wavpack_decode_block() supposes that it is called back with the exact
same buffer unless it has returned with an error. With multi-channels
files, wavpack_decode_frame() was breaking this assumption.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c2a016ad4d9c29285813ba5806189e63e063e0fb)
Adds an additional check before reading the next block header and avoids a
potential integer overflow when checking the metadata size against the
remaining buffer size.
(cherry picked from commit 4c5e7b27d57dd2be777780e840eef9be63242158)
Signed-off-by: Mike Scheutzow <mike.scheutzow@alcatel-lucent.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e2dae1faa84ada5746ac2114de7eb68abd824131)
The buffer size and pointer were not checked prior to testing the first
byte of the buffer. These were sometimes checked before calling, but it is
better to add it inside the function as it takes buf and size arguments.
Signed-off-by: Alexander Strasser <eclipse7@gmx.net>
(cherry picked from commit 715f259bf949b06df1b5ed0307606dc258754c99)
It prevents leaving the state only half initialized.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 91f104496bb7632ed5ff03798e06dd8af014f0d9)
As a signed integer, 1<<31 overflows, so force it to unsigned.
Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit c2d3f561072132044114588a5f56b8e1974a2af7)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
occurd during debug. I dont know if this can happen normally but if so
it would be quite bad.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit abe0dbea2e228621e97184e39159d189b6085fe3)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This fixes a crash with 422 H.264
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 7322483d72d4abefae9f5c08c611f521de7236a5)
use put_bits_count to get the buffer fill state instead of
num_saved_bits as num_saved_bits is sometimes reset when
frames are lost
(Ticket 495)
(cherry picked from commit 780d45473c32fa356c8ce385c3ea4692567c3228)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4f6187c7356111540024901932294e9807061dd0)
On 32-bit ppc, the GOT pointer must be loaded manually.
This adds a "get_got" assembler macro to compute the
GOT address. The "movrel" macro is updated to take an
additional parameter containing the GOT address since
no register is reserved for this purpose on ppc32.
These changes have no effect on ppc64 builds.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit 6e4a35ced96cdf31a9d3bd82fd147554750af839)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 4cc7732386eb36661ed22d1200339b38a5fa60bc)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit b4ed3d78cb6c41c9d3ee5918c326ab925edd6a89)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
rv34_decode_slice() can return without allocating any pictures.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit d0f6ab0298f2309c6104626787ed73416298b019)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This prevents crashes with some corrupted bitstreams.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 4a29b471869353c3077fb4b25b6518eb1047afb7)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
init_get_bits() takes a number of bits and not a number of bytes as
its size argument.
Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit b59efc94347ccf0cbc2ff14a5a9e99819c5bdc4d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
stereo & 16bit is untested due to lack of samples
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 5166376f24545207607f61ed8ff4e1b0572ff320)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 6489455495fc5bfbebcfe3f57e5d4fdd6a781091)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 9676ffba8346791f494451e68d2a3b37a2918a9b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 8bfea4ab4e2cb32bc7bf6f697ee30a238c65d296)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
