1 /*
2 * 4XM codec
3 * Copyright (c) 2003 Michael Niedermayer
4 *
5 * This file is part of FFmpeg.
6 *
7 * FFmpeg is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * FFmpeg is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with FFmpeg; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 /**
23 * @file
24 * 4XM codec.
25 */
26
27 #include <inttypes.h>
28
29 #include "libavutil/avassert.h"
30 #include "libavutil/frame.h"
31 #include "libavutil/imgutils.h"
32 #include "libavutil/intreadwrite.h"
33 #include "libavutil/mem_internal.h"
34 #include "avcodec.h"
35 #include "blockdsp.h"
36 #include "bswapdsp.h"
37 #include "bytestream.h"
38 #include "get_bits.h"
39 #include "internal.h"
40
41
42 #define BLOCK_TYPE_VLC_BITS 5
43 #define ACDC_VLC_BITS 9
44
45 #define CFRAME_BUFFER_COUNT 100
46
47 static const uint8_t block_type_tab[2][4][8][2] = {
48 {
49 { // { 8, 4, 2 } x { 8, 4, 2}
50 { 0, 1 }, { 2, 2 }, { 6, 3 }, { 14, 4 }, { 30, 5 }, { 31, 5 }, { 0, 0 }
51 }, { // { 8, 4 } x 1
52 { 0, 1 }, { 0, 0 }, { 2, 2 }, { 6, 3 }, { 14, 4 }, { 15, 4 }, { 0, 0 }
53 }, { // 1 x { 8, 4 }
54 { 0, 1 }, { 2, 2 }, { 0, 0 }, { 6, 3 }, { 14, 4 }, { 15, 4 }, { 0, 0 }
55 }, { // 1 x 2, 2 x 1
56 { 0, 1 }, { 0, 0 }, { 0, 0 }, { 2, 2 }, { 6, 3 }, { 14, 4 }, { 15, 4 }
57 }
58 }, {
59 { // { 8, 4, 2 } x { 8, 4, 2}
60 { 1, 2 }, { 4, 3 }, { 5, 3 }, { 0, 2 }, { 6, 3 }, { 7, 3 }, { 0, 0 }
61 }, {// { 8, 4 } x 1
62 { 1, 2 }, { 0, 0 }, { 2, 2 }, { 0, 2 }, { 6, 3 }, { 7, 3 }, { 0, 0 }
63 }, {// 1 x { 8, 4 }
64 { 1, 2 }, { 2, 2 }, { 0, 0 }, { 0, 2 }, { 6, 3 }, { 7, 3 }, { 0, 0 }
65 }, {// 1 x 2, 2 x 1
66 { 1, 2 }, { 0, 0 }, { 0, 0 }, { 0, 2 }, { 2, 2 }, { 6, 3 }, { 7, 3 }
67 }
68 }
69 };
70
71 static const uint8_t size2index[4][4] = {
72 { -1, 3, 1, 1 },
73 { 3, 0, 0, 0 },
74 { 2, 0, 0, 0 },
75 { 2, 0, 0, 0 },
76 };
77
78 static const int8_t mv[256][2] = {
79 { 0, 0 }, { 0, -1 }, { -1, 0 }, { 1, 0 }, { 0, 1 }, { -1, -1 }, { 1, -1 }, { -1, 1 },
80 { 1, 1 }, { 0, -2 }, { -2, 0 }, { 2, 0 }, { 0, 2 }, { -1, -2 }, { 1, -2 }, { -2, -1 },
81 { 2, -1 }, { -2, 1 }, { 2, 1 }, { -1, 2 }, { 1, 2 }, { -2, -2 }, { 2, -2 }, { -2, 2 },
82 { 2, 2 }, { 0, -3 }, { -3, 0 }, { 3, 0 }, { 0, 3 }, { -1, -3 }, { 1, -3 }, { -3, -1 },
83 { 3, -1 }, { -3, 1 }, { 3, 1 }, { -1, 3 }, { 1, 3 }, { -2, -3 }, { 2, -3 }, { -3, -2 },
84 { 3, -2 }, { -3, 2 }, { 3, 2 }, { -2, 3 }, { 2, 3 }, { 0, -4 }, { -4, 0 }, { 4, 0 },
85 { 0, 4 }, { -1, -4 }, { 1, -4 }, { -4, -1 }, { 4, -1 }, { 4, 1 }, { -1, 4 }, { 1, 4 },
86 { -3, -3 }, { -3, 3 }, { 3, 3 }, { -2, -4 }, { -4, -2 }, { 4, -2 }, { -4, 2 }, { -2, 4 },
87 { 2, 4 }, { -3, -4 }, { 3, -4 }, { 4, -3 }, { -5, 0 }, { -4, 3 }, { -3, 4 }, { 3, 4 },
