 | 516 |
} |
| 520 |
- }else |
|
| 521 |
- {
|
|
| 517 |
+ } else {
|
|
| 522 | 518 |
float max_pitch_gain; |
| 523 | 519 |
|
| 524 |
- if (q->bitrate == I_F_Q) |
|
| 525 |
- {
|
|
| 520 |
+ if (q->bitrate == I_F_Q) {
|
|
| 526 | 521 |
if (q->erasure_count < 3) |
| 527 | 522 |
max_pitch_gain = 0.9 - 0.3 * (q->erasure_count - 1); |
| 528 | 523 |
else |
| 529 | 524 |
max_pitch_gain = 0.0; |
| 530 |
- }else |
|
| 531 |
- {
|
|
| 525 |
+ } else {
|
|
| 532 | 526 |
assert(q->bitrate == SILENCE); |
| 533 | 527 |
max_pitch_gain = 1.0; |
| 534 | 528 |
} |
| ... | ... |
@@ -553,8 +514,7 @@ static void apply_pitch_filters(QCELPContext *q, float *cdn_vector) |
| 553 | 553 |
q->frame.pfrac); |
| 554 | 554 |
|
| 555 | 555 |
apply_gain_ctrl(cdn_vector, v_synthesis_filtered, v_pre_filtered); |
| 556 |
- }else |
|
| 557 |
- {
|
|
| 556 |
+ } else {
|
|
| 558 | 557 |
memcpy(q->pitch_synthesis_filter_mem, cdn_vector + 17, |
| 559 | 558 |
143 * sizeof(float)); |
| 560 | 559 |
memcpy(q->pitch_pre_filter_mem, cdn_vector + 17, 143 * sizeof(float)); |
| ... | ... |
@@ -586,8 +546,7 @@ static void lspf2lpc(const float *lspf, float *lpc) |
| 586 | 586 |
|
| 587 | 587 |
ff_acelp_lspd2lpc(lsp, lpc, 5); |
| 588 | 588 |
|
| 589 |
- for (i=0; i<10; i++) |
|
| 590 |
- {
|
|
| 589 |
+ for (i = 0; i < 10; i++) {
|
|
| 591 | 590 |
lpc[i] *= bandwidth_expansion_coeff; |
| 592 | 591 |
bandwidth_expansion_coeff *= QCELP_BANDWIDTH_EXPANSION_COEFF; |
| 593 | 592 |
} |
| ... | ... |
@@ -617,8 +576,7 @@ static void interpolate_lpc(QCELPContext *q, const float *curr_lspf, |
| 617 | 617 |
else |
| 618 | 618 |
weight = 1.0; |
| 619 | 619 |
|
| 620 |
- if(weight != 1.0) |
|
| 621 |
- {
|
|
| 620 |
+ if (weight != 1.0) {
|
|
| 622 | 621 |
ff_weighted_vector_sumf(interpolated_lspf, curr_lspf, q->prev_lspf, |
| 623 | 622 |
weight, 1.0 - weight, 10); |
| 624 | 623 |
lspf2lpc(interpolated_lspf, lpc); |
| ... | ... |
@@ -631,8 +589,7 @@ static void interpolate_lpc(QCELPContext *q, const float *curr_lspf, |
| 631 | 631 |
|
| 632 | 632 |
static qcelp_packet_rate buf_size2bitrate(const int buf_size) |
| 633 | 633 |
{
|
| 634 |
- switch(buf_size) |
|
| 635 |
- {
|
|
| 634 |
+ switch (buf_size) {
|
|
| 636 | 635 |
case 35: return RATE_FULL; |
| 637 | 636 |
case 17: return RATE_HALF; |
| 638 | 637 |
case 8: return RATE_QUARTER; |
| ... | ... |
@@ -660,34 +617,28 @@ static qcelp_packet_rate determine_bitrate(AVCodecContext *avctx, const int buf_ |
| 660 | 660 |
{
|
| 661 | 661 |
qcelp_packet_rate bitrate; |
| 662 | 662 |
|
| 663 |
- if((bitrate = buf_size2bitrate(buf_size)) >= 0) |
|
| 664 |
- {
|
|
| 665 |
- if(bitrate > **buf) |
|
| 666 |
- {
|
|
| 663 |
+ if ((bitrate = buf_size2bitrate(buf_size)) >= 0) {
|
|
| 664 |
+ if (bitrate > **buf) {
|
|
| 667 | 665 |
