DO NOT MERGE | libvpx: Cherry-pick 0f42d1f from upstream

CYNGNOS-3303
Description from upstream:
vp8: fix decoder crash with invalid leading keyframes

decoding the same invalid keyframe twice would result in a crash as the
second time through the decoder would be assumed to have been
initialized as there was no resolution change. in this case the
resolution was itself invalid (0x6), but vp8_peek_si() was only failing
in the case of 0x0.
invalid-vp80-00-comprehensive-018.ivf.2kf_0x6.ivf tests this case by
duplicating the first keyframe and additionally adds a valid one to
ensure decoding can resume without error.

Bug: 30593765
Change-Id: I0de85f5a5eb5c0a5605230faf20c042b69aea507
(cherry picked from commit fc0466b695dce03e10390101844caa374848d903)
(cherry picked from commit 000486a89213cda93ad0137048114b7141042e68)

1 files changed, 6 insertions, 2 deletions

diff --git a/libvpx/vp8/vp8_dx_iface.c b/libvpx/vp8/vp8_dx_iface.c
index 72e4770..847cafb 100644
--- a/libvpx/vp8/vp8_dx_iface.c
+++ b/libvpx/vp8/vp8_dx_iface.c
@@ -198,8 +198,8 @@ static vpx_codec_err_t vp8_peek_si_internal(const uint8_t *data,
             si->h = (clear[8] | (clear[9] << 8)) & 0x3fff;
 
             /*printf("w=%d, h=%d\n", si->w, si->h);*/
-            if (!(si->h | si->w))
-                res = VPX_CODEC_UNSUP_BITSTREAM;
+            if (!(si->h && si->w))
+                res = VPX_CODEC_CORRUPT_FRAME;
         }
         else
         {
@@ -421,6 +421,10 @@ static vpx_codec_err_t vp8_decode(vpx_codec_alg_priv_t  *ctx,
                 if (setjmp(pbi->common.error.jmp))
                 {
                     pbi->common.error.setjmp = 0;
+                    /* on failure clear the cached resolution to ensure a full
+                     * reallocation is attempted on resync. */
+                    ctx->si.w = 0;
+                    ctx->si.h = 0;
                     vp8_clear_system_state();
                     /* same return value as used in vp8dx_receive_compressed_data */
                     return -1;