88 { -1, -5 }, { -5, -1 }, { -5, 1 }, { -1, 5 }, { -2, -5 }, { 2, -5 }, { 5, -2 }, { 5, 2 },
89 { -4, -4 }, { -4, 4 }, { -3, -5 }, { -5, -3 }, { -5, 3 }, { 3, 5 }, { -6, 0 }, { 0, 6 },
90 { -6, -1 }, { -6, 1 }, { 1, 6 }, { 2, -6 }, { -6, 2 }, { 2, 6 }, { -5, -4 }, { 5, 4 },
91 { 4, 5 }, { -6, -3 }, { 6, 3 }, { -7, 0 }, { -1, -7 }, { 5, -5 }, { -7, 1 }, { -1, 7 },
92 { 4, -6 }, { 6, 4 }, { -2, -7 }, { -7, 2 }, { -3, -7 }, { 7, -3 }, { 3, 7 }, { 6, -5 },
93 { 0, -8 }, { -1, -8 }, { -7, -4 }, { -8, 1 }, { 4, 7 }, { 2, -8 }, { -2, 8 }, { 6, 6 },
94 { -8, 3 }, { 5, -7 }, { -5, 7 }, { 8, -4 }, { 0, -9 }, { -9, -1 }, { 1, 9 }, { 7, -6 },
95 { -7, 6 }, { -5, -8 }, { -5, 8 }, { -9, 3 }, { 9, -4 }, { 7, -7 }, { 8, -6 }, { 6, 8 },
96 { 10, 1 }, { -10, 2 }, { 9, -5 }, { 10, -3 }, { -8, -7 }, { -10, -4 }, { 6, -9 }, { -11, 0 },
97 { 11, 1 }, { -11, -2 }, { -2, 11 }, { 7, -9 }, { -7, 9 }, { 10, 6 }, { -4, 11 }, { 8, -9 },
98 { 8, 9 }, { 5, 11 }, { 7, -10 }, { 12, -3 }, { 11, 6 }, { -9, -9 }, { 8, 10 }, { 5, 12 },
99 { -11, 7 }, { 13, 2 }, { 6, -12 }, { 10, 9 }, { -11, 8 }, { -7, 12 }, { 0, 14 }, { 14, -2 },
100 { -9, 11 }, { -6, 13 }, { -14, -4 }, { -5, -14 }, { 5, 14 }, { -15, -1 }, { -14, -6 }, { 3, -15 },
101 { 11, -11 }, { -7, 14 }, { -5, 15 }, { 8, -14 }, { 15, 6 }, { 3, 16 }, { 7, -15 }, { -16, 5 },
102 { 0, 17 }, { -16, -6 }, { -10, 14 }, { -16, 7 }, { 12, 13 }, { -16, 8 }, { -17, 6 }, { -18, 3 },
103 { -7, 17 }, { 15, 11 }, { 16, 10 }, { 2, -19 }, { 3, -19 }, { -11, -16 }, { -18, 8 }, { -19, -6 },
104 { 2, -20 }, { -17, -11 }, { -10, -18 }, { 8, 19 }, { -21, -1 }, { -20, 7 }, { -4, 21 }, { 21, 5 },
105 { 15, 16 }, { 2, -22 }, { -10, -20 }, { -22, 5 }, { 20, -11 }, { -7, -22 }, { -12, 20 }, { 23, -5 },
106 { 13, -20 }, { 24, -2 }, { -15, 19 }, { -11, 22 }, { 16, 19 }, { 23, -10 }, { -18, -18 }, { -9, -24 },
107 { 24, -10 }, { -3, 26 }, { -23, 13 }, { -18, -20 }, { 17, 21 }, { -4, 27 }, { 27, 6 }, { 1, -28 },
108 { -11, 26 }, { -17, -23 }, { 7, 28 }, { 11, -27 }, { 29, 5 }, { -23, -19 }, { -28, -11 }, { -21, 22 },
109 { -30, 7 }, { -17, 26 }, { -27, 16 }, { 13, 29 }, { 19, -26 }, { 10, -31 }, { -14, -30 }, { 20, -27 },
110 { -29, 18 }, { -16, -31 }, { -28, -22 }, { 21, -30 }, { -25, 28 }, { 26, -29 }, { 25, -32 }, { -32, -32 }
111 };
112
113 /* This is simply the scaled down elementwise product of the standard JPEG
114 * quantizer table and the AAN premul table. */
115 static const uint8_t dequant_table[64] = {
116 16, 15, 13, 19, 24, 31, 28, 17,
117 17, 23, 25, 31, 36, 63, 45, 21,
118 18, 24, 27, 37, 52, 59, 49, 20,
119 16, 28, 34, 40, 60, 80, 51, 20,
120 18, 31, 48, 66, 68, 86, 56, 21,
121 19, 38, 56, 59, 64, 64, 48, 20,
122 27, 48, 55, 55, 56, 51, 35, 15,
123 20, 35, 34, 32, 31, 22, 15, 8,
124 };
125