QCELPContext *q = avctx->priv_data; |
| 668 |
- if (!q->warned_buf_mismatch_bitrate) |
|
| 669 |
- {
|
|
| 666 |
+ if (!q->warned_buf_mismatch_bitrate) {
|
|
| 670 | 667 |
av_log(avctx, AV_LOG_WARNING, |
| 671 | 668 |
"Claimed bitrate and buffer size mismatch.\n"); |
| 672 | 669 |
q->warned_buf_mismatch_bitrate = 1; |
| 673 | 670 |
} |
| 674 | 671 |
bitrate = **buf; |
| 675 |
- }else if(bitrate < **buf) |
|
| 676 |
- {
|
|
| 672 |
+ } else if (bitrate < **buf) {
|
|
| 677 | 673 |
av_log(avctx, AV_LOG_ERROR, |
| 678 | 674 |
"Buffer is too small for the claimed bitrate.\n"); |
| 679 | 675 |
return I_F_Q; |
| 680 | 676 |
} |
| 681 | 677 |
(*buf)++; |
| 682 |
- }else if((bitrate = buf_size2bitrate(buf_size + 1)) >= 0) |
|
| 683 |
- {
|
|
| 678 |
+ } else if ((bitrate = buf_size2bitrate(buf_size + 1)) >= 0) {
|
|
| 684 | 679 |
av_log(avctx, AV_LOG_WARNING, |
| 685 | 680 |
"Bitrate byte is missing, guessing the bitrate from packet size.\n"); |
| 686 | 681 |
}else |
| 687 | 682 |
return I_F_Q; |
| 688 | 683 |
|
| 689 |
- if(bitrate == SILENCE) |
|
| 690 |
- {
|
|
| 684 |
+ if (bitrate == SILENCE) {
|
|
| 691 | 685 |
//FIXME: Remove experimental warning when tested with samples. |
| 692 | 686 |
av_log_ask_for_sample(avctx, "'Blank frame handling is experimental."); |
| 693 | 687 |
} |
| ... | ... |
@@ -738,26 +689,29 @@ static int qcelp_decode_frame(AVCodecContext *avctx, void *data, int *data_size, |
| 738 | 738 |
int buf_size = avpkt->size; |
| 739 | 739 |
QCELPContext *q = avctx->priv_data; |
| 740 | 740 |
float *outbuffer = data; |
| 741 |
- int i; |
|
| 741 |
+ int i, out_size; |
|
| 742 | 742 |
float quantized_lspf[10], lpc[10]; |
| 743 | 743 |
float gain[16]; |
| 744 | 744 |
float *formant_mem; |
| 745 | 745 |
|
| 746 |
- if((q->bitrate = determine_bitrate(avctx, buf_size, &buf)) == I_F_Q) |
|
| 747 |
- {
|
|
| 746 |
+ out_size = 160 * av_get_bytes_per_sample(avctx->sample_fmt); |
|
| 747 |
+ if (*data_size < out_size) {
|
|
| 748 |
+ av_log(avctx, AV_LOG_ERROR, "Output buffer is too small\n"); |
|
| 749 |
+ return AVERROR(EINVAL); |
|
| 750 |
+ } |
|
| 751 |
+ |
|
| 752 |
+ if ((q->bitrate = determine_bitrate(avctx, buf_size, &buf)) == I_F_Q) {
|
|
| 748 | 753 |
warn_insufficient_frame_quality(avctx, "bitrate cannot be determined."); |
| 749 | 754 |
goto erasure; |
| 750 | 755 |
} |
| 751 | 756 |
|
| 752 | 757 |
if(q->bitrate == RATE_OCTAVE && |
| 753 |
- (q->first16bits = AV_RB16(buf)) == 0xFFFF) |
|
| 754 |
- {
|
|
| 758 |
+ (q->first16bits = AV_RB16(buf)) == 0xFFFF) {
|
|
| 755 | 759 |
warn_insufficient_frame_quality(avctx, "Bitrate is 1/8 and first 16 bits are on."); |
| 756 | 760 |
goto erasure; |
| 757 | 761 |
} |
| 758 | 762 |
|
| 759 |
- if(q->bitrate > SILENCE) |
|
| 760 |
- {
|
|
| 763 |
+ if (q->bitrate > SILENCE) {
