Adapted from
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d6860fb653ed42a9d35e134f843f03cc049b74f1
diff -Naurp libavcodec/vorbis_dec.c libavcodec/vorbis_dec.c.mikson
--- libavcodec/vorbis_dec.c 2011-06-23 07:29:56.362577946 +0000
+++ libavcodec/vorbis_dec.c.mikson 2011-06-23 07:39:24.836322907 +0000
@@ -60,8 +60,8 @@ typedef struct vorbis_floor0_s vorbis_fl
typedef struct vorbis_floor1_s vorbis_floor1;
struct vorbis_context_s;
typedef
-uint_fast8_t (* vorbis_floor_decode_func)
- (struct vorbis_context_s *, vorbis_floor_data *, float *);
+int (* vorbis_floor_decode_func)
+ (struct vorbis_context_s *, vorbis_floor_data *, float *);
typedef struct {
uint_fast8_t floor_type;
vorbis_floor_decode_func decode;
@@ -443,11 +443,11 @@ static int vorbis_parse_setup_hdr_tdtran
// Process floors part
-static uint_fast8_t vorbis_floor0_decode(vorbis_context *vc,
- vorbis_floor_data *vfu, float *vec);
+static int vorbis_floor0_decode(vorbis_context *vc,
+ vorbis_floor_data *vfu, float *vec);
static void create_map( vorbis_context * vc, uint_fast8_t floor_number );
-static uint_fast8_t vorbis_floor1_decode(vorbis_context *vc,
- vorbis_floor_data *vfu, float *vec);
+static int vorbis_floor1_decode(vorbis_context *vc,
+ vorbis_floor_data *vfu, float *vec);
static int vorbis_parse_setup_hdr_floors(vorbis_context *vc) {
GetBitContext *gb=&vc->gb;
uint_fast16_t i,j,k;
@@ -1001,8 +1001,8 @@ static av_cold int vorbis_decode_init(AV
// Read and decode floor
-static uint_fast8_t vorbis_floor0_decode(vorbis_context *vc,
- vorbis_floor_data *vfu, float *vec) {
+static int vorbis_floor0_decode(vorbis_context *vc,
+ vorbis_floor_data *vfu, float *vec) {
vorbis_floor0 * vf=&vfu->t0;
float * lsp=vf->lsp;
uint_fast32_t amplitude;
@@ -1025,6 +1025,8 @@ static uint_fast8_t vorbis_floor0_decode
}
AV_DEBUG( "floor0 dec: booknumber: %u\n", book_idx );
codebook=vc->codebooks[vf->book_list[book_idx]];
+ if(!codebook.codevectors)
+ return -1;
while (lsp_len<vf->order) {
int vec_off;
@@ -1114,7 +1116,7 @@ static uint_fast8_t vorbis_floor0_decode
return 0;
}
-static uint_fast8_t vorbis_floor1_decode(vorbis_context *vc, vorbis_floor_data *vfu, float *vec) {
+static int vorbis_floor1_decode(vorbis_context *vc, vorbis_floor_data *vfu, float *vec) {
vorbis_floor1 * vf=&vfu->t1;
GetBitContext *gb=&vc->gb;
uint_fast16_t range_v[4]={ 256, 128, 86, 64 };
@@ -1486,13 +1488,19 @@ static int vorbis_parse_audio_packet(vor
for(i=0;i<vc->audio_channels;++i) {
vorbis_floor *floor;
+ int ret;
if (mapping->submaps>1) {
floor=&vc->floors[mapping->submap_floor[mapping->mux[i]]];
} else {
floor=&vc->floors[mapping->submap_floor[0]];
}
- no_residue[i]=floor->decode(vc, &floor->data, ch_floor_ptr);
+ ret=floor->decode(vc, &floor->data, ch_floor_ptr);
+ if(ret<0) {
+ av_log(vc->avccontext, AV_LOG_ERROR, "Invalid codebook in vorbis_floor_decode.\n");
+ return -1;
+ }
+ no_residue[i]=ret;
ch_floor_ptr+=blocksize/2;
}
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
cc1449fd094f04e3bf58d09425996df5
>
files
>
35