126 static VLC block_type_vlc[2][4];
127
128
129 typedef struct CFrameBuffer {
130 unsigned int allocated_size;
131 unsigned int size;
132 int id;
133 uint8_t *data;
134 } CFrameBuffer;
135
136 typedef struct FourXContext {
137 AVCodecContext *avctx;
138 BlockDSPContext bdsp;
139 BswapDSPContext bbdsp;
140 uint16_t *frame_buffer;
141 uint16_t *last_frame_buffer;
142 GetBitContext pre_gb; ///< ac/dc prefix
143 GetBitContext gb;
144 GetByteContext g;
145 GetByteContext g2;
146 int mv[256];
147 VLC pre_vlc;
148 int last_dc;
149 DECLARE_ALIGNED(32, int16_t, block)[6][64];
150 void *bitstream_buffer;
151 unsigned int bitstream_buffer_size;
152 int version;
153 CFrameBuffer cfrm[CFRAME_BUFFER_COUNT];
154 } FourXContext;
155
156
157 #define FIX_1_082392200 70936
158 #define FIX_1_414213562 92682
159 #define FIX_1_847759065 121095
160 #define FIX_2_613125930 171254
161
162 #define MULTIPLY(var, const) ((int)((var) * (unsigned)(const)) >> 16)
163
idct(int16_t block[64])164 static void idct(int16_t block[64])
165 {
166 int tmp0, tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7;
167 int tmp10, tmp11, tmp12, tmp13;
168 int z5, z10, z11, z12, z13;
169 int i;
170 int temp[64];
171
172 for (i = 0; i < 8; i++) {
173 tmp10 = block[8 * 0 + i] + block[8 * 4 + i];
174 tmp11 = block[8 * 0 + i] - block[8 * 4 + i];
175
176 tmp13 = block[8 * 2 + i] + block[8 * 6 + i];
177 tmp12 = MULTIPLY(block[8 * 2 + i] - block[8 * 6 + i], FIX_1_414213562) - tmp13;
178
179 tmp0 = tmp10 + tmp13;
180 tmp3 = tmp10 - tmp13;
181 tmp1 = tmp11 + tmp12;
182 tmp2 = tmp11 - tmp12;
183
184 z13 = block[8 * 5 + i] + block[8 * 3 + i];
185 z10 = block[8 * 5 + i] - block[8 * 3 + i];
186 z11 = block[8 * 1 + i] + block[8 * 7 + i];
187 z12 = block[8 * 1 + i] - block[8 * 7 + i];
188
189 tmp7 = z11 + z13;
190 tmp11 = MULTIPLY(z11 - z13, FIX_1_414213562);
191
192 z5 = MULTIPLY(z10 + z12, FIX_1_847759065);
193 tmp10 = MULTIPLY(z12, FIX_1_082392200) - z5;
194 tmp12 = MULTIPLY(z10, -FIX_2_613125930) + z5;
195
196 tmp6 = tmp12 - tmp7;
197 tmp5 = tmp11 - tmp6;
198 tmp4 = tmp10 + tmp5;
199
200 temp[8 * 0 + i] = tmp0 + tmp7;
201 temp[8 * 7 + i] = tmp0 - tmp7;
202 temp[8 * 1 + i] = tmp1 + tmp6;
203 temp[8 * 6 + i] = tmp1 - tmp6;
204 temp[8 * 2 + i] = tmp2 + tmp5;
205 temp[8 * 5 + i] = tmp2 - tmp5;
206 temp[8 * 4 + i] = tmp3 + tmp4;
207 temp[8 * 3 + i] = tmp3 - tmp4;
208 }
209
210 for (i = 0; i < 8 * 8; i += 8) {
211 tmp10 = temp[0 + i] + temp[4 + i];
212 tmp11 = temp[0 + i] - temp[4 + i];
213
214 tmp13 = temp[2 + i] + temp[6 + i];
215 tmp12 = MULTIPLY(temp[2 + i] - temp[6 + i], FIX_1_414213562) - tmp13;
216
217 tmp0 = tmp10 + tmp13;
218 tmp3 = tmp10 - tmp13;
219 tmp1 = tmp11 + tmp12;
220 tmp2 = tmp11 - tmp12;
221
222 z13 = temp[5 + i] + temp[3 + i];