|
|
| 761 | 764 |
const QCELPBitmap *bitmaps = qcelp_unpacking_bitmaps_per_rate[q->bitrate]; |
| 762 | 765 |
const QCELPBitmap *bitmaps_end = qcelp_unpacking_bitmaps_per_rate[q->bitrate] |
| 763 | 766 |
+ qcelp_unpacking_bitmaps_lengths[q->bitrate]; |
| ... | ... |
@@ -771,24 +725,19 @@ static int qcelp_decode_frame(AVCodecContext *avctx, void *data, int *data_size, |
| 771 | 771 |
unpacked_data[bitmaps->index] |= get_bits(&q->gb, bitmaps->bitlen) << bitmaps->bitpos; |
| 772 | 772 |
|
| 773 | 773 |
// Check for erasures/blanks on rates 1, 1/4 and 1/8. |
| 774 |
- if(q->frame.reserved) |
|
| 775 |
- {
|
|
| 774 |
+ if (q->frame.reserved) {
|
|
| 776 | 775 |
warn_insufficient_frame_quality(avctx, "Wrong data in reserved frame area."); |
| 777 | 776 |
goto erasure; |
| 778 | 777 |
} |
| 779 | 778 |
if(q->bitrate == RATE_QUARTER && |
| 780 |
- codebook_sanity_check_for_rate_quarter(q->frame.cbgain)) |
|
| 781 |
- {
|
|
| 779 |
+ codebook_sanity_check_for_rate_quarter(q->frame.cbgain)) {
|
|
| 782 | 780 |
warn_insufficient_frame_quality(avctx, "Codebook gain sanity check failed."); |
| 783 | 781 |
goto erasure; |
| 784 | 782 |
} |
| 785 | 783 |
|
| 786 |
- if(q->bitrate >= RATE_HALF) |
|
| 787 |
- {
|
|
| 788 |
- for(i=0; i<4; i++) |
|
| 789 |
- {
|
|
| 790 |
- if(q->frame.pfrac[i] && q->frame.plag[i] >= 124) |
|
| 791 |
- {
|
|
| 784 |
+ if (q->bitrate >= RATE_HALF) {
|
|
| 785 |
+ for (i = 0; i < 4; i++) {
|
|
| 786 |
+ if (q->frame.pfrac[i] && q->frame.plag[i] >= 124) {
|
|
| 792 | 787 |
warn_insufficient_frame_quality(avctx, "Cannot initialize pitch filter."); |
| 793 | 788 |
goto erasure; |
| 794 | 789 |
} |
| ... | ... |
@@ -799,8 +748,7 @@ static int qcelp_decode_frame(AVCodecContext *avctx, void *data, int *data_size, |
| 799 | 799 |
decode_gain_and_index(q, gain); |
| 800 | 800 |
compute_svector(q, gain, outbuffer); |
| 801 | 801 |
|
| 802 |
- if(decode_lspf(q, quantized_lspf) < 0) |
|
| 803 |
- {
|
|
| 802 |
+ if (decode_lspf(q, quantized_lspf) < 0) {
|
|
| 804 | 803 |
warn_insufficient_frame_quality(avctx, "Badly received packets in frame."); |
| 805 | 804 |
goto erasure; |
| 806 | 805 |
} |
| ... | ... |
@@ -808,8 +756,7 @@ static int qcelp_decode_frame(AVCodecContext *avctx, void *data, int *data_size, |
| 808 | 808 |
|
| 809 | 809 |
apply_pitch_filters(q, outbuffer); |
| 810 | 810 |
|
| 811 |
- if(q->bitrate == I_F_Q) |
|
| 812 |
- {
|
|
| 811 |
+ if (q->bitrate == I_F_Q) {
|
|
| 813 | 812 |
erasure: |
| 814 | 813 |
q->bitrate = I_F_Q; |
| 815 | 814 |
q->erasure_count++; |
| ... | ... |
@@ -821,8 +768,7 @@ erasure: |
| 821 | 821 |
q->erasure_count = 0; |
| 822 | 822 |
|
| 823 | 823 |
formant_mem = q->formant_mem + 10; |
| 824 |
- for(i=0; i<4; i++) |
|
| 825 |
- {
|
|
| 824 |
+ for (i = 0; i < 4; i++) {
