[XviD-devel] Various bugs
Christoph Lampert
chl at math.uni-bonn.de
Wed Feb 16 16:48:28 CET 2005
Hi,
thank you for your bugreport, but:
On Wed, 16 Feb 2005, Fr?d?ric DALLEAU wrote:
> * I found xvid was doing division by 0 :
> 1) It appeared that the macro DIV_DIV (global.h l. 258) did not check
> its b parameters. I successfully made a patch. It appeared in rescale()
> (mbprediction.c) but i found it safer to have it checked everywhere. It
> meant the quantizer was 0 but since I have no mpeg4 knowledge i did
> basic checking :
> #define DIV_DIV(a,b) (((b)!=0)?(((a)>0) ? ((a)+((b)>>1))/(b) :
> ((a)-((b)>>1))/(b)):0)
DIV_DIV should not be used in first place if b could be 0. In
mbprediction.c from what I saw with a quick glance, b is the quantizer,
and that is only in range 1 to 31.
> 2) I got dec->time_pp at 0 when dividing in decoder.c l.1236, but
> haven't found a patch yet
Similar: time_pp cannot be 0 in a legal file, but I don't know what
happens for nonconformant streams. XviD isn't necessarily stable dealing
with those, that's true.
> * I also found some index out of bounds that causes crash (debug
> build) when reading scantable (mbcoding.c l.1128: get_intra_block(),
> get_inter_block_h263(), get_inter_block_mpeg()).
> block[scan[coeff]] = level; // coeff was out of scan
Again, this should not happen in a legal stream, because there the
position coefficients cannot add up more than 64 (or rather, the "last"
flag should be raised before).
But at least in the decoding part, we should be more error resilient, you
are right.
gruel
More information about the XviD-devel
mailing list