223 z10 = temp[5 + i] - temp[3 + i];
224 z11 = temp[1 + i] + temp[7 + i];
225 z12 = temp[1 + i] - temp[7 + i];
226
227 tmp7 = z11 + z13;
228 tmp11 = MULTIPLY(z11 - z13, FIX_1_414213562);
229
230 z5 = MULTIPLY(z10 + z12, FIX_1_847759065);
231 tmp10 = MULTIPLY(z12, FIX_1_082392200) - z5;
232 tmp12 = MULTIPLY(z10, -FIX_2_613125930) + z5;
233
234 tmp6 = tmp12 - tmp7;
235 tmp5 = tmp11 - tmp6;
236 tmp4 = tmp10 + tmp5;
237
238 block[0 + i] = (tmp0 + tmp7) >> 6;
239 block[7 + i] = (tmp0 - tmp7) >> 6;
240 block[1 + i] = (tmp1 + tmp6) >> 6;
241 block[6 + i] = (tmp1 - tmp6) >> 6;
242 block[2 + i] = (tmp2 + tmp5) >> 6;
243 block[5 + i] = (tmp2 - tmp5) >> 6;
244 block[4 + i] = (tmp3 + tmp4) >> 6;
245 block[3 + i] = (tmp3 - tmp4) >> 6;
246 }
247 }
248
init_vlcs(FourXContext * f)249 static av_cold void init_vlcs(FourXContext *f)
250 {
251 static VLC_TYPE table[2][4][32][2];
252 int i, j;
253
254 for (i = 0; i < 2; i++) {
255 for (j = 0; j < 4; j++) {
256 block_type_vlc[i][j].table = table[i][j];
257 block_type_vlc[i][j].table_allocated = 32;
258 init_vlc(&block_type_vlc[i][j], BLOCK_TYPE_VLC_BITS, 7,
259 &block_type_tab[i][j][0][1], 2, 1,
260 &block_type_tab[i][j][0][0], 2, 1,
261 INIT_VLC_USE_NEW_STATIC);
262 }
263 }
264 }
265
init_mv(FourXContext * f,int linesize)266 static void init_mv(FourXContext *f, int linesize)
267 {
268 int i;
269
270 for (i = 0; i < 256; i++) {
271 if (f->version > 1)
272 f->mv[i] = mv[i][0] + mv[i][1] * linesize / 2;
273 else
274 f->mv[i] = (i & 15) - 8 + ((i >> 4) - 8) * linesize / 2;
275 }
276 }
277
278 #if HAVE_BIGENDIAN
279 #define LE_CENTRIC_MUL(dst, src, scale, dc) \
280 { \
281 unsigned tmpval = AV_RN32(src); \
282 tmpval = (tmpval << 16) | (tmpval >> 16); \
283 tmpval = tmpval * (scale) + (dc); \
284 tmpval = (tmpval << 16) | (tmpval >> 16); \
285 AV_WN32A(dst, tmpval); \
286 }
287 #else
288 #define LE_CENTRIC_MUL(dst, src, scale, dc) \
289 { \
290 unsigned tmpval = AV_RN32(src) * (scale) + (dc); \
291 AV_WN32A(dst, tmpval); \
292 }
293 #endif
294
mcdc(uint16_t * dst,const uint16_t * src,int log2w,int h,int stride,int scale,unsigned dc)295 static inline void mcdc(uint16_t *dst, const uint16_t *src, int log2w,
296 int h, int stride, int scale, unsigned dc)
297 {
298 int i;
299 dc *= 0x10001;
300
301 switch (log2w) {
302 case 0:
303 for (i = 0; i < h; i++) {
304 dst[0] = scale * src[0] + dc;
305 if (scale)
306 src += stride;
307 dst += stride;
308 }
309 break;
310 case 1:
311 for (i = 0; i < h; i++) {
312 LE_CENTRIC_MUL(dst, src, scale, dc);
313 if (scale)
314 src += stride;
315 dst += stride;
316 }
317 break;
318 case 2:
319 for (i = 0; i < h; i++) {
320 LE_CENTRIC_MUL(dst, src, scale, dc);
321 LE_CENTRIC_MUL(dst + 2, src + 2, scale, dc);