|
|
| 826 | 825 |
interpolate_lpc(q, quantized_lspf, lpc, i); |
| 827 | 826 |
ff_celp_lp_synthesis_filterf(formant_mem, lpc, outbuffer + i * 40, 40, |
| 828 | 827 |
10); |
| ... | ... |
@@ -837,7 +783,7 @@ erasure: |
| 837 | 837 |
memcpy(q->prev_lspf, quantized_lspf, sizeof(q->prev_lspf)); |
| 838 | 838 |
q->prev_bitrate = q->bitrate; |
| 839 | 839 |
|
| 840 |
- *data_size = 160 * sizeof(*outbuffer); |
|
| 840 |
+ *data_size = out_size; |
|
| 841 | 841 |
|
| 842 | 842 |
return buf_size; |
| 843 | 843 |
} |
| ... | ... |
@@ -77,6 +77,7 @@ do { \
|
| 77 | 77 |
#define SAMPLES_NEEDED_2(why) \ |
| 78 | 78 |
av_log (NULL,AV_LOG_INFO,"This file triggers some missing code. Please contact the developers.\nPosition: %s\n",why); |
| 79 | 79 |
|
| 80 |
+#define QDM2_MAX_FRAME_SIZE 512 |
|
| 80 | 81 |
|
| 81 | 82 |
typedef int8_t sb_int8_array[2][30][64]; |
| 82 | 83 |
|
| ... | ... |
@@ -169,7 +170,7 @@ typedef struct {
|
| 169 | 169 |
/// I/O data |
| 170 | 170 |
const uint8_t *compressed_data; |
| 171 | 171 |
int compressed_size; |
| 172 |
- float output_buffer[1024]; |
|
| 172 |
+ float output_buffer[QDM2_MAX_FRAME_SIZE * 2]; |
|
| 173 | 173 |
|
| 174 | 174 |
/// Synthesis filter |
| 175 | 175 |
MPADSPContext mpadsp; |
| ... | ... |
@@ -1823,7 +1824,8 @@ static av_cold int qdm2_decode_init(AVCodecContext *avctx) |
| 1823 | 1823 |
// something like max decodable tones |
| 1824 | 1824 |
s->group_order = av_log2(s->group_size) + 1; |
| 1825 | 1825 |
s->frame_size = s->group_size / 16; // 16 iterations per super block |
| 1826 |
- if (s->frame_size > FF_ARRAY_ELEMS(s->output_buffer) / 2) |
|
| 1826 |
+ |
|
| 1827 |
+ if (s->frame_size > QDM2_MAX_FRAME_SIZE) |
|
| 1827 | 1828 |
return AVERROR_INVALIDDATA; |
| 1828 | 1829 |
|
| 1829 | 1830 |
s->sub_sampling = s->fft_order - 7; |
| ... | ... |
@@ -1959,13 +1961,20 @@ static int qdm2_decode_frame(AVCodecContext *avctx, |
| 1959 | 1959 |
int buf_size = avpkt->size; |
| 1960 | 1960 |
QDM2Context *s = avctx->priv_data; |
| 1961 | 1961 |
int16_t *out = data; |
| 1962 |
- int i; |
|
| 1962 |
+ int i, out_size; |
|
| 1963 | 1963 |
|
| 1964 | 1964 |
if(!buf) |
| 1965 | 1965 |
return 0; |
| 1966 | 1966 |
if(buf_size < s->checksum_size) |
| 1967 | 1967 |
return -1; |
| 1968 | 1968 |
|
| 1969 |
+ out_size = 16 * s->channels * s->frame_size * |
|
| 1970 |
+ av_get_bytes_per_sample(avctx->sample_fmt); |
|
| 1971 |
+ if (*data_size < out_size) {
|
|
| 1972 |
+ av_log(avctx, AV_LOG_ERROR, "Output buffer is too small\n"); |
|
| 1973 |
+ return AVERROR(EINVAL); |
|
| 1974 |
+ } |
|
| 1975 |
+ |
|
| 1969 | 1976 |
av_log(avctx, AV_LOG_DEBUG, "decode(%d): %p[%d] -> %p[%d]\n", |
| 1970 | 1977 |
buf_size, buf, s->checksum_size, data, *data_size); |
| 1971 | 1978 |
|
| ... | ... |
