summaryrefslogtreecommitdiffstats
path: root/decoder/ih264d_parse_pslice.c
Commit message (Collapse)AuthorAgeFilesLines
* Decoder: Fixed allocation of pv_map_ref_idx_to_poc_buf.Hamsalekha S2017-09-141-8/+3
| | | | | | | | | | | | | | Increased allocation to include reference list1 also by default. In the case of error, we could get B_SLICES even in BASE_PROFILE. The initialization in the dec_slice_struct_t slice structure has also been modified accordingly. Test: run poc with and without this patch Bug: 38496660 Change-Id: I3451d79bbcd9f0d7a80981a9897f877b7f0812bd (cherry picked from commit a925a6b539642c8749c91a6f33e362eda8c4a5b6) CVE-2017-0776
* Initializing reference list for every P/B slice.Hamsalekha S2017-08-311-17/+1
| | | | | | | | | | | Reference list needs to be initialized for every P/B slice, to ensure colocated picture always points to a valid picture buffer, even in the case of error. Bug: 36279112 Change-Id: I051d7e725b0af209cc7bb333db8da3518adf78a0 (cherry picked from commit f9d3f9af8fc113acda28e1a4e48d85736ee29c75)
* Decoder: Fix end of bitstream error.Hamsalekha S2017-07-071-2/+10
| | | | | | | | | | | | | | The end of bistream error check was fixed for odd number of macroblocks in Mbaff frames. Bug: 37008096 Test: Ittiam-verified AOSP-Change-Id: I058d74a3c1d1511968c2b36802dfc5c102947919 (cherry picked from commit 2e01924cd692191c970c64ec3f358e53dccb9e54) CVE-2017-0680 Change-Id: I4472f827796093e932d9853d45f21a4a16d92928
* Decoder: Fixes in accessing mbaff flag in error casesHarish Mahendrakar2017-07-061-4/+4
| | | | | | | | | | | | | | | ps_dec->ps_cur_slice->u1_mbaff_frame_flag is updated in ih264d_start_of_pic(). So updated value should be used after calling ih264d_start_of_pic() Bug: 33974623 Test: ran POC from bug AOSP-Change-Id: I0f1ff5e01ed39767f493f197791e51b0da74952f (cherry picked from commit 3f6937a0031e4acadc9228559ae2ae47b992b16a) (cherry picked from commit 0f2f2b5fde873b8badee949561c17692588647e8) CVE-2017-0673 Change-Id: I4e9f951fa836ea597dfa6a593de8da0c476627f1
* Decoder: Fixed initialization of first_slice_in_picreplicant-6.0-0001Harish Mahendrakar2017-04-051-1/+0
| | | | | | | | | | | | | | | | | | | To handle some errors, first_slice_in_pic was being set to 2. This is now cleaned up and first_slice_in_pic is set to 1 only once per pic. This will ensure picture level initializations are done only once even in case of error clips Bug: 33717589 Bug: 33551775 Bug: 33716442 Bug: 33677995 AOSP-Change-Id: If341436b3cbaa724017eedddd88c2e6fac36d8ba CVE-2017-0555 Change-Id: Ifecf8e8cf6a257eaffdc8411e6af44962b554d72 (cherry picked from commit 0b23c81c3dd9ec38f7e6806a3955fed1925541a0)
* Decoder: Return correct error code for slice header errorsHarish Mahendrakar2017-04-051-1/+1
| | | | | | | | | | | | | Return ERROR_INV_SLICE_HDR_T instead of ERROR_INV_SPS_PPS_T for slice header errors. Bug: 34097915 AOSP-Change-Id: I45d14a71f2322ff349058baaf65fb0f3c1140fba CVE-2017-0552 Change-Id: I4c87503f9014f67721fb3a06a7542215d4f10cd6 (cherry picked from commit 9a00f562a612d56e7b2b989d168647db900ba6cf)
* Fix in returning end of bitstream error for MBAFFHarish Mahendrakar2017-04-051-0/+4
| | | | | | | | | | | | | | | In case of MBAFF streams, slices should terminate on even MB boundary. If bytes are exhausted with odd number of MBs decoded for MBAff, then treat that as error. Bug: 33933140 AOSP-Change-Id: Ifc26b66ff8ebdb3aec5c0d6c512e4cac3f54c5b7 CVE-2017-0550 Change-Id: I239352c34311d40096ebd7eed66acfb11a628475 (cherry picked from commit 7950bf47b6944546a0aff11a7184947de9591b51)
* Decoder: Moved end of pic processing to end of decode callHarish Mahendrakar2017-04-051-11/+1