322 if (scale)
323 src += stride;
324 dst += stride;
325 }
326 break;
327 case 3:
328 for (i = 0; i < h; i++) {
329 LE_CENTRIC_MUL(dst, src, scale, dc);
330 LE_CENTRIC_MUL(dst + 2, src + 2, scale, dc);
331 LE_CENTRIC_MUL(dst + 4, src + 4, scale, dc);
332 LE_CENTRIC_MUL(dst + 6, src + 6, scale, dc);
333 if (scale)
334 src += stride;
335 dst += stride;
336 }
337 break;
338 default:
339 av_assert0(0);
340 }
341 }
342
decode_p_block(FourXContext * f,uint16_t * dst,const uint16_t * src,int log2w,int log2h,int stride)343 static int decode_p_block(FourXContext *f, uint16_t *dst, const uint16_t *src,
344 int log2w, int log2h, int stride)
345 {
346 int index, h, code, ret, scale = 1;
347 uint16_t *start, *end;
348 unsigned dc = 0;
349
350 av_assert0(log2w >= 0 && log2h >= 0);
351
352 index = size2index[log2h][log2w];
353 av_assert0(index >= 0);
354
355 if (get_bits_left(&f->gb) < 1)
356 return AVERROR_INVALIDDATA;
357 h = 1 << log2h;
358 code = get_vlc2(&f->gb, block_type_vlc[1 - (f->version > 1)][index].table,
359 BLOCK_TYPE_VLC_BITS, 1);
360 av_assert0(code >= 0 && code <= 6);
361
362 start = f->last_frame_buffer;
363 end = start + stride * (f->avctx->height - h + 1) - (1 << log2w);
364
365 if (code == 1) {
366 log2h--;
367 if ((ret = decode_p_block(f, dst, src, log2w, log2h, stride)) < 0)
368 return ret;
369 return decode_p_block(f, dst + (stride << log2h),
370 src + (stride << log2h),
371 log2w, log2h, stride);
372 } else if (code == 2) {
373 log2w--;
374 if ((ret = decode_p_block(f, dst , src, log2w, log2h, stride)) < 0)
375 return ret;
376 return decode_p_block(f, dst + (1 << log2w),
377 src + (1 << log2w),
378 log2w, log2h, stride);
379 } else if (code == 6) {
380 if (bytestream2_get_bytes_left(&f->g2) < 4) {
381 av_log(f->avctx, AV_LOG_ERROR, "wordstream overread\n");
382 return AVERROR_INVALIDDATA;
383 }
384 if (log2w) {
385 dst[0] = bytestream2_get_le16u(&f->g2);
386 dst[1] = bytestream2_get_le16u(&f->g2);
387 } else {
388 dst[0] = bytestream2_get_le16u(&f->g2);
389 dst[stride] = bytestream2_get_le16u(&f->g2);
390 }
391 return 0;
392 }
393
394 if ((code&3)==0 && bytestream2_get_bytes_left(&f->g) < 1) {
395 av_log(f->avctx, AV_LOG_ERROR, "bytestream overread\n");
396 return AVERROR_INVALIDDATA;
397 }
398
399 if (code == 0) {
400 src += f->mv[bytestream2_get_byte(&f->g)];
401 } else if (code == 3 && f->version >= 2) {
402 return 0;
403 } else if (code == 4) {
404 src += f->mv[bytestream2_get_byte(&f->g)];
405 if (bytestream2_get_bytes_left(&f->g2) < 2){
406 av_log(f->avctx, AV_LOG_ERROR, "wordstream overread\n");
407 return AVERROR_INVALIDDATA;
408 }
409 dc = bytestream2_get_le16(&f->g2);
410 } else if (code == 5) {
411 if (bytestream2_get_bytes_left(&f->g2) < 2){
