[FFmpeg-devel] [PATCH] Escape 124 (RPL) decoder
Eli Friedman
eli.friedman
Fri Mar 28 06:18:37 CET 2008
On Thu, Mar 27, 2008 at 8:49 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
> > This implementation is extremely prone to crash on invalid streams due
> > to reading past the end of the buffer. Any suggestions on how to make
> > this safer?
>
> Add a few checks using get_bits_count() and gb.size_in_bits
> of course dont add more than needed!
Okay, I'll take a shot at it.
> [...]
> > +static uint32_t rice_decode(GetBitContext* gb) {
> > + uint32_t more_bits, value;
> > +
> > + more_bits = get_bits1(gb);
> > + value = more_bits;
> > + if (!more_bits)
> > + return value;
> > +
> > + more_bits = get_bits(gb, 3);
> > + value += more_bits;
> > + if (more_bits != (1 << 3) - 1)
> > + return value;
> > +
> > + more_bits = get_bits(gb, 7);
> > + value += more_bits;
> > + if (more_bits != (1 << 7) - 1)
> > + return value;
> > +
> > + more_bits = get_bits(gb, 12);
> > + value += more_bits;
> > + return value;
> > +}
>
> This can be simplified, also why is it called rice?
The person who wrote up the bitstream description for this codec
called it RICE_Decode; do you have a better suggestion?
> Why this odd decode into these weird arrays and then copy into the frame
> with the above function? IMHO decode one superblock and then copy that into
> the frame.
Would you prefer the code to insert the macroblocks as it generates them?
That'll mean I have to figure out how to keep around the previous
frame... what's the preferred way to do that? Decode into a private
buffer and memcpy the result into the returned frame?
-Eli
More information about the ffmpeg-devel
mailing list