wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 526097 - Length check mode_sizes array in Vorbis automatic metric calculation. r=chris.double

Browse Source
This commit is contained in:
Matthew Gregan 2010-03-17 17:18:18 +13:00
parent 4c294e0cbd
commit 95f6eaeca3
4 changed files with 157 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
media/liboggz/README_MOZILLA
View File

@ -35,3 +35,5 @@ bug520493.patch: Fix oggz seek so that it doesn't exit too early, and to use
bug523335.patch: Abort oggz seek bisection when the underlying stream closes.
bug533822.patch: Clear packets queued for granulepos calcuation when resetting streams.
bug526097.patch: Length check mode_sizes array in vorbis auto metrics calculation.

147
media/liboggz/bug526097.patch Normal file
View File

@ -0,0 +1,147 @@
diff --git a/media/liboggz/src/liboggz/oggz_auto.c b/media/liboggz/src/liboggz/oggz_auto.c
--- a/media/liboggz/src/liboggz/oggz_auto.c
+++ b/media/liboggz/src/liboggz/oggz_auto.c
@@ -675,16 +675,17 @@ auto_rcalc_theora(ogg_int64_t next_packe
typedef struct {
int nln_increments[4];
int nsn_increment;
int short_size;
int long_size;
int encountered_first_data_packet;
int last_was_long;
int log2_num_modes;
+ int mode_sizes_length;
int mode_sizes[1];
} auto_calc_vorbis_info_t;
static ogg_int64_t
auto_calc_vorbis(ogg_int64_t now, oggz_stream_t *stream, ogg_packet *op) {
auto_calc_vorbis_info_t *info;
@@ -708,16 +709,17 @@ auto_calc_vorbis(ogg_int64_t now, oggz_s
info->nln_increments[3] = long_size >> 1;
info->nln_increments[2] = 3 * (long_size >> 2) - (short_size >> 2);
info->nln_increments[1] = (long_size >> 2) + (short_size >> 2);
info->nln_increments[0] = info->nln_increments[3];
info->short_size = short_size;
info->long_size = long_size;
info->nsn_increment = short_size >> 1;
info->encountered_first_data_packet = 0;
+ info->mode_sizes_length = 0;
/* this is a header packet */
return 0;
}
/*
* marker for header packets
*/
@@ -860,16 +862,17 @@ auto_calc_vorbis(ogg_int64_t now, oggz_s
/* Check that size to be realloc'd doesn't overflow */
size_realloc_bytes = sizeof(auto_calc_vorbis_info_t) + (size - 1) * sizeof(int);
if (size_realloc_bytes < sizeof (auto_calc_vorbis_info_t)) return -1;
/* Store mode size information in our info struct */
info = realloc(stream->calculate_data, size_realloc_bytes);
if (info == NULL) return -1;
+ info->mode_sizes_length = size + 1;
stream->calculate_data = info;
i = -1;
while ((1 << (++i)) < size);
info->log2_num_modes = i;
mode_size_ptr = info->mode_sizes;
@@ -882,85 +885,37 @@ auto_calc_vorbis(ogg_int64_t now, oggz_s
current_pos += 5;
}
}
return 0;
}
- info = (auto_calc_vorbis_info_t *)stream->calculate_data;
-
return -1;
-
- {
- /*
- * we're in a data packet! First we need to get the mode of the packet,
- * and from the mode, the size
- */
- int mode;
- int size;
- ogg_int64_t result;
-
- mode = (op->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
- size = info->mode_sizes[mode];
-
- /*
- * if we have a working granulepos, we use it, but only if we can't
- * calculate a valid gp value.
- */
- if (now > -1 && stream->last_granulepos == -1) {
- info->encountered_first_data_packet = 1;
- info->last_was_long = size;
- return now;
- }
-
- if (info->encountered_first_data_packet == 0) {
- info->encountered_first_data_packet = 1;
- info->last_was_long = size;
- return -1;
- }
-
- /*
- * otherwise, if we haven't yet had a working granulepos, we return
- * -1
- */
- if (stream->last_granulepos == -1) {
- info->last_was_long = size;
- return -1;
- }
-
- result = stream->last_granulepos +
- (
- (info->last_was_long ? info->long_size : info->short_size)
- +
- (size ? info->long_size : info->short_size)
- ) / 4;
- info->last_was_long = size;
-
- return result;
-
- }
-
}
ogg_int64_t
auto_rcalc_vorbis(ogg_int64_t next_packet_gp, oggz_stream_t *stream,
ogg_packet *this_packet, ogg_packet *next_packet) {
auto_calc_vorbis_info_t *info =
(auto_calc_vorbis_info_t *)stream->calculate_data;
int mode =
(this_packet->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
+ if (info->mode_sizes_length == 0 || mode < 0 || mode >= info->mode_sizes_length)
+ return 0;
int this_size = info->mode_sizes[mode] ? info->long_size : info->short_size;
int next_size;
ogg_int64_t r;
mode = (next_packet->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
+ if (info->mode_sizes_length == 0 || mode < 0 || mode >= info->mode_sizes_length)
+ return 0;
next_size = info->mode_sizes[mode] ? info->long_size : info->short_size;
r = next_packet_gp - ((this_size + next_size) / 4);
if (r < 0) return 0L;
return r;
}

