From patchwork Wed May 22 01:04:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 13231 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id 9EF4B448A0F for ; Wed, 22 May 2019 04:14:51 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8B5A768A8E4; Wed, 22 May 2019 04:14:51 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wr1-f66.google.com (mail-wr1-f66.google.com [209.85.221.66]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 78EE868A67C for ; Wed, 22 May 2019 04:14:50 +0300 (EEST) Received: by mail-wr1-f66.google.com with SMTP id w8so317755wrl.6 for ; Tue, 21 May 2019 18:14:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ja9EKwM9PeJClHuj75XLRmwTXLIEanepsu4GQqbjbhk=; b=sNYfBMp1aNdY4/0U9X6ydxhYEJeXzOqfuFQTdKXn1Jtk09mce5PQ7fbyB1O1o4al0g nb3lyDkcpKdTQAxR2wBVVsnbFA2DJrFe4zHdaZvs/FyJh+uIPGJIbDUtGnQFJHS582+t WpcYCAzJgto3vnHIVjm24lX4JQxs9FBrjFtR0IgE8oQPs2x2/RO42TTrvo/RmOrfYN7C aDsUqJg3OjjO7NuyFWU0pnyOEXUr+NEQqZaMmyT+64Pu/DSsos1sw+vSgHyW3gQ2zMqT OTGYqvLRAmqnmdeNHl7Mz45CBOXbRMc8lMpXQ3JyUevUfMN2W4GsBhJf/SUsLHkta52+ c1tg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ja9EKwM9PeJClHuj75XLRmwTXLIEanepsu4GQqbjbhk=; b=kcOu0XDH6IzUmEpLEbWHugeG4FP9zvmslFn44ABnMJbmmrP6o1UalLWGTVocKN6qY3 LMFhs0J+6aa0pW6+/tw58wXwa2Hgx8oaLqBhVMx99evJjKk8DEBsggRlIdnwZaz/K9eX PUMb+K4CMLpzKXOGwog20E+xRf700mgNPy7N9qwWk9lu8qVZrR4cmp56jYfxJ2DNk6Uz oX3gTzvudsRP94ke2p1EXQ+PwHWnzTFsF9ZodI6Yi5qG+PKkVSsWWpgK1AwEPhxnJauW lVEmhIQSPJjAhiyjw/sAOW6POZCzJ2BmdItmu4emie7QHHWsuu47VEbgp1gqJkLDoF6N NnGw== X-Gm-Message-State: APjAAAVK35xSAO92Z8W/PE1hdzM7N0Rx84h/4QzlWARiv6p0m20yqr4U bZA5H6pPtnWxlpqfiFTfVuUekcd+ X-Google-Smtp-Source: APXvYqyVi2460XEKPNn7GglEC1olk1DefBKInxaKwvyz+Wgrr9NoFSfq8aY62vL8qF1OHJw3N1svHg== X-Received: by 2002:adf:81a2:: with SMTP id 31mr51226813wra.165.1558487689825; Tue, 21 May 2019 18:14:49 -0700 (PDT) Received: from localhost.localdomain (ipbcc18715.dynamic.kabel-deutschland.de. [188.193.135.21]) by smtp.gmail.com with ESMTPSA id z1sm8614486wrl.91.2019.05.21.18.14.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 21 May 2019 18:14:49 -0700 (PDT) From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Wed, 22 May 2019 03:04:39 +0200 Message-Id: <20190522010441.44257-10-andreas.rheinhardt@gmail.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190522010441.44257-1-andreas.rheinhardt@gmail.com> References: <20190522010441.44257-1-andreas.rheinhardt@gmail.com> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH 09/11] cbs_mpeg2: Fix parsing of slice headers X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" 1. The extra information in slice headers was parsed incorrectly: In the first reading pass to derive the length of the extra information, one should look at bits n, n + 9, n + 18, ... and check whether they equal one (further extra information) or zero (end of extra information), but instead bits n, n + 8, n + 16, ... were inspected. The second pass of reading (where the length is already known and the bytes between the length-determining bits are copied into a buffer) did not record what was in bits n, n + 9, n + 18, ..., presuming they equal one. And during writing, the bytes in the buffer are interleaved with set bits and written. This means that if the detected length of the extra information was greater than the real length, the output was corrupted. Fortunately no sample is known that made use of this mechanism: The extra information in slices is still marked as reserved in the specifications. cbs_mpeg2 is now ready in case this changes. 