Re: [libav-devel] [PATCH 3/5] quickdraw: Support direct pixel blocks

Sat, 18 Apr 2015 12:52:04 -0700 

On 18/04/15 18:25, Vittorio Giovara wrote:
> Data is stored in separated components so rework decode_rle() to support
> stepping and offsets.
> ---
>  libavcodec/qdrw.c    | 88 
> +++++++++++++++++++++++++++++++++++++++++++++++-----
>  libavcodec/version.h |  2 +-
>  2 files changed, 82 insertions(+), 8 deletions(-)
> 
> diff --git a/libavcodec/qdrw.c b/libavcodec/qdrw.c
> index 8f8dea9..fdaa22a 100644
> --- a/libavcodec/qdrw.c
> +++ b/libavcodec/qdrw.c
> @@ -35,6 +35,8 @@
>  enum QuickdrawOpcodes {
>      PACKBITSRECT = 0x0098,
>      PACKBITSRGN,
> +    DIRECTBITSRECT,
> +    DIRECTBITSRGN,
>  
>      EOP = 0x00FF,
>  };
> @@ -64,14 +66,17 @@ static int parse_palette(AVCodecContext *avctx, 
> GetByteContext *gbc,
>      return 0;
>  }
>  
> -static int decode_rle(AVCodecContext *avctx, AVFrame *p, GetByteContext *gbc)
> +static int decode_rle(AVCodecContext *avctx, AVFrame *p, GetByteContext *gbc,
> +                      int step)
>  {
> -    int i;
> +    int i, j;
> +    int offset = avctx->width * step;
>      uint8_t *outdata = p->data[0];
>  
>      for (i = 0; i < avctx->height; i++) {
>          int size, left, code, pix;
>          uint8_t *out = outdata;
> +        int pos = 0;
>  
>          /* size of packed line */
>          size = left = bytestream2_get_be16(gbc);
> @@ -83,12 +88,24 @@ static int decode_rle(AVCodecContext *avctx, AVFrame *p, 
> GetByteContext *gbc)
>              code = bytestream2_get_byte(gbc);
>              if (code & 0x80 ) { /* run */
>                  pix = bytestream2_get_byte(gbc);
> -                memset(out, pix, 257 - code);
> -                out   += 257 - code;
> +                for (j = 0; j < 257 - code; j++) {
> +                    out[pos] = pix;
> +                    pos += step;
> +                    if (pos >= offset) {
> +                        pos -= offset;
> +                        pos++;
> +                    }
> +                }
>                  left  -= 2;
>              } else { /* copy */
> -                bytestream2_get_buffer(gbc, out, code + 1);
> -                out   += code + 1;
> +                for (j = 0; j < code + 1; j++) {
> +                    out[pos] = bytestream2_get_byte(gbc);
> +                    pos += step;
> +                    if (pos >= offset) {
> +                        pos -= offset;
> +                        pos++;
> +                    }
> +                }
>                  left  -= 2 + code;

Is the input sufficiently validated? (e.g. can I get out of out by
feeding appropriate offset and out[pos]?)



_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel

Reply via email to