[FFmpeg-devel] [PATCH] avcodec/pngdec: init zlib on decoder init.
Nicolas George
george at nsup.org
Thu Nov 20 09:50:21 CET 2014
Le decadi 30 brumaire, an CCXXIII, Benoit Fouet a écrit :
> ---
> libavcodec/pngdec.c | 30 ++++++++++++------------------
> 1 file changed, 12 insertions(+), 18 deletions(-)
>
> diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
> index 57b73c1..e3d61f6 100644
> --- a/libavcodec/pngdec.c
> +++ b/libavcodec/pngdec.c
> @@ -411,11 +411,6 @@ static int decode_zbuf(AVBPrint *bp, const uint8_t *data,
> unsigned buf_size;
> int ret;
>
> - zstream.zalloc = ff_png_zalloc;
> - zstream.zfree = ff_png_zfree;
> - zstream.opaque = NULL;
> - if (inflateInit(&zstream) != Z_OK)
> - return AVERROR_EXTERNAL;
What happens if one frame contains a damaged zTXt and the next one a valid
one? With the current code, since the zstream is inited each time, the first
one gives whatever it gives and the second one works normally. With the
modified code, I am afraid that the unpredictable state at the end of the
damaged frame will be kept for the good one.
> zstream.next_in = (unsigned char *)data;
> zstream.avail_in = data_end - data;
> av_bprint_init(bp, 0, -1);
> @@ -437,12 +432,10 @@ static int decode_zbuf(AVBPrint *bp, const uint8_t *data,
> if (ret == Z_STREAM_END)
> break;
> }
> - inflateEnd(&zstream);
> bp->str[bp->len] = 0;
> return 0;
>
> fail:
> - inflateEnd(&zstream);
> av_bprint_finalize(bp, NULL);
> return ret;
> }
> @@ -924,16 +917,6 @@ static int decode_frame_png(AVCodecContext *avctx,
>
> s->y = s->state = 0;
>
> - /* init the zlib */
> - s->zstream.zalloc = ff_png_zalloc;
> - s->zstream.zfree = ff_png_zfree;
> - s->zstream.opaque = NULL;
> - ret = inflateInit(&s->zstream);
> - if (ret != Z_OK) {
> - av_log(avctx, AV_LOG_ERROR, "inflateInit returned error %d\n", ret);
> - return AVERROR_EXTERNAL;
> - }
> -
> if ((ret = decode_frame_common(avctx, s, p, avpkt)) < 0)
> goto the_end;
>
> @@ -944,7 +927,6 @@ static int decode_frame_png(AVCodecContext *avctx,
>
> ret = bytestream2_tell(&s->gb);
> the_end:
> - inflateEnd(&s->zstream);
> s->crow_buf = NULL;
> return ret;
> }
> @@ -967,6 +949,7 @@ static int update_thread_context(AVCodecContext *dst, const AVCodecContext *src)
> static av_cold int png_dec_init(AVCodecContext *avctx)
> {
> PNGDecContext *s = avctx->priv_data;
> + int ret;
>
> s->avctx = avctx;
> s->last_picture.f = av_frame_alloc();
> @@ -979,6 +962,16 @@ static av_cold int png_dec_init(AVCodecContext *avctx)
> ff_pngdsp_init(&s->dsp);
> }
>
> + /* init the zlib */
> + s->zstream.zalloc = ff_png_zalloc;
> + s->zstream.zfree = ff_png_zfree;
> + s->zstream.opaque = NULL;
> + ret = inflateInit(&s->zstream);
> + if (ret != Z_OK) {
> + av_log(avctx, AV_LOG_ERROR, "inflateInit returned error %d\n", ret);
> + return AVERROR_EXTERNAL;
> + }
> +
> return 0;
> }
>
> @@ -996,6 +989,7 @@ static av_cold int png_dec_end(AVCodecContext *avctx)
> s->last_row_size = 0;
> av_freep(&s->tmp_row);
> s->tmp_row_size = 0;
> + inflateEnd(&s->zstream);
>
> return 0;
> }
Regards,
--
Nicolas George
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20141120/24fed245/attachment.asc>
More information about the ffmpeg-devel
mailing list