2. Furthermore, the buffer is now padded and slightly different, but very similar code for reading resp. writing has been replaced by code used for both. This was made possible by a new macro, the equivalent to cbs_h2645's fixed(). 3. These changes also made it possible to remove the extra_bit_slice element from the MPEG2RawSliceHeader structure. Said element was always zero except when the detected length of the extra information was less than the real length. Signed-off-by: Andreas Rheinhardt --- libavcodec/cbs_mpeg2.c | 18 +++++++----------- libavcodec/cbs_mpeg2.h | 2 -- libavcodec/cbs_mpeg2_syntax_template.c | 16 +++++----------- 3 files changed, 12 insertions(+), 24 deletions(-) diff --git a/libavcodec/cbs_mpeg2.c b/libavcodec/cbs_mpeg2.c index 0110dc0e03..97425aa706 100644 --- a/libavcodec/cbs_mpeg2.c +++ b/libavcodec/cbs_mpeg2.c @@ -51,6 +51,13 @@ #define sis(width, name, subs, ...) \ xsi(width, name, current->name, subs, __VA_ARGS__) +#define marker_bit() \ + bit(marker_bit, 1) +#define bit(name, value) do { \ + av_unused uint32_t bit = value; \ + xui(1, name, bit, value, value, 0); \ + } while (0) + #define READ #define READWRITE read @@ -73,11 +80,6 @@ var = value; \ } while (0) -#define marker_bit() do { \ - av_unused uint32_t one; \ - CHECK(ff_cbs_read_unsigned(ctx, rw, 1, "marker_bit", NULL, &one, 1, 1)); \ - } while (0) - #define nextbits(width, compare, var) \ (get_bits_left(rw) >= width && \ (var = show_bits(rw, width)) == (compare)) @@ -93,7 +95,6 @@ #undef RWContext #undef xui #undef xsi -#undef marker_bit #undef nextbits #undef infer @@ -115,10 +116,6 @@ MAX_INT_BITS(width))); \ } while (0) -#define marker_bit() do { \ - CHECK(ff_cbs_write_unsigned(ctx, rw, 1, "marker_bit", NULL, 1, 1, 1)); \ - } while (0) - #define nextbits(width, compare, var) (var) #define infer(name, value) do { \ @@ -137,7 +134,6 @@ #undef RWContext #undef xui #undef xsi -#undef marker_bit #undef nextbits #undef infer diff --git a/libavcodec/cbs_mpeg2.h b/libavcodec/cbs_mpeg2.h index 11f93b9df8..db5ebc56ea 100644 --- a/libavcodec/cbs_mpeg2.h +++ b/libavcodec/cbs_mpeg2.h @@ -194,8 +194,6 @@ typedef struct MPEG2RawSliceHeader { uint8_t slice_picture_id_enable; uint8_t slice_picture_id; - uint8_t extra_bit_slice; - size_t extra_information_length; uint8_t *extra_information; AVBufferRef *extra_information_ref; diff --git a/libavcodec/cbs_mpeg2_syntax_template.c b/libavcodec/cbs_mpeg2_syntax_template.c index d9ef480f39..1f2d2497c3 100644 --- a/libavcodec/cbs_mpeg2_syntax_template.c +++ b/libavcodec/cbs_mpeg2_syntax_template.c @@ -377,31 +377,25 @@ static int FUNC(slice_header)(CodedBitstreamContext *ctx, RWContext *rw, uint8_t bit; start = *rw; for (k = 0; nextbits(1, 1, bit); k++) - skip_bits(rw, 8); + skip_bits(rw, 1 + 8); current->extra_information_length = k; if (k > 0) { *rw = start; current->extra_information_ref = - av_buffer_alloc(current->extra_information_length); + av_buffer_allocz(k + AV_INPUT_BUFFER_PADDING_SIZE); if (!current->extra_information_ref) return AVERROR(ENOMEM); current->extra_information = current->extra_information_ref->data; - for (k = 0; k < current->extra_information_length; k++) { - xui(1, extra_bit_slice, bit, 1, 1, 0); - xui(8, extra_information_slice[k], - current->extra_information[k], 0, 255, 1, k); - } } -#else +#endif for (k = 0; k < current->extra_information_length; k++) { - xui(1, extra_bit_slice, 1, 1, 1, 0); + bit(extra_bit_slice, 1); xui(8, extra_information_slice[k], current->extra_information[k], 0, 255, 1, k); } -#endif } } - ui(1, extra_bit_slice); + bit(extra_bit_slice, 0); return 0; }