avcodec/vc1: fix DIFF2/NORM2 with width<=16

Fixes read of uninitialized memory
Fixes msan_uninit-mem_7f785da000e8_585_480i30__codec_WVC1__mode_2__framerate_29.970__type_2__preproc_17.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2013-12-14 17:55:25 +01:00
parent c9f72e4b81
commit 2224159c78

View File

@ -122,12 +122,16 @@ static int bitplane_decoding(uint8_t* data, int *raw_flag, VC1Context *v)
case IMODE_NORM2: case IMODE_NORM2:
if ((height * width) & 1) { if ((height * width) & 1) {
*planep++ = get_bits1(gb); *planep++ = get_bits1(gb);
offset = 1; y = offset = 1;
if (offset == width) {
offset = 0;
planep += stride - width;
}
} }
else else
offset = 0; y = offset = 0;
// decode bitplane as one long line // decode bitplane as one long line
for (y = offset; y < height * width; y += 2) { for (; y < height * width; y += 2) {
code = get_vlc2(gb, ff_vc1_norm2_vlc.table, VC1_NORM2_VLC_BITS, 1); code = get_vlc2(gb, ff_vc1_norm2_vlc.table, VC1_NORM2_VLC_BITS, 1);
*planep++ = code & 1; *planep++ = code & 1;
offset++; offset++;