On Fri, Mar 09, 2012 at 11:42:36AM -0800, Ronald S. Bultje wrote: > Hi, > > On Thu, Mar 8, 2012 at 9:54 PM, Kostya Shishkov > <[email protected]> wrote: > > On Thu, Mar 08, 2012 at 04:32:48PM -0800, Ronald S. Bultje wrote: > >> From: "Ronald S. Bultje" <[email protected]> > >> > >> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > >> CC: [email protected] > >> --- > >> libavcodec/xxan.c | 7 ++++--- > >> 1 file changed, 4 insertions(+), 3 deletions(-) > >> > >> diff --git a/libavcodec/xxan.c b/libavcodec/xxan.c > >> index 86b4195..6dedcb0 100644 > >> --- a/libavcodec/xxan.c > >> +++ b/libavcodec/xxan.c > >> @@ -162,7 +162,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, > >> unsigned chroma_off) > >> int i, j; > >> const uint8_t *src, *src_end; > >> const uint8_t *table; > >> - int mode, offset, dec_size; > >> + int mode, offset, dec_size, table_size; > >> > >> if (!chroma_off) > >> return 0; > >> @@ -173,6 +173,7 @@ static int xan_decode_chroma(AVCodecContext *avctx, > >> unsigned chroma_off) > >> bytestream2_seek(&s->gb, chroma_off + 4, SEEK_SET); > >> mode = bytestream2_get_le16(&s->gb); > >> table = s->gb.buffer; > >> + table_size = bytestream2_get_bytes_left(&s->gb) >> 1; > >> offset = bytestream2_get_le16(&s->gb) * 2; > > > > In principle OK but from the code it seems to be like this: > > <compressed data offset> > > <table> > > <compressed data> > > > > And having table to point on compressed data is pointless, so I suggest > > table_size = offset >> 1 instead > > Well, we discussed this on IRC, right? The question was whether table > and offset can overlap - by design, and we concluded that (since the > media is made for old games, where space is limited) they may have > actually pulled such tricks for some of their games. that's why I kept > it more liberal... > > I can change that if preferred.
They _can_ but they shouldn't, so please change. _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