@@ -1975,7 +1984,7 @@ static int qdm2_decode_frame(AVCodecContext *avctx, |
| 1975 | 1975 |
out += s->channels * s->frame_size; |
| 1976 | 1976 |
} |
| 1977 | 1977 |
|
| 1978 |
- *data_size = (uint8_t*)out - (uint8_t*)data; |
|
| 1978 |
+ *data_size = out_size; |
|
| 1979 | 1979 |
|
| 1980 | 1980 |
return s->checksum_size; |
| 1981 | 1981 |
} |
| ... | ... |
@@ -509,7 +509,7 @@ static int sipr_decode_frame(AVCodecContext *avctx, void *datap, |
| 509 | 509 |
GetBitContext gb; |
| 510 | 510 |
float *data = datap; |
| 511 | 511 |
int subframe_size = ctx->mode == MODE_16k ? L_SUBFR_16k : SUBFR_SIZE; |
| 512 |
- int i; |
|
| 512 |
+ int i, out_size; |
|
| 513 | 513 |
|
| 514 | 514 |
ctx->avctx = avctx; |
| 515 | 515 |
if (avpkt->size < (mode_par->bits_per_frame >> 3)) {
|
| ... | ... |
@@ -520,7 +520,11 @@ static int sipr_decode_frame(AVCodecContext *avctx, void *datap, |
| 520 | 520 |
*data_size = 0; |
| 521 | 521 |
return -1; |
| 522 | 522 |
} |
| 523 |
- if (*data_size < subframe_size * mode_par->subframe_count * sizeof(float)) {
|
|
| 523 |
+ |
|
| 524 |
+ out_size = mode_par->frames_per_packet * subframe_size * |
|
| 525 |
+ mode_par->subframe_count * |
|
| 526 |
+ av_get_bytes_per_sample(avctx->sample_fmt); |
|
| 527 |
+ if (*data_size < out_size) {
|
|
| 524 | 528 |
av_log(avctx, AV_LOG_ERROR, |
| 525 | 529 |
"Error processing packet: output buffer (%d) too small\n", |
| 526 | 530 |
*data_size); |
| ... | ... |
@@ -542,8 +546,7 @@ static int sipr_decode_frame(AVCodecContext *avctx, void *datap, |
| 542 | 542 |
data += subframe_size * mode_par->subframe_count; |
| 543 | 543 |
} |
| 544 | 544 |
|
| 545 |
- *data_size = mode_par->frames_per_packet * subframe_size * |
|
| 546 |
- mode_par->subframe_count * sizeof(float); |
|
| 545 |
+ *data_size = out_size; |
|
| 547 | 546 |
|
| 548 | 547 |
return mode_par->bits_per_frame >> 3; |
| 549 | 548 |
} |
| ... | ... |
@@ -204,6 +204,8 @@ const AVCodecTag codec_movvideo_tags[] = {
|
| 204 | 204 |
|
| 205 | 205 |
{ CODEC_ID_DIRAC, MKTAG('d', 'r', 'a', 'c') },
|
| 206 | 206 |
{ CODEC_ID_DNXHD, MKTAG('A', 'V', 'd', 'n') }, /* AVID DNxHD */
|
| 207 |
+ { CODEC_ID_FLV1, MKTAG('H', '2', '6', '3') }, /* Flash Media Server */
|
|
| 208 |
+ { CODEC_ID_MSMPEG4V3, MKTAG('3', 'I', 'V', 'D') }, /* 3ivx DivX Doctor */
|
|
| 207 | 209 |
{ CODEC_ID_RAWVIDEO, MKTAG('A', 'V', '1', 'x') }, /* AVID 1:1x */
|
| 208 | 210 |
{ CODEC_ID_RAWVIDEO, MKTAG('A', 'V', 'u', 'p') },
|
| 209 | 211 |
{ CODEC_ID_SGI, MKTAG('s', 'g', 'i', ' ') }, /* SGI */
|
| ... | ... |
@@ -215,9 +217,6 @@ const AVCodecTag codec_movvideo_tags[] = {
|
| 215 | 215 |
{ CODEC_ID_PRORES, MKTAG('a', 'p', 'c', 'o') }, /* Apple ProRes 422 Proxy */
|
| 216 | 216 |
{ CODEC_ID_PRORES, MKTAG('a', 'p', '4', 'h') }, /* Apple ProRes 4444 */
|
