gst-plugins-bad: codecparsers: vc1: fix BFRACTION parser ( values range + overflow).
Thibault Saunier
tsaunier at kemper.freedesktop.org
Mon Oct 17 05:37:39 PDT 2011
Module: gst-plugins-bad
Branch: master
Commit: ac552a4f82f170fb314d42e5919395f2af2fc555
URL: http://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/?id=ac552a4f82f170fb314d42e5919395f2af2fc555
Author: Gwenole Beauchesne <gwenole.beauchesne at intel.com>
Date: Tue Oct 4 14:04:42 2011 +0200
codecparsers: vc1: fix BFRACTION parser (values range + overflow).
---
gst-libs/gst/codecparsers/gstvc1parser.c | 15 ++++++++-------
gst-libs/gst/codecparsers/gstvc1parser.h | 9 ++++++---
2 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/gst-libs/gst/codecparsers/gstvc1parser.c b/gst-libs/gst/codecparsers/gstvc1parser.c
index a323150..0c4455e 100644
--- a/gst-libs/gst/codecparsers/gstvc1parser.c
+++ b/gst-libs/gst/codecparsers/gstvc1parser.c
@@ -147,9 +147,6 @@ const guint8 mvmode2_table[2][4] = {
GST_VC1_MVMODE_1MV_HPEL_BILINEAR}
};
-#define GST_VC1_BFRACTION_RESERVED (GST_VC1_BFRACTION_BASIS + 1)
-#define GST_VC1_BFRACTION_PTYPE_BI (GST_VC1_BFRACTION_BASIS + 2)
-
/* Table 40: BFRACTION VLC Table */
static const VLCTable vc1_bfraction_vlc_table[] = {
{GST_VC1_BFRACTION_BASIS / 2, 0x00, 3},
@@ -815,10 +812,12 @@ parse_frame_header_advanced (GstBitReader * br, GstVC1FrameHdr * framehdr,
}
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) {
- if (!decode_vlc (br, (guint *) & pic->bfraction, vc1_bfraction_vlc_table,
+ guint bfraction;
+ if (!decode_vlc (br, &bfraction, vc1_bfraction_vlc_table,
G_N_ELEMENTS (vc1_bfraction_vlc_table)))
goto failed;
+ pic->bfraction = bfraction;
GST_DEBUG ("bfraction %u", pic->bfraction);
if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) {
@@ -1041,15 +1040,17 @@ parse_frame_header (GstBitReader * br, GstVC1FrameHdr * framehdr,
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_B) {
-
- if (!decode_vlc (br, (guint *) & pic->bfraction, vc1_bfraction_vlc_table,
+ guint bfraction;
+ if (!decode_vlc (br, &bfraction, vc1_bfraction_vlc_table,
G_N_ELEMENTS (vc1_bfraction_vlc_table)))
goto failed;
+ pic->bfraction = bfraction;
+ GST_DEBUG ("bfraction %d", pic->bfraction);
+
if (pic->bfraction == GST_VC1_BFRACTION_PTYPE_BI) {
framehdr->ptype = GST_VC1_PICTURE_TYPE_BI;
}
- GST_DEBUG ("bfraction= %d", pic->bfraction);
}
if (framehdr->ptype == GST_VC1_PICTURE_TYPE_I ||
diff --git a/gst-libs/gst/codecparsers/gstvc1parser.h b/gst-libs/gst/codecparsers/gstvc1parser.h
index d058f0f..08293e5 100644
--- a/gst-libs/gst/codecparsers/gstvc1parser.h
+++ b/gst-libs/gst/codecparsers/gstvc1parser.h
@@ -37,7 +37,10 @@ G_BEGIN_DECLS
* @GST_VC1_BFRACTION_BASIS: The @bfraction variable should be divided
* by this constant to have the actual value.
*/
-#define GST_VC1_BFRACTION_BASIS 256
+#define GST_VC1_BFRACTION_BASIS 840
+
+#define GST_VC1_BFRACTION_RESERVED (GST_VC1_BFRACTION_BASIS + 1)
+#define GST_VC1_BFRACTION_PTYPE_BI (GST_VC1_BFRACTION_BASIS + 2)
typedef enum {
GST_VC1_END_OF_SEQ = 0x0A,
@@ -350,7 +353,7 @@ struct _GstVC1PicSimpleMain
/* B and BI picture only
* Should be divided by #GST_VC1_BFRACTION_BASIS
* to get the real value. */
- guint8 bfraction;
+ guint16 bfraction;
/* Biplane value, those fields only mention the fact
* that the bitplane is in raw mode or not */
@@ -392,7 +395,7 @@ struct _GstVC1PicAdvanced
/* B and BI picture only
* Should be divided by #GST_VC1_BFRACTION_BASIS
* to get the real value. */
- guint8 bfraction;
+ guint16 bfraction;
/* ppic */
guint8 mvmode2;
More information about the gstreamer-commits
mailing list