VIDEO: Fix an integer overflow when dequantizing the DCT coeffs
See 2968bedf12
This commit is contained in:
Bastien Bouclet
parent
280a4f2d91
commit
195b4cbd20
3 changed files with 21 additions and 21 deletions
|
|
@ -679,8 +679,8 @@ void BinkDecoder::BinkVideoTrack::blockScaledRun(DecodeContext &ctx) {
|
|||
}
|
||||
|
||||
void BinkDecoder::BinkVideoTrack::blockScaledIntra(DecodeContext &ctx) {
|
||||
int16 block[64];
|
||||
memset(block, 0, 64 * sizeof(int16));
|
||||
int32 block[64];
|
||||
memset(block, 0, 64 * sizeof(int32));
|
||||
|
||||
block[0] = getBundleValue(kSourceIntraDC);
|
||||
|
||||
|
|
@ -688,7 +688,7 @@ void BinkDecoder::BinkVideoTrack::blockScaledIntra(DecodeContext &ctx) {
|
|||
|
||||
IDCT(block);
|
||||
|
||||
int16 *src = block;
|
||||
int32 *src = block;
|
||||
byte *dest1 = ctx.dest;
|
||||
byte *dest2 = ctx.dest + ctx.pitch;
|
||||
for (int j = 0; j < 8; j++, dest1 += (ctx.pitch << 1) - 16, dest2 += (ctx.pitch << 1) - 16, src += 8) {
|
||||
|
|
@ -824,8 +824,8 @@ void BinkDecoder::BinkVideoTrack::blockResidue(DecodeContext &ctx) {
|
|||
}
|
||||
|
||||
void BinkDecoder::BinkVideoTrack::blockIntra(DecodeContext &ctx) {
|
||||
int16 block[64];
|
||||
memset(block, 0, 64 * sizeof(int16));
|
||||
int32 block[64];
|
||||
memset(block, 0, 64 * sizeof(int32));
|
||||
|
||||
block[0] = getBundleValue(kSourceIntraDC);
|
||||
|
||||
|
|
@ -845,8 +845,8 @@ void BinkDecoder::BinkVideoTrack::blockFill(DecodeContext &ctx) {
|
|||
void BinkDecoder::BinkVideoTrack::blockInter(DecodeContext &ctx) {
|
||||
blockMotion(ctx);
|
||||
|
||||
int16 block[64];
|
||||
memset(block, 0, 64 * sizeof(int16));
|
||||
int32 block[64];
|
||||
memset(block, 0, 64 * sizeof(int32));
|
||||
|
||||
block[0] = getBundleValue(kSourceInterDC);
|
||||
|
||||
|
|
@ -1081,7 +1081,7 @@ void BinkDecoder::BinkVideoTrack::readDCS(VideoFrame &video, Bundle &bundle, int
|
|||
}
|
||||
|
||||
/** Reads 8x8 block of DCT coefficients. */
|
||||
void BinkDecoder::BinkVideoTrack::readDCTCoeffs(VideoFrame &video, int16 *block, bool isIntra) {
|
||||
void BinkDecoder::BinkVideoTrack::readDCTCoeffs(VideoFrame &video, int32 *block, bool isIntra) {
|
||||
int coefCount = 0;
|
||||
int coefIdx[64];
|
||||
|
||||
|
|
@ -1169,7 +1169,7 @@ void BinkDecoder::BinkVideoTrack::readDCTCoeffs(VideoFrame &video, int16 *block,
|
|||
}
|
||||
|
||||
uint8 quantIdx = video.bits->getBits(4);
|
||||
const uint32 *quant = isIntra ? binkIntraQuant[quantIdx] : binkInterQuant[quantIdx];
|
||||
const int32 *quant = isIntra ? binkIntraQuant[quantIdx] : binkInterQuant[quantIdx];
|
||||
block[0] = (block[0] * quant[0]) >> 11;
|
||||
|
||||
for (int i = 0; i < coefCount; i++) {
|
||||
|
|
@ -1308,7 +1308,7 @@ void BinkDecoder::BinkVideoTrack::readResidue(VideoFrame &video, int16 *block, i
|
|||
#define MUNGE_ROW(x) (((x) + 0x7F)>>8)
|
||||
#define IDCT_ROW(dest,src) IDCT_TRANSFORM(dest,0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7,MUNGE_ROW,src)
|
||||
|
||||
static inline void IDCTCol(int16 *dest, const int16 *src) {
|
||||