412 av_log(f->avctx, AV_LOG_ERROR, "wordstream overread\n");
413 return AVERROR_INVALIDDATA;
414 }
415 av_assert0(start <= src && src <= end);
416 scale = 0;
417 dc = bytestream2_get_le16(&f->g2);
418 }
419
420 if (start > src || src > end) {
421 av_log(f->avctx, AV_LOG_ERROR, "mv out of pic\n");
422 return AVERROR_INVALIDDATA;
423 }
424
425 mcdc(dst, src, log2w, h, stride, scale, dc);
426
427 return 0;
428 }
429
decode_p_frame(FourXContext * f,const uint8_t * buf,int length)430 static int decode_p_frame(FourXContext *f, const uint8_t *buf, int length)
431 {
432 int x, y;
433 const int width = f->avctx->width;
434 const int height = f->avctx->height;
435 uint16_t *dst = f->frame_buffer;
436 uint16_t *src;
437 unsigned int bitstream_size, bytestream_size, wordstream_size, extra,
438 bytestream_offset, wordstream_offset;
439 int ret;
440
441 src = f->last_frame_buffer;
442
443 if (f->version > 1) {
444 extra = 20;
445 if (length < extra)
446 return AVERROR_INVALIDDATA;
447 bitstream_size = AV_RL32(buf + 8);
448 wordstream_size = AV_RL32(buf + 12);
449 bytestream_size = AV_RL32(buf + 16);
450 } else {
451 extra = 0;
452 bitstream_size = AV_RL16(buf - 4);
453 wordstream_size = AV_RL16(buf - 2);
454 bytestream_size = FFMAX(length - bitstream_size - wordstream_size, 0);
455 }
456
457 if (bitstream_size > length || bitstream_size >= INT_MAX/8 ||
458 bytestream_size > length - bitstream_size ||
459 wordstream_size > length - bytestream_size - bitstream_size ||
460 extra > length - bytestream_size - bitstream_size - wordstream_size) {
461 av_log(f->avctx, AV_LOG_ERROR, "lengths %d %d %d %d\n", bitstream_size, bytestream_size, wordstream_size,
462 bitstream_size+ bytestream_size+ wordstream_size - length);
463 return AVERROR_INVALIDDATA;
464 }
465
466 av_fast_padded_malloc(&f->bitstream_buffer, &f->bitstream_buffer_size,
467 bitstream_size);
468 if (!f->bitstream_buffer)
469 return AVERROR(ENOMEM);
470 f->bbdsp.bswap_buf(f->bitstream_buffer, (const uint32_t *) (buf + extra),
471 bitstream_size / 4);
472 init_get_bits(&f->gb, f->bitstream_buffer, 8 * bitstream_size);
473
474 wordstream_offset = extra + bitstream_size;
475 bytestream_offset = extra + bitstream_size + wordstream_size;
476 bytestream2_init(&f->g2, buf + wordstream_offset,
477 length - wordstream_offset);
478 bytestream2_init(&f->g, buf + bytestream_offset,
479 length - bytestream_offset);
480
481 init_mv(f, width * 2);
482
483 for (y = 0; y < height; y += 8) {
484 for (x = 0; x < width; x += 8)
485 if ((ret = decode_p_block(f, dst + x, src + x, 3, 3, width)) < 0)
486 return ret;
487 src += 8 * width;
488 dst += 8 * width;
489 }
490
491 return 0;
492 }
493
494 /**
495 * decode block and dequantize.
