On Thu, Mar 08, 2012 at 04:32:48PM -0800, Ronald S. Bultje wrote: > From: "Ronald S. Bultje" <[email protected]> > > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > CC: [email protected] > --- > libavcodec/xxan.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/libavcodec/xxan.c b/libavcodec/xxan.c > index 86b4195..6dedcb0 100644 > --- a/libavcodec/xxan.c > +++ b/libavcodec/xxan.c > @@ -162,7 +162,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, > unsigned chroma_off) > int i, j; > const uint8_t *src, *src_end; > const uint8_t *table; > - int mode, offset, dec_size; > + int mode, offset, dec_size, table_size; > > if (!chroma_off) > return 0; > @@ -173,6 +173,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, > unsigned chroma_off) > bytestream2_seek(&s->gb, chroma_off + 4, SEEK_SET); > mode = bytestream2_get_le16(&s->gb); > table = s->gb.buffer; > + table_size = bytestream2_get_bytes_left(&s->gb) >> 1; > offset = bytestream2_get_le16(&s->gb) * 2;
In principle OK but from the code it seems to be like this: <compressed data offset> <table> <compressed data> And having table to point on compressed data is pointless, so I suggest table_size = offset >> 1 instead _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
