mirror of
https://github.com/FFmpeg/FFmpeg.git
synced 2025-01-13 21:28:01 +02:00
avcodec/x86/lossless_videoencdsp: Fix handling of small widths
Fixes out of array access Fixes: crash-huf.avi Regression since:6b41b44149This could also be fixed by adding checks in the C code that calls the dsp Found-by: Zhibin Hu and 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commitdf62b70de8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This commit is contained in:
Michael Niedermayer
parent
ab43bc50c0
commit
0a231e7dd3
@ -42,10 +42,11 @@ cglobal diff_bytes, 4,5,2, dst, src1, src2, w
|
|||||||
%define i t0q
|
%define i t0q
|
||||||
%endmacro
|
%endmacro
|
||||||
|
|
||||||
; label to jump to if w < regsize
|
; labels to jump to if w < regsize and w < 0
|
||||||
%macro DIFF_BYTES_LOOP_PREP 1
|
%macro DIFF_BYTES_LOOP_PREP 2
|
||||||
mov i, wq
|
mov i, wq
|
||||||
and i, -2 * regsize
|
and i, -2 * regsize
|
||||||
|
js %2
|
||||||
jz %1
|
jz %1
|
||||||
add dstq, i
|
add dstq, i
|
||||||
add src1q, i
|
add src1q, i
|
||||||
@ -87,7 +88,7 @@ cglobal diff_bytes, 4,5,2, dst, src1, src2, w
|
|||||||
%if mmsize > 16
|
%if mmsize > 16
|
||||||
; fall back to narrower xmm
|
; fall back to narrower xmm
|
||||||
%define regsize mmsize / 2
|
%define regsize mmsize / 2
|
||||||
DIFF_BYTES_LOOP_PREP .setup_loop_gpr_aa
|
DIFF_BYTES_LOOP_PREP .setup_loop_gpr_aa, .end_aa
|
||||||
.loop2_%1%2:
|
.loop2_%1%2:
|
||||||
DIFF_BYTES_LOOP_CORE %1, %2, xm0, xm1
|
DIFF_BYTES_LOOP_CORE %1, %2, xm0, xm1
|
||||||
add i, 2 * regsize
|
add i, 2 * regsize
|
||||||
@ -114,7 +115,7 @@ cglobal diff_bytes, 4,5,2, dst, src1, src2, w
|
|||||||
INIT_MMX mmx
|
INIT_MMX mmx
|
||||||
DIFF_BYTES_PROLOGUE
|
DIFF_BYTES_PROLOGUE
|
||||||
%define regsize mmsize
|
%define regsize mmsize
|
||||||
DIFF_BYTES_LOOP_PREP .skip_main_aa
|
DIFF_BYTES_LOOP_PREP .skip_main_aa, .end_aa
|
||||||
DIFF_BYTES_BODY a, a
|
DIFF_BYTES_BODY a, a
|
||||||
%undef i
|
%undef i
|
||||||
%endif
|
%endif
|
||||||
@ -122,7 +123,7 @@ DIFF_BYTES_PROLOGUE
|
|||||||
INIT_XMM sse2
|
INIT_XMM sse2
|
||||||
DIFF_BYTES_PROLOGUE
|
DIFF_BYTES_PROLOGUE
|
||||||
%define regsize mmsize
|
%define regsize mmsize
|
||||||
DIFF_BYTES_LOOP_PREP .skip_main_aa
|
DIFF_BYTES_LOOP_PREP .skip_main_aa, .end_aa
|
||||||
test dstq, regsize - 1
|
test dstq, regsize - 1
|
||||||
jnz .loop_uu
|
jnz .loop_uu
|
||||||
test src1q, regsize - 1
|
test src1q, regsize - 1
|
||||||
@ -138,7 +139,7 @@ DIFF_BYTES_PROLOGUE
|
|||||||
%define regsize mmsize
|
%define regsize mmsize
|
||||||
; Directly using unaligned SSE2 version is marginally faster than
|
; Directly using unaligned SSE2 version is marginally faster than
|
||||||
; branching based on arguments.
|
; branching based on arguments.
|
||||||
DIFF_BYTES_LOOP_PREP .skip_main_uu
|
DIFF_BYTES_LOOP_PREP .skip_main_uu, .end_uu
|
||||||
test dstq, regsize - 1
|
test dstq, regsize - 1
|
||||||
jnz .loop_uu
|
jnz .loop_uu
|
||||||
test src1q, regsize - 1
|
test src1q, regsize - 1
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user