| | | | | | | | | | | | | | | | | | | | ih264d_end_of_pic() was called after parsing slice of a new picture. This is now being done at the end of decode of the current picture. decode_gaps_in_frame_num which needs frame_num of new slice is now done after decoding frame_num in new slice. This helps in handling errors in picaff streams with gaps in frames Bug: 33588051 Bug: 33641588 Bug: 34097231 AOSP-Change-Id: I1a26e611aaa2c19e2043e05a210849bd21b22220 CVE-2017-0538 CVE-2017-0551 Change-Id: I62cd9bff7c8d4b20c930e6ddc4164aaa3368407f (cherry picked from commit 494561291a503840f385fbcd11d9bc5f4dc502b8)
* Decoder: Fix in error concealment in the case of Mbaff clipsHarish Mahendrakar2017-03-221-1/+6
| | | | | | | | | | | | | | | In case of MBAff clips, if error is detected after parsing odd MB, then treat that odd MB also as error. All MBAff processing is done as an MB-Pair. Bug: 33298089 CVE-2017-0482 CVE-2017-0484 Change-Id: I5242064dadec93333123309cea4c8a8676a2e727 (cherry picked from commit 3ebff7dc62f6fb93d9635dd052c1140ddcc63dc7) (cherry picked from commit a467b1fb2956fdcee5636ab63573a4bca8150dbe)
* Decoder: Fix in checking first_mb_in_sliceHarish Mahendrakar2017-03-221-5/+9
| | | | | | | | | | | | | | Also, increment slice header only if previous slice had atleast one MB This is to ensure there is no out of bound read for streams with 1 MB, and due to error 2 slices were being accessed. Bug: 33982658 CVE-2017-0473 Change-Id: I5f1918c09e922ca39f495f6059dfea3fa1d49448 (cherry picked from commit ef27433ca86c4084f0cff3e284f9e799c3fdfbec) (cherry picked from commit 0a4463e2beddb8290e05ad552e48b17686f854ce)
* Decoder: Fix in MB count in MBAff error handlingHarish Mahendrakar2017-03-221-0/+5
| | | | | | | | | | | | | Number of MBs to be marked as skip should be even for MBAff error streams Bug: 33450635 CVE-2017-0469 Change-Id: I6af59632e4b2d2882881fe8c52472164ea088f7a (cherry picked from commit 43e0aa221067341b0b32bc87410a1ca45d9a6455) (cherry picked from commit 21851eaecc814be709cb0c20f732cb858cfe1440)
* Decoder: Fix in the case of error in the first MB in frame.Harish Mahendrakar2017-03-221-5/+5
| | | | | | | | | | | | | | In case of error in first MB in a frame, ps_dec->i4_submb_ofst was decremented to result in negative offsets. Bug: 33351708 CVE-2017-0468 CVE-2017-0482 Change-Id: I7376f781782576616351ffa0e1d43b835f7bbbbe (cherry picked from commit 56b5563f3eecb845148a2948beb3f07343784f3f) (cherry picked from commit 0e8b1dff88e08b9d738d2360f05b96108e190995)
* Decoder: Fixed cur_mb_info initialization in error casesHarish Mahendrakar2017-03-221-1/+1
| | | | | | | | | | | | | | | | | | When number of MBs decoded in the current frame is zero and an error is detected, MB info was unnecessarily decremented in multi-core case. Bug: 33351708 Bug: 33298089 Bug: 33250932 CVE-2017-0467 CVE-2017-0468 CVE-2017-0482 CVE-2017-0484 Change-Id: I150c48c6fb382736f1de855ba5384c12bf84710d (cherry picked from commit 902c15251fe53f103f910b9f6a133e4cc7ca7416) (cherry picked from commit fd9a12f9fdd9dd3e66c59dd7037e864b948085f7)
* Decoder: Fixes in handling errors in Mbaff clips.Harish Mahendrakar2016-12-121-2/+7
| | | | | | | | | | Fixes mb_x, mb_y and first_mb_in_slice for Mbaff error streams CYNGNOS-3312 Bug: 30481714 Change-Id: Ie99f3b57e48a620a4bc7aee88031955a2e1b6753 (cherry picked from commit d79d09f453aa7a026b5e0c5c56a15b59910a527d)
* Merge tag 'android-6.0.1_r74' into HEADJessica Wagantall2016-11-091-3/+21
|\ | | | | | | | | | | | | | | CYNGNOS-3303 Android 6.0.1 release 74 Change-Id: I85e892e50468a5cf4430ba6618f097fd26992080
| * Decoder: Fixes for handling errors in multi-slice MB Aff streamsHarish Mahendrakar2016-09-271-1/+4
| | | | | | | | | | | | | | | | | | | | Initialize default reference buffer for erroneous interlaced clips Pick slice_type from decode thread slice structure Call start_of_pic only once Bug: 30822755 Change-Id: I553c646446d99a626d62351aa1b385355191cdc3 (cherry picked from commit bc71ad2d43dc03b2a71e3423da5385ed3cb9799a)
| * Fix in the case of invalid SPS PPSHarish Mahendrakar2016-09-271-2/+17
| | | | | | | | | | | | Bug: 31092462 Change-Id: I0e2ab5a1088717bbf36f6b0cf859b5a6e0f59c5d (cherry picked from commit c2e8ffe451e2a78161037ca09a3516e65c80675c)