59
media/liboggz/src/liboggz/oggz_auto.c
View File

@ -680,6 +680,7 @@ typedef struct {
int encountered_first_data_packet;
int last_was_long;
int log2_num_modes;
int mode_sizes_length;
int mode_sizes[1];
} auto_calc_vorbis_info_t;
@ -713,6 +714,7 @@ auto_calc_vorbis(ogg_int64_t now, oggz_stream_t *stream, ogg_packet *op) {
info->long_size = long_size;
info->nsn_increment = short_size >> 1;
info->encountered_first_data_packet = 0;
info->mode_sizes_length = 0;
/* this is a header packet */
return 0;
@ -865,6 +867,7 @@ auto_calc_vorbis(ogg_int64_t now, oggz_stream_t *stream, ogg_packet *op) {
info = realloc(stream->calculate_data, size_realloc_bytes);
if (info == NULL) return -1;
info->mode_sizes_length = size + 1;
stream->calculate_data = info;
i = -1;
@ -887,59 +890,7 @@ auto_calc_vorbis(ogg_int64_t now, oggz_stream_t *stream, ogg_packet *op) {
return 0;
}
info = (auto_calc_vorbis_info_t *)stream->calculate_data;
return -1;
{
/*
* we're in a data packet! First we need to get the mode of the packet,
* and from the mode, the size
*/
int mode;
int size;
ogg_int64_t result;
mode = (op->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
size = info->mode_sizes[mode];
/*
* if we have a working granulepos, we use it, but only if we can't
* calculate a valid gp value.
*/
if (now > -1 && stream->last_granulepos == -1) {
info->encountered_first_data_packet = 1;
info->last_was_long = size;
return now;
}
if (info->encountered_first_data_packet == 0) {
info->encountered_first_data_packet = 1;
info->last_was_long = size;
return -1;
}
/*
* otherwise, if we haven't yet had a working granulepos, we return
* -1
*/
if (stream->last_granulepos == -1) {
info->last_was_long = size;
return -1;
}
result = stream->last_granulepos +
(
(info->last_was_long ? info->long_size : info->short_size)
+
(size ? info->long_size : info->short_size)
) / 4;
info->last_was_long = size;
return result;
}
}
ogg_int64_t
@ -951,11 +902,15 @@ auto_rcalc_vorbis(ogg_int64_t next_packet_gp, oggz_stream_t *stream,
int mode =
(this_packet->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
if (info->mode_sizes_length == 0 || mode < 0 || mode >= info->mode_sizes_length)
return 0;
int this_size = info->mode_sizes[mode] ? info->long_size : info->short_size;
int next_size;
ogg_int64_t r;
mode = (next_packet->packet[0] >> 1) & ((1 << info->log2_num_modes) - 1);
if (info->mode_sizes_length == 0 || mode < 0 || mode >= info->mode_sizes_length)
return 0;
next_size = info->mode_sizes[mode] ? info->long_size : info->short_size;
r = next_packet_gp - ((this_size + next_size) / 4);

1
media/liboggz/update.sh
View File

@ -67,3 +67,4 @@ patch -p3 <bug498380.patch
patch -p3 <bug520493.patch
patch -p3 <bug523335.patch
patch -p3 <bug533822.patch
patch -p3 <bug526097.patch