On Thu, Apr 23, 2026 at 11:07:30AM +0200, Vidar Waagbø via ffmpeg-devel wrote: > AI-assisted patch to fix an issue discovered with the c93 format > causing persisted palette issues during scene changes: > > The block decoder does not always consume every byte of the video > section -- some Interplay C93 streams (notably Cyberia 1994 cutscenes > like finmus.c93, oceanmus.c93, port.c93, etc.) pad the video region > with bytes the block decoder has no opcode for, leaving the bytestream > cursor short of where the palette actually starts. The 768-byte > palette is then read from the unread tail of the video region, > corrupting the decoder's palette with arbitrary bytes. > > The corrupt palette cascades through every subsequent P-frame via the > oldpic->data[1] memcpy branch until the next palette-update frame > lands, producing scrambled-colour scene-change glitches that persist > for tens of seconds (~12 s / 150 frames on the first finmus.c93 > transition). > > The demuxer (libavformat/c93.c) always appends the palette as the > last 768 bytes of the packet, regardless of how many video bytes the > block decoder will consume, so seeking to buf_size - 768 before the > palette loop fixes the misalignment. The seek is a no-op for streams > where the block loop already lands at the correct position. > > Signed-off-by: Vidar Waagbø <[email protected]> > --- > libavcodec/c93.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/libavcodec/c93.c b/libavcodec/c93.c > index 288b1f0..f110d42 100644 > --- a/libavcodec/c93.c > +++ b/libavcodec/c93.c > @@ -243,6 +243,12 @@ static int decode_frame(AVCodecContext *avctx, > AVFrame *rframe,
this patch is corrupted by a linebreak thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB There will always be a question for which you do not know the correct answer.
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