* | Merge tag 'android-6.0.1_r61' into HEADJessica Wagantall2016-08-021-1/+4
|\| | | | | | | | | | | Android 6.0.1 Release 61 (MOB30Z) Change-Id: I107a592189bf09de163549a3645c37eff8b70e03
| * Decoder: Fix slice number increment for error clipsHarish Mahendrakar2016-06-231-1/+4
| | | | | | | | Bug: 28673410
* | Merge remote-tracking branch 'remotes/android-6.0.1_r52' into HEADJessica Wagantall2016-07-071-1/+8
|\| | | | | | | | | | | Ticket: CYNGNOS-3020 Change-Id: I16174755f6efba69fed299659a9a35a40922999d
| * Fix slice params for interlaced videoHarish Mahendrakar2016-05-271-2/+0
| | | | | | | | | | Bug: 28165661 Change-Id: I912a86bd78ebf0617fd2bc6eb2b5a61afc17bf53
| * Decoder: Set u1_long_term_reference_flag to 0 for error concealmentHarish Mahendrakar2016-05-271-1/+1
| | | | | | | | | | | | | | | | For MBs which are in error, set u1_long_term_reference_flag to zero. This ensures latest frame is used for concealment Bug: 28470138 Change-Id: I58eab5bc1da277823f3dbb4103ba50867f8935dc
| * Decoder: Initialize slice parameters before concealing error MBsHarish Mahendrakar2016-05-271-0/+9
| | | | | | | | | | | | | | | | Also memset ps_dec_op structure to zero. For error input, this ensures dimensions are initialized to zero Bug: 28165661 Change-Id: I66eb2ddc5e02e74b7ff04da5f749443920f37141
| * Decoder Update mb count after mb map is set.Harish Mahendrakar2016-01-221-7/+4
| | | | | | | | | | | | Bug: 25928803 Change-Id: Iccc58a7dd1c5c6ea656dfca332cfb8dddba4de37
* | Return error when there are more mmco params than allocated sizeNaveen Kumar Ponnusamy2016-01-151-1/+8
|\ \ | | | | | | | | | | | | | | | | | | am: 943323f1d9 * commit '943323f1d9d3dd5c2634deb26cbe72343ca6b3db': Return error when there are more mmco params than allocated size
| * | Return error when there are more mmco params than allocated sizeNaveen Kumar Ponnusamy2016-01-131-1/+8
| | | | | | | | | | | | | | | | | | Bug: 25818142 Change-Id: I5c1b23985eeca5192b42703c627ca3d060e4e13d
* | | Decoder Update mb count after mb map is set.Harish Mahendrakar2016-01-071-7/+4
|\| | | |/ |/| | | | | | | | | am: 4a524d3a8a * commit '4a524d3a8ae9aa20c36430008e6bd429443f8f1d': Decoder Update mb count after mb map is set.
| * Decoder Update mb count after mb map is set.Harish Mahendrakar2016-01-071-7/+4
| | | | | | | | | | | | Bug: 25928803 Change-Id: Iccc58a7dd1c5c6ea656dfca332cfb8dddba4de37
* | Decoder: Once all the MBs in a picture are decoded ignore remaining bytesHarish Mahendrakar2015-10-161-2/+0
| | | | | | | | | | | | | | Once all the MBs are decoded, simply break from decode loops and do not signal an error This will handle cases where there may be extra bytes at the end of picture data Change-Id: I6d8ec918df5375f135e60f85b9a56ab2a5313a64
* | Decoder: Reduced memory requirementsHarish Mahendrakar2015-09-231-5/+22
|/ | | | | | | | | | | Memory allocations are now done based on contents of SPS API changed to move allocations inside the library Also changed strlen to strnlen Bug: 24221026 Change-Id: I9130457f564cddb4da7ec6399cc9fe88ee871217
* Improved error resilience in decoderHamsalekha S2015-06-251-13/+27
| | | | | | | | Fixed buffer management for error cases Fixed end of picture detection logic for multiple slice error cases Fixed handling of incomplete frame, missing slices. Change-Id: Iae447667e4d88869a8bf992180cacd77870b9877
* Multithreading changes and better error resilienceMarco Nelissen2015-06-031-43/+441
| | | | | | | | | | | | Fixed the following bugs Issue 21145276 Issue 21144884 Issue 21181133 Issue 21181134 Decoder now returns error if the level in stream is higher than level at init Change-Id: I8892c62bd98f7854d046510330c05a1e9ca826b2
* fix file permissionsLajos Molnar2015-05-051-0/+0
| | | | Change-Id: Ia4f99d5b963acd8d8a1afc2fbdf06b122d898f63
* Initial versionHamsalekha S2015-04-021-0/+1760
Change-Id: I7efe9a589cd24edf86e8d086b40c27cbbf8b4017
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-17 22:51:27 +0000