diff options
| author | Ronald S. Bultje <rsbultje@gmail.com> | 2014-02-08 08:24:13 -0500 |
|---|---|---|
| committer | Clément Bœsch <u@pkh.me> | 2014-02-08 18:30:17 +0100 |
| commit | af63ea7078c8e43bc9299acbe2758b21623cffc4 (patch) | |
| tree | 7afc0610e7b85679b874780d2d81961e39422938 /libavcodec/vp9.c | |
| parent | bd35d58463f01f7781df052864ae16f5e228c1bc (diff) | |
vp9: re-allocate block buffers on uses_2pass change w/o size change.
Fixes valgrind errors and crashes in fuzzed9.ivf.
Diffstat (limited to 'libavcodec/vp9.c')
| -rw-r--r-- | libavcodec/vp9.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/libavcodec/vp9.c b/libavcodec/vp9.c index 3545b32360..b666f261b4 100644 --- a/libavcodec/vp9.c +++ b/libavcodec/vp9.c @@ -230,6 +230,7 @@ typedef struct VP9Context { DECLARE_ALIGNED(32, uint8_t, edge_emu_buffer)[71*80]; // block reconstruction intermediates + int block_alloc_using_2pass; int16_t *block_base, *block, *uvblock_base[2], *uvblock[2]; uint8_t *eob_base, *uveob_base[2], *eob, *uveob[2]; struct { int x, y; } min_mv, max_mv; @@ -336,9 +337,23 @@ static int update_size(AVCodecContext *ctx, int w, int h) assign(s->above_mv_ctx, VP56mv(*)[2], 16); #undef assign + // these will be re-allocated a little later + av_freep(&s->b_base); + av_freep(&s->block_base); + + return 0; +} + +static int update_block_buffers(AVCodecContext *ctx) +{ + VP9Context *s = ctx->priv_data; + + if (s->b_base && s->block_base && s->block_alloc_using_2pass == s->uses_2pass) + return 0; + av_free(s->b_base); av_free(s->block_base); - if (ctx->active_thread_type == FF_THREAD_FRAME && s->refreshctx && !s->parallelmode) { + if (s->uses_2pass) { int sbs = s->sb_cols * s->sb_rows; s->b_base = av_malloc(sizeof(VP9Block) * s->cols * s->rows); @@ -361,6 +376,7 @@ static int update_size(AVCodecContext *ctx, int w, int h) s->uveob_base[0] = s->eob_base + 256; s->uveob_base[1] = s->uveob_base[0] + 64; } + s->block_alloc_using_2pass = s->uses_2pass; return 0; } @@ -3563,6 +3579,11 @@ static int vp9_decode_frame(AVCodecContext *ctx, void *frame, memset(s->above_segpred_ctx, 0, s->cols); s->pass = s->uses_2pass = ctx->active_thread_type == FF_THREAD_FRAME && s->refreshctx && !s->parallelmode; + if ((res = update_block_buffers(ctx)) < 0) { + av_log(ctx, AV_LOG_ERROR, + "Failed to allocate block buffers\n"); + return res; + } if (s->refreshctx && s->parallelmode) { int j, k, l, m; |