496 * Note this is almost identical to MJPEG.
497 */
decode_i_block(FourXContext * f,int16_t * block)498 static int decode_i_block(FourXContext *f, int16_t *block)
499 {
500 int code, i, j, level, val;
501
502 if (get_bits_left(&f->pre_gb) < 2) {
503 av_log(f->avctx, AV_LOG_ERROR, "%d bits left before decode_i_block()\n", get_bits_left(&f->pre_gb));
504 return AVERROR_INVALIDDATA;
505 }
506
507 /* DC coef */
508 val = get_vlc2(&f->pre_gb, f->pre_vlc.table, ACDC_VLC_BITS, 3);
509 if (val >> 4) {
510 av_log(f->avctx, AV_LOG_ERROR, "error dc run != 0\n");
511 return AVERROR_INVALIDDATA;
512 }
513
514 if (val)
515 val = get_xbits(&f->gb, val);
516
517 val = val * dequant_table[0] + f->last_dc;
518 f->last_dc = block[0] = val;
519 /* AC coefs */
520 i = 1;
521 for (;;) {
522 code = get_vlc2(&f->pre_gb, f->pre_vlc.table, ACDC_VLC_BITS, 3);
523
524 /* EOB */
525 if (code == 0)
526 break;
527 if (code == 0xf0) {
528 i += 16;
529 if (i >= 64) {
530 av_log(f->avctx, AV_LOG_ERROR, "run %d overflow\n", i);
531 return 0;
532 }
533 } else {
534 if (code & 0xf) {
535 level = get_xbits(&f->gb, code & 0xf);
536 } else {
537 av_log(f->avctx, AV_LOG_ERROR, "0 coeff\n");
538 return AVERROR_INVALIDDATA;
539 }
540 i += code >> 4;
541 if (i >= 64) {
542 av_log(f->avctx, AV_LOG_ERROR, "run %d overflow\n", i);
543 return 0;
544 }
545
546 j = ff_zigzag_direct[i];
547 block[j] = level * dequant_table[j];
548 i++;
549 if (i >= 64)
550 break;
551 }
552 }
553
554 return 0;
555 }
556
idct_put(FourXContext * f,int x,int y)557 static inline void idct_put(FourXContext *f, int x, int y)
558 {
559 int16_t (*block)[64] = f->block;
560 int stride = f->avctx->width;
561 int i;
562 uint16_t *dst = f->frame_buffer + y * stride + x;
563
564 for (i = 0; i < 4; i++) {
565 block[i][0] += 0x80 * 8 * 8;
566 idct(block[i]);
567 }
568
569 if (!(f->avctx->flags & AV_CODEC_FLAG_GRAY)) {
570 for (i = 4; i < 6; i++)
571 idct(block[i]);
572 }
573
574 /* Note transform is:
575 * y = ( 1b + 4g + 2r) / 14
576 * cb = ( 3b - 2g - 1r) / 14
577 * cr = (-1b - 4g + 5r) / 14 */
578 for (y = 0; y < 8; y++) {
579 for (x = 0; x < 8; x++) {
580 int16_t *temp = block[(x >> 2) + 2 * (y >> 2)] +
581 2 * (x & 3) + 2 * 8 * (y & 3); // FIXME optimize
582 int cb = block[4][x + 8 * y];
583 int cr = block[5][x + 8 * y];
584 int cg = (cb + cr) >> 1;
585 int y;
586
587 cb += cb;
588
589 y = temp[0];
590 dst[0] = ((y + cb) >> 3) + (((y - cg) & 0xFC) << 3) + (((y + cr) & 0xF8) << 8);
591 y = temp[1];
592 dst[1] = ((y + cb) >> 3) + (((y - cg) & 0xFC) << 3) + (((y + cr) & 0xF8) << 8);
593 y = temp[8];
594 dst[stride] = ((y + cb) >> 3) + (((y - cg) & 0xFC) << 3) + (((y + cr) & 0xF8) << 8);
595 y = temp[9];
596 dst[1 + stride] = ((y + cb) >> 3) + (((y - cg) & 0xFC) << 3) + (((y + cr) & 0xF8) << 8);
