On 12/11/2011 03:44 PM, Gaurav Narula wrote:
> ---
> libavcodec/kmvc.c | 63 +++++++++++++++++++++++++++++++---------------------
> 1 files changed, 37 insertions(+), 26 deletions(-)
>
> diff --git a/libavcodec/kmvc.c b/libavcodec/kmvc.c
> index 07ca194..a07b07f 100644
> --- a/libavcodec/kmvc.c
> +++ b/libavcodec/kmvc.c
> @@ -57,17 +57,17 @@ typedef struct BitBuf {
>
> #define kmvc_init_getbits(bb, src) bb.bits = 7; bb.bitbuf = *src++;
>
> -#define kmvc_getbit(bb, src, res) {\
> +#define kmvc_getbit(bb, src, src_end, res) {\
> res = 0; \
> if (bb.bitbuf & (1 << bb.bits)) res = 1; \
> bb.bits--; \
> - if(bb.bits == -1) { \
> + if(bb.bits == -1 && src < src_end) { \
> bb.bitbuf = *src++; \
> bb.bits = 7; \
> } \
> }
If src >= src_end then bb.bits will keep decrementing every time
kmvc_getbit() is called, leading to left-shift by a negative value,
which is undefined I believe. It would probably be better to have the
decoder stop after reaching the end.
-Justin
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
