mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-27 12:11:13 +00:00
Code Issues 1 Projects Releases Wiki Activity

codecparsers: vc1: fix BFRACTION parser (values range + overflow).

Browse source
This commit is contained in:
Gwenole Beauchesne 2011-10-04 14:04:42 +02:00 committed by Thibault Saunier
parent 52d8510ee0
commit ac552a4f82
2 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
gst-libs/gst/codecparsers/gstvc1parser.c
View file

@ -147,9 +147,6 @@ const guint8 mvmode2_table[2][4] = {
GST_VC1_MVMODE_1MV_HPEL_BILINEAR} GST_VC1_MVMODE_1MV_HPEL_BILINEAR}
}; };
#define GST_VC1_BFRACTION_RESERVED (GST_VC1_BFRACTION_BASIS + 1)
#define GST_VC1_BFRACTION_PTYPE_BI (GST_VC1_BFRACTION_BASIS + 2)
/* Table 40: BFRACTION VLC Table */ /* Table 40: BFRACTION VLC Table */
static const VLCTable vc1_bfraction_vlc_table[] = { static const VLCTable vc1_bfraction_vlc_table[] = {
{GST_VC1_BFRACTION_BASIS / 2, 0x00, 3}, {GST_VC1_BFRACTION_BASIS / 2, 0x00, 3},
@ -815,10 +812,12 @@ parse_frame_header_advanced (GstBitReader * br, GstVC1FrameHdr * framehdr,
} }
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) { if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) {
if (!decode_vlc (br, (guint *) & pic->bfraction, vc1_bfraction_vlc_table, guint bfraction;
if (!decode_vlc (br, &bfraction, vc1_bfraction_vlc_table,
G_N_ELEMENTS (vc1_bfraction_vlc_table))) G_N_ELEMENTS (vc1_bfraction_vlc_table)))
goto failed; goto failed;
pic->bfraction = bfraction;
GST_DEBUG ("bfraction %u", pic->bfraction); GST_DEBUG ("bfraction %u", pic->bfraction);
if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) { if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) {
@ -1041,15 +1040,17 @@ parse_frame_header (GstBitReader * br, GstVC1FrameHdr * framehdr,
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) { if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) {
guint bfraction;
if (!decode_vlc (br, (guint *) & pic->bfraction, vc1_bfraction_vlc_table, if (!decode_vlc (br, &bfraction, vc1_bfraction_vlc_table,
G_N_ELEMENTS (vc1_bfraction_vlc_table))) G_N_ELEMENTS (vc1_bfraction_vlc_table)))
goto failed; goto failed;
pic->bfraction = bfraction;
GST_DEBUG ("bfraction %d", pic->bfraction);
if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) { if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) {
framehdr->ptype = GST_VC1_PICTURE_TYPE_BI; framehdr->ptype = GST_VC1_PICTURE_TYPE_BI;
} }
GST_DEBUG ("bfraction= %d", pic->bfraction);
} }
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_I || if (framehdr->ptype == GST_VC1_PICTURE_TYPE_I ||

9
gst-libs/gst/codecparsers/gstvc1parser.h
View file

@ -37,7 +37,10 @@ G_BEGIN_DECLS
* @GST_VC1_BFRACTION_BASIS: The @bfraction variable should be divided * @GST_VC1_BFRACTION_BASIS: The @bfraction variable should be divided
* by this constant to have the actual value. * by this constant to have the actual value.
*/ */
#define GST_VC1_BFRACTION_BASIS 256 #define GST_VC1_BFRACTION_BASIS 840
#define GST_VC1_BFRACTION_RESERVED (GST_VC1_BFRACTION_BASIS + 1)
#define GST_VC1_BFRACTION_PTYPE_BI (GST_VC1_BFRACTION_BASIS + 2)
typedef enum { typedef enum {
GST_VC1_END_OF_SEQ = 0x0A, GST_VC1_END_OF_SEQ = 0x0A,
@ -350,7 +353,7 @@ struct _GstVC1PicSimpleMain
/* B and BI picture only /* B and BI picture only
* Should be divided by #GST_VC1_BFRACTION_BASIS * Should be divided by #GST_VC1_BFRACTION_BASIS
* to get the real value. */ * to get the real value. */
guint8 bfraction; guint16 bfraction;
/* Biplane value, those fields only mention the fact /* Biplane value, those fields only mention the fact
* that the bitplane is in raw mode or not */ * that the bitplane is in raw mode or not */
@ -392,7 +395,7 @@ struct _GstVC1PicAdvanced
/* B and BI picture only /* B and BI picture only
* Should be divided by #GST_VC1_BFRACTION_BASIS * Should be divided by #GST_VC1_BFRACTION_BASIS
* to get the real value. */ * to get the real value. */
guint8 bfraction; guint16 bfraction;
/* ppic */ /* ppic */
guint8 mvmode2; guint8 mvmode2;