From 15292f7e9620caf9e8df26a62efc2a2891ea822e Mon Sep 17 00:00:00 2001 From: Fraunhofer IIS FDK Date: Fri, 8 Jun 2018 18:03:16 +0200 Subject: Prevent bit buffer counter overflow. While long-term test we discovered a bit counter overflow in the bit buffer. The bit buffer state was only used by HCR and RVLC tool and can easily be substituted with FDKgetValidBits() call. The following patch completely removes the bit counter and all its obsolete functions. Bug: 112662184 Test: atest DecoderTestXheAac ; atest DecoderTestAacDrc Change-Id: Icee0519d26a2aa62367d2dece59cd3d60ffcade7 --- libAACdec/src/aacdec_hcr.cpp | 82 ++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 41 deletions(-) (limited to 'libAACdec/src/aacdec_hcr.cpp') diff --git a/libAACdec/src/aacdec_hcr.cpp b/libAACdec/src/aacdec_hcr.cpp index 84e05b0..6114756 100644 --- a/libAACdec/src/aacdec_hcr.cpp +++ b/libAACdec/src/aacdec_hcr.cpp @@ -134,17 +134,18 @@ static void DeriveNumberOfExtendedSortedSectionsInSets( USHORT *pNumExtendedSortedSectionsInSets, int numExtendedSortedSectionsInSetsIdx); -static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, INT quantSpecCoef, - INT *pLeftStartOfSegment, +static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, + INT quantSpecCoef, INT *pLeftStartOfSegment, SCHAR *pRemainingBitsInSegment, int *pNumDecodedBits); -static int DecodePCW_Sign(HANDLE_FDK_BITSTREAM bs, UINT codebookDim, - const SCHAR *pQuantVal, FIXP_DBL *pQuantSpecCoef, - int *quantSpecCoefIdx, INT *pLeftStartOfSegment, +static int DecodePCW_Sign(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, + UINT codebookDim, const SCHAR *pQuantVal, + FIXP_DBL *pQuantSpecCoef, int *quantSpecCoefIdx, + INT *pLeftStartOfSegment, SCHAR *pRemainingBitsInSegment, int *pNumDecodedBits); -static const SCHAR *DecodePCW_Body(HANDLE_FDK_BITSTREAM bs, +static const SCHAR *DecodePCW_Body(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, const UINT *pCurrentTree, const SCHAR *pQuantValBase, INT *pLeftStartOfSegment, @@ -291,7 +292,7 @@ UINT HcrInit(H_HCR_INFO pHcr, CAacDecoderChannelInfo *pAacDecoderChannelInfo, SPEC_LONG(pAacDecoderChannelInfo->pSpectralCoefficient); FDKsyncCache(bs); - pHcr->decInOut.bitstreamIndex = FDKgetBitCnt(bs); + pHcr->decInOut.bitstreamAnchor = (INT)FDKgetValidBits(bs); if (!IsLongBlock(&pAacDecoderChannelInfo->icsInfo)) /* short block */ { @@ -436,7 +437,7 @@ UINT HcrDecoder(H_HCR_INFO pHcr, CAacDecoderChannelInfo *pAacDecoderChannelInfo, int pTmp5; INT bitCntOffst; - INT saveBitCnt = FDKgetBitCnt(bs); /* save bitstream position */ + INT saveBitCnt = (INT)FDKgetValidBits(bs); /* save bitstream position */ HcrCalcNumCodeword(pHcr); @@ -487,7 +488,7 @@ UINT HcrDecoder(H_HCR_INFO pHcr, CAacDecoderChannelInfo *pAacDecoderChannelInfo, pSamplingRateInfo); /* restore bitstream position */ - bitCntOffst = saveBitCnt - FDKgetBitCnt(bs); + bitCntOffst = (INT)FDKgetValidBits(bs) - saveBitCnt; if (bitCntOffst) { FDKpushBiDirectional(bs, bitCntOffst); } @@ -815,7 +816,6 @@ static void HcrPrepareSegmentationGrid(H_HCR_INFO pHcr) { INT *pLeftStartOfSegment = pHcr->segmentInfo.pLeftStartOfSegment; INT *pRightStartOfSegment = pHcr->segmentInfo.pRightStartOfSegment; SCHAR *pRemainingBitsInSegment = pHcr->segmentInfo.pRemainingBitsInSegment; - INT bitstreamIndex = pHcr->decInOut.bitstreamIndex; const UCHAR *pMaxCwLength = aMaxCwLen; for (i = numSortedSection; i != 0; i--) { @@ -825,7 +825,7 @@ static void HcrPrepareSegmentationGrid(H_HCR_INFO pHcr) { for (j = *pNumSortedCodewordInSection; j != 0; j--) { /* width allows a new segment */ - intermediateResult = bitstreamIndex + segmentStart; + intermediateResult = segmentStart; if ((segmentStart + segmentWidth) <= lengthOfReorderedSpectralData) { /* store segment start, segment length and increment the number of * segments */ @@ -841,12 +841,11 @@ static void HcrPrepareSegmentationGrid(H_HCR_INFO pHcr) { pLeftStartOfSegment--; pRightStartOfSegment--; pRemainingBitsInSegment--; - segmentStart = *pLeftStartOfSegment - bitstreamIndex; + segmentStart = *pLeftStartOfSegment; lastSegmentWidth = lengthOfReorderedSpectralData - segmentStart; *pRemainingBitsInSegment = lastSegmentWidth; - *pRightStartOfSegment = - bitstreamIndex + segmentStart + lastSegmentWidth - 1; + *pRightStartOfSegment = segmentStart + lastSegmentWidth - 1; endFlag = 1; break; } @@ -1071,9 +1070,9 @@ static void DecodePCWs(HANDLE_FDK_BITSTREAM bs, H_HCR_INFO pHcr) { numDecodedBits = 0; /* decode PCW_BODY */ - pQuantVal = - DecodePCW_Body(bs, pCurrentTree, pQuantValBase, pLeftStartOfSegment, - pRemainingBitsInSegment, &numDecodedBits); + pQuantVal = DecodePCW_Body( + bs, pHcr->decInOut.bitstreamAnchor, pCurrentTree, pQuantValBase, + pLeftStartOfSegment, pRemainingBitsInSegment, &numDecodedBits); /* result is written out here because NO sign bits follow the body */ for (i = dimension; i != 0; i--) { @@ -1115,14 +1114,14 @@ static void DecodePCWs(HANDLE_FDK_BITSTREAM bs, H_HCR_INFO pHcr) { int err; numDecodedBits = 0; - pQuantVal = - DecodePCW_Body(bs, pCurrentTree, pQuantValBase, pLeftStartOfSegment, - pRemainingBitsInSegment, &numDecodedBits); + pQuantVal = DecodePCW_Body( + bs, pHcr->decInOut.bitstreamAnchor, pCurrentTree, pQuantValBase, + pLeftStartOfSegment, pRemainingBitsInSegment, &numDecodedBits); err = DecodePCW_Sign( - bs, dimension, pQuantVal, pQuantizedSpectralCoefficients, - &quantizedSpectralCoefficientsIdx, pLeftStartOfSegment, - pRemainingBitsInSegment, &numDecodedBits); + bs, pHcr->decInOut.bitstreamAnchor, dimension, pQuantVal, + pQuantizedSpectralCoefficients, &quantizedSpectralCoefficientsIdx, + pLeftStartOfSegment, pRemainingBitsInSegment, &numDecodedBits); if (err != 0) { return; } @@ -1157,14 +1156,14 @@ static void DecodePCWs(HANDLE_FDK_BITSTREAM bs, H_HCR_INFO pHcr) { numDecodedBits = 0; /* decode PCW_BODY */ - pQuantVal = - DecodePCW_Body(bs, pCurrentTree, pQuantValBase, pLeftStartOfSegment, - pRemainingBitsInSegment, &numDecodedBits); + pQuantVal = DecodePCW_Body( + bs, pHcr->decInOut.bitstreamAnchor, pCurrentTree, pQuantValBase, + pLeftStartOfSegment, pRemainingBitsInSegment, &numDecodedBits); err = DecodePCW_Sign( - bs, dimension, pQuantVal, pQuantizedSpectralCoefficients, - &quantizedSpectralCoefficientsIdx, pLeftStartOfSegment, - pRemainingBitsInSegment, &numDecodedBits); + bs, pHcr->decInOut.bitstreamAnchor, dimension, pQuantVal, + pQuantizedSpectralCoefficients, &quantizedSpectralCoefficientsIdx, + pLeftStartOfSegment, pRemainingBitsInSegment, &numDecodedBits); if (err != 0) { return; } @@ -1177,7 +1176,7 @@ static void DecodePCWs(HANDLE_FDK_BITSTREAM bs, H_HCR_INFO pHcr) { (FIXP_DBL)ESCAPE_VALUE) { pQuantizedSpectralCoefficients[quantizedSpectralCoefficientsIdx] = (FIXP_DBL)DecodeEscapeSequence( - bs, + bs, pHcr->decInOut.bitstreamAnchor, pQuantizedSpectralCoefficients [quantizedSpectralCoefficientsIdx], pLeftStartOfSegment, pRemainingBitsInSegment, @@ -1193,7 +1192,7 @@ static void DecodePCWs(HANDLE_FDK_BITSTREAM bs, H_HCR_INFO pHcr) { (FIXP_DBL)ESCAPE_VALUE) { pQuantizedSpectralCoefficients[quantizedSpectralCoefficientsIdx] = (FIXP_DBL)DecodeEscapeSequence( - bs, + bs, pHcr->decInOut.bitstreamAnchor, pQuantizedSpectralCoefficients [quantizedSpectralCoefficientsIdx], pLeftStartOfSegment, pRemainingBitsInSegment, @@ -1331,7 +1330,7 @@ void CarryBitToBranchValue(UCHAR carryBit, UINT treeNode, UINT *branchValue, spectral coefficients -------------------------------------------------------------------------------------------- */ -static const SCHAR *DecodePCW_Body(HANDLE_FDK_BITSTREAM bs, +static const SCHAR *DecodePCW_Body(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, const UINT *pCurrentTree, const SCHAR *pQuantValBase, INT *pLeftStartOfSegment, @@ -1349,7 +1348,7 @@ static const SCHAR *DecodePCW_Body(HANDLE_FDK_BITSTREAM bs, /* decode whole PCW-codeword-body */ while (1) { - carryBit = HcrGetABitFromBitstream(bs, pLeftStartOfSegment, + carryBit = HcrGetABitFromBitstream(bs, bsAnchor, pLeftStartOfSegment, pLeftStartOfSegment, /* dummy */ FROM_LEFT_TO_RIGHT); *pRemainingBitsInSegment -= 1; @@ -1384,8 +1383,8 @@ value == 16, a escapeSequence is decoded in two steps: -------------------------------------------------------------------------------------------- */ -static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, INT quantSpecCoef, - INT *pLeftStartOfSegment, +static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, + INT quantSpecCoef, INT *pLeftStartOfSegment, SCHAR *pRemainingBitsInSegment, int *pNumDecodedBits) { UINT i; @@ -1396,7 +1395,7 @@ static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, INT quantSpecCoef, /* decode escape prefix */ while (1) { - carryBit = HcrGetABitFromBitstream(bs, pLeftStartOfSegment, + carryBit = HcrGetABitFromBitstream(bs, bsAnchor, pLeftStartOfSegment, pLeftStartOfSegment, /* dummy */ FROM_LEFT_TO_RIGHT); *pRemainingBitsInSegment -= 1; @@ -1412,7 +1411,7 @@ static INT DecodeEscapeSequence(HANDLE_FDK_BITSTREAM bs, INT quantSpecCoef, /* decode escape word */ for (i = escapeOnesCounter; i != 0; i--) { - carryBit = HcrGetABitFromBitstream(bs, pLeftStartOfSegment, + carryBit = HcrGetABitFromBitstream(bs, bsAnchor, pLeftStartOfSegment, pLeftStartOfSegment, /* dummy */ FROM_LEFT_TO_RIGHT); *pRemainingBitsInSegment -= 1; @@ -1441,9 +1440,10 @@ the last of eight function of HCR) line) -------------------------------------------------------------------------------------------- */ -static int DecodePCW_Sign(HANDLE_FDK_BITSTREAM bs, UINT codebookDim, - const SCHAR *pQuantVal, FIXP_DBL *pQuantSpecCoef, - int *quantSpecCoefIdx, INT *pLeftStartOfSegment, +static int DecodePCW_Sign(HANDLE_FDK_BITSTREAM bs, const INT bsAnchor, + UINT codebookDim, const SCHAR *pQuantVal, + FIXP_DBL *pQuantSpecCoef, int *quantSpecCoefIdx, + INT *pLeftStartOfSegment, SCHAR *pRemainingBitsInSegment, int *pNumDecodedBits) { UINT i; @@ -1453,7 +1453,7 @@ static int DecodePCW_Sign(HANDLE_FDK_BITSTREAM bs, UINT codebookDim, for (i = codebookDim; i != 0; i--) { quantSpecCoef = *pQuantVal++; if (quantSpecCoef != 0) { - carryBit = HcrGetABitFromBitstream(bs, pLeftStartOfSegment, + carryBit = HcrGetABitFromBitstream(bs, bsAnchor, pLeftStartOfSegment, pLeftStartOfSegment, /* dummy */ FROM_LEFT_TO_RIGHT); *pRemainingBitsInSegment -= 1; -- cgit v1.2.3