static inline void IDCTCol(int32 *dest, const int32 *src) {
|
||||
if ((src[8] | src[16] | src[24] | src[32] | src[40] | src[48] | src[56]) == 0) {
|
||||
dest[ 0] =
|
||||
dest[ 8] =
|
||||
|
|
@ -1323,9 +1323,9 @@ static inline void IDCTCol(int16 *dest, const int16 *src) {
|
|||
}
|
||||
}
|
||||
|
||||
void BinkDecoder::BinkVideoTrack::IDCT(int16 *block) {
|
||||
void BinkDecoder::BinkVideoTrack::IDCT(int32 *block) {
|
||||
int i;
|
||||
int16 temp[64];
|
||||
int32 temp[64];
|
||||
|
||||
for (i = 0; i < 8; i++)
|
||||
IDCTCol(&temp[i], &block[i]);
|
||||
|
|
@ -1334,7 +1334,7 @@ void BinkDecoder::BinkVideoTrack::IDCT(int16 *block) {
|
|||
}
|
||||
}
|
||||
|
||||
void BinkDecoder::BinkVideoTrack::IDCTAdd(DecodeContext &ctx, int16 *block) {
|
||||
void BinkDecoder::BinkVideoTrack::IDCTAdd(DecodeContext &ctx, int32 *block) {
|
||||
int i, j;
|
||||
|
||||
IDCT(block);
|
||||
|
|
@ -1344,9 +1344,9 @@ void BinkDecoder::BinkVideoTrack::IDCTAdd(DecodeContext &ctx, int16 *block) {
|
|||
dest[j] += block[j];
|
||||
}
|
||||
|
||||
void BinkDecoder::BinkVideoTrack::IDCTPut(DecodeContext &ctx, int16 *block) {
|
||||
void BinkDecoder::BinkVideoTrack::IDCTPut(DecodeContext &ctx, int32 *block) {
|
||||
int i;
|
||||
int16 temp[64];
|
||||
int32 temp[64];
|
||||
for (i = 0; i < 8; i++)
|
||||
IDCTCol(&temp[i], &block[i]);
|
||||
for (i = 0; i < 8; i++) {
|
||||
|
|
|
|||
|
|
@ -314,13 +314,13 @@ private:
|
|||
void readPatterns (VideoFrame &video, Bundle &bundle);
|
||||
void readColors (VideoFrame &video, Bundle &bundle);
|
||||
void readDCS (VideoFrame &video, Bundle &bundle, int startBits, bool hasSign);
|
||||
void readDCTCoeffs (VideoFrame &video, int16 *block, bool isIntra);
|
||||
void readDCTCoeffs (VideoFrame &video, int32 *block, bool isIntra);
|
||||
void readResidue (VideoFrame &video, int16 *block, int masksCount);
|
||||
|
||||
// Bink video IDCT
|
||||
void IDCT(int16 *block);
|
||||
void IDCTPut(DecodeContext &ctx, int16 *block);
|
||||
void IDCTAdd(DecodeContext &ctx, int16 *block);
|
||||
void IDCT(int32 *block);
|
||||
void IDCTPut(DecodeContext &ctx, int32 *block);
|
||||
void IDCTAdd(DecodeContext &ctx, int32 *block);
|
||||
};
|
||||
|
||||
class BinkAudioTrack : public AudioTrack {
|
||||
|
|
|
|||
|
|
@ -247,7 +247,7 @@ static const uint8 binkPatterns[16][64] = {
|
|||
}
|
||||
};
|
||||
|
||||
static const uint32 binkIntraQuant[16][64] = {
|
||||
static const int32 binkIntraQuant[16][64] = {
|
||||
{
|
||||
0x010000, 0x016315, 0x01E83D, 0x02A535, 0x014E7B, 0x016577, 0x02F1E6, 0x02724C,
|
||||
0x010000, 0x00EEDA, 0x024102, 0x017F9B, 0x00BE80, 0x00611E, 0x01083C, 0x00A552,
|
||||
|
|
@ -410,7 +410,7 @@ static const uint32 binkIntraQuant[16][64] = {
|
|||
},
|
||||
};
|
||||
|
||||
static const uint32 binkInterQuant[16][64] = {
|
||||
static const int32 binkInterQuant[16][64] = {
|
||||
{
|
||||
0x010000, 0x017946, 0x01A5A9, 0x0248DC, 0x016363, 0x0152A7, 0x0243EC, 0x0209EA,
|
||||
0x012000, 0x00E248, 0x01BBDA, 0x015CBC, 0x00A486, 0x0053E0, 0x00F036, 0x008095,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue