h264dec: make sure to only end a field if it has been started

Calling ff_h264_field_end() when the per-field state is not properly
initialized leads to all kinds of undefined behaviour.

CC: libav-stable@libav.org
Bug-Id: 977 978 992
pull/202/merge
Anton Khirnov 8 years ago
parent c2fa6bb0e8
commit 45286a625c
  1. 1
      libavcodec/h264_picture.c
  2. 4
      libavcodec/h264_slice.c
  3. 1
      libavcodec/h264dec.c
  4. 5
      libavcodec/h264dec.h

@ -194,6 +194,7 @@ int ff_h264_field_end(H264Context *h, H264SliceContext *sl, int in_setup)
emms_c(); emms_c();
h->current_slice = 0; h->current_slice = 0;
h->field_started = 0;
return err; return err;
} }

@ -1884,9 +1884,8 @@ int ff_h264_queue_decode_slice(H264Context *h, const H2645NAL *nal)
sl = h->slice_ctx; sl = h->slice_ctx;
} }
if (h->current_slice && h->cur_pic_ptr && FIELD_PICTURE(h)) { if (h->field_started)
ff_h264_field_end(h, sl, 1); ff_h264_field_end(h, sl, 1);
}
h->current_slice = 0; h->current_slice = 0;
if (!h->first_field) { if (!h->first_field) {
@ -1902,6 +1901,7 @@ int ff_h264_queue_decode_slice(H264Context *h, const H2645NAL *nal)
ret = h264_field_start(h, sl, nal); ret = h264_field_start(h, sl, nal);
if (ret < 0) if (ret < 0)
return ret; return ret;
h->field_started = 1;
} }
} }

@ -757,6 +757,7 @@ out:
if (!(avctx->flags2 & AV_CODEC_FLAG2_CHUNKS) || if (!(avctx->flags2 & AV_CODEC_FLAG2_CHUNKS) ||
(h->mb_y >= h->mb_height && h->mb_height)) { (h->mb_y >= h->mb_height && h->mb_height)) {
if (h->field_started)
ff_h264_field_end(h, &h->slice_ctx[0], 0); ff_h264_field_end(h, &h->slice_ctx[0], 0);
*got_frame = 0; *got_frame = 0;

@ -509,6 +509,11 @@ typedef struct H264Context {
* slices) anymore */ * slices) anymore */
int setup_finished; int setup_finished;
/* This is set to 1 if h264_field_start() has been called successfully,
* so all per-field state is properly initialized and we can decode
* the slice data */
int field_started;
AVFrame *output_frame; AVFrame *output_frame;
int enable_er; int enable_er;

Loading…
Cancel
Save