Hi, On Thu, Mar 8, 2012 at 9:54 PM, Kostya Shishkov <[email protected]> wrote: > On Thu, Mar 08, 2012 at 04:32:48PM -0800, Ronald S. Bultje wrote: >> From: "Ronald S. Bultje" <[email protected]> >> >> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind >> CC: [email protected] >> --- >> libavcodec/xxan.c | 7 ++++--- >> 1 file changed, 4 insertions(+), 3 deletions(-) >> >> diff --git a/libavcodec/xxan.c b/libavcodec/xxan.c >> index 86b4195..6dedcb0 100644 >> --- a/libavcodec/xxan.c >> +++ b/libavcodec/xxan.c >> @@ -162,7 +162,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, >> unsigned chroma_off) >> int i, j; >> const uint8_t *src, *src_end; >> const uint8_t *table; >> - int mode, offset, dec_size; >> + int mode, offset, dec_size, table_size; >> >> if (!chroma_off) >> return 0; >> @@ -173,6 +173,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, >> unsigned chroma_off) >> bytestream2_seek(&s->gb, chroma_off + 4, SEEK_SET); >> mode = bytestream2_get_le16(&s->gb); >> table = s->gb.buffer; >> + table_size = bytestream2_get_bytes_left(&s->gb) >> 1; >> offset = bytestream2_get_le16(&s->gb) * 2; > > In principle OK but from the code it seems to be like this: > <compressed data offset> > <table> > <compressed data> > > And having table to point on compressed data is pointless, so I suggest > table_size = offset >> 1 instead
Well, we discussed this on IRC, right? The question was whether table and offset can overlap - by design, and we concluded that (since the media is made for old games, where space is limited) they may have actually pulled such tricks for some of their games. that's why I kept it more liberal... I can change that if preferred. Ronald _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