| 217 | 217 |
|
| 218 |
- { CODEC_ID_MSMPEG4V3, MKTAG('3', 'I', 'V', 'D') }, /* 3ivx DivX Doctor */
|
|
| 219 |
- { CODEC_ID_FLV1, MKTAG('H', '2', '6', '3') }, /* Flash Media Server */
|
|
| 220 |
- |
|
| 221 | 218 |
{ CODEC_ID_NONE, 0 },
|
| 222 | 219 |
}; |
| 223 | 220 |
|
| ... | ... |
@@ -262,9 +261,8 @@ const AVCodecTag codec_movaudio_tags[] = {
|
| 262 | 262 |
{ CODEC_ID_AMR_WB, MKTAG('s', 'a', 'w', 'b') }, /* AMR-WB 3gp */
|
| 263 | 263 |
|
| 264 | 264 |
{ CODEC_ID_GSM, MKTAG('a', 'g', 's', 'm') },
|
| 265 |
- { CODEC_ID_ALAC, MKTAG('a', 'l', 'a', 'c') }, /* Apple Lossless */
|
|
| 266 |
- |
|
| 267 | 265 |
{ CODEC_ID_NELLYMOSER, MKTAG('n', 'm', 'o', 's') }, /* Flash Media Server */
|
| 266 |
+ { CODEC_ID_ALAC, MKTAG('a', 'l', 'a', 'c') }, /* Apple Lossless */
|
|
| 268 | 267 |
|
| 269 | 268 |
{ CODEC_ID_QCELP, MKTAG('Q','c','l','p') },
|
| 270 | 269 |
{ CODEC_ID_QCELP, MKTAG('Q','c','l','q') },
|
| ... | ... |
@@ -273,11 +271,11 @@ const AVCodecTag codec_movaudio_tags[] = {
|
| 273 | 273 |
{ CODEC_ID_QDMC, MKTAG('Q', 'D', 'M', 'C') }, /* QDMC */
|
| 274 | 274 |
{ CODEC_ID_QDM2, MKTAG('Q', 'D', 'M', '2') }, /* QDM2 */
|
| 275 | 275 |
|
| 276 |
- { CODEC_ID_SPEEX, MKTAG('s','p','e','x') }, /* Flash Media Server */
|
|
| 277 |
- |
|
| 278 | 276 |
{ CODEC_ID_DVAUDIO, MKTAG('v', 'd', 'v', 'a') },
|
| 279 | 277 |
{ CODEC_ID_DVAUDIO, MKTAG('d', 'v', 'c', 'a') },
|
| 280 | 278 |
|
| 279 |
+ { CODEC_ID_SPEEX, MKTAG('s','p','e','x') }, /* Flash Media Server */
|
|
| 280 |
+ |
|
| 281 | 281 |
{ CODEC_ID_WMAV2, MKTAG('W', 'M', 'A', '2') },
|
| 282 | 282 |
|
| 283 | 283 |
{ CODEC_ID_NONE, 0 },
|
| ... | ... |
@@ -66,7 +66,6 @@ static int celt_header(AVFormatContext *s, int idx) |
| 66 | 66 |
st->codec->sample_rate = sample_rate; |
| 67 | 67 |
st->codec->channels = nb_channels; |
| 68 | 68 |
st->codec->frame_size = frame_size; |
| 69 |
- st->codec->sample_fmt = AV_SAMPLE_FMT_S16; |
|
| 70 | 69 |
av_free(st->codec->extradata); |
| 71 | 70 |
st->codec->extradata = extradata; |
| 72 | 71 |
st->codec->extradata_size = 2 * sizeof(uint32_t); |
| ... | ... |
@@ -179,8 +179,8 @@ const AVCodecTag ff_codec_bmp_tags[] = {
|
| 179 | 179 |
{ CODEC_ID_RAWVIDEO, MKTAG('U', 'Y', 'V', 'Y') },
|
| 180 | 180 |
{ CODEC_ID_RAWVIDEO, MKTAG('V', 'Y', 'U', 'Y') },
|
| 181 | 181 |
{ CODEC_ID_RAWVIDEO, MKTAG('I', 'Y', 'U', 'V') },
|
| 182 |
- { CODEC_ID_RAWVIDEO, MKTAG('Y', '8', ' ', ' ') },
|
|
| 183 | 182 |
{ CODEC_ID_RAWVIDEO, MKTAG('Y', '8', '0', '0') },
|
| 183 |
+ { CODEC_ID_RAWVIDEO, MKTAG('Y', '8', ' ', ' ') },
|
|
| 184 | 184 |
{ CODEC_ID_RAWVIDEO, MKTAG('H', 'D', 'Y', 'C') },
|
| 185 | 185 |
{ CODEC_ID_RAWVIDEO, MKTAG('Y', 'V', 'U', '9') },
|
| 186 | 186 |
{ CODEC_ID_RAWVIDEO, MKTAG('V', 'D', 'T', 'Z') }, /* SoftLab-NSK VideoTizer */
|