597 dst += 2;
598 }
599 dst += 2 * stride - 2 * 8;
600 }
601 }
602
decode_i_mb(FourXContext * f)603 static int decode_i_mb(FourXContext *f)
604 {
605 int ret;
606 int i;
607
608 f->bdsp.clear_blocks(f->block[0]);
609
610 for (i = 0; i < 6; i++)
611 if ((ret = decode_i_block(f, f->block[i])) < 0)
612 return ret;
613
614 return 0;
615 }
616
read_huffman_tables(FourXContext * f,const uint8_t * const buf,int buf_size)617 static const uint8_t *read_huffman_tables(FourXContext *f,
618 const uint8_t * const buf,
619 int buf_size)
620 {
621 int frequency[512] = { 0 };
622 uint8_t flag[512];
623 int up[512];
624 uint8_t len_tab[257];
625 int bits_tab[257];
626 int start, end;
627 const uint8_t *ptr = buf;
628 const uint8_t *ptr_end = buf + buf_size;
629 int j;
630
631 memset(up, -1, sizeof(up));
632
633 start = *ptr++;
634 end = *ptr++;
635 for (;;) {
636 int i;
637
638 if (ptr_end - ptr < FFMAX(end - start + 1, 0) + 1) {
639 av_log(f->avctx, AV_LOG_ERROR, "invalid data in read_huffman_tables\n");
640 return NULL;
641 }
642
643 for (i = start; i <= end; i++)
644 frequency[i] = *ptr++;
645 start = *ptr++;
646 if (start == 0)
647 break;
648
649 end = *ptr++;
650 }
651 frequency[256] = 1;
652
653 while ((ptr - buf) & 3)
654 ptr++; // 4byte align
655
656 if (ptr > ptr_end) {
657 av_log(f->avctx, AV_LOG_ERROR, "ptr overflow in read_huffman_tables\n");
658 return NULL;
659 }
660
661 for (j = 257; j < 512; j++) {
662 int min_freq[2] = { 256 * 256, 256 * 256 };
663 int smallest[2] = { 0, 0 };
664 int i;
665 for (i = 0; i < j; i++) {
666 if (frequency[i] == 0)
667 continue;
668 if (frequency[i] < min_freq[1]) {
669 if (frequency[i] < min_freq[0]) {
670 min_freq[1] = min_freq[0];
671 smallest[1] = smallest[0];
672 min_freq[0] = frequency[i];
673 smallest[0] = i;
674 } else {
675 min_freq[1] = frequency[i];
676 smallest[1] = i;
677 }
678 }
679 }
680 if (min_freq[1] == 256 * 256)
681 break;
682
683 frequency[j] = min_freq[0] + min_freq[1];
684 flag[smallest[0]] = 0;
685 flag[smallest[1]] = 1;
686 up[smallest[0]] =
687 up[smallest[1]] = j;
688 frequency[smallest[0]] = frequency[smallest[1]] = 0;
689 }
690
691 for (j = 0; j < 257; j++) {
692 int node, len = 0, bits = 0;
693
694 for (node = j; up[node] != -1; node = up[node]) {
695 bits += flag[node] << len;
696 len++;
697 if (len > 31)
698 // can this happen at all ?
699 av_log(f->avctx, AV_LOG_ERROR,
700 "vlc length overflow\n");
701 }
702
703 bits_tab[j] = bits;
704 len_tab[j] = len;
705 }
706
707 ff_free_vlc(&f->pre_vlc);
708 if (init_vlc(&f->pre_vlc, ACDC_VLC_BITS, 257, len_tab, 1, 1,
709 bits_tab, 4, 4, 0))
710 return NULL;
711
712 return ptr;
713 }
714
mix(int c0,int c1)715 static int mix(int c0, int c1)
716 {
717 int blue = 2 * (c0 & 0x001F) + (c1 & 0x001F);
718 int green = (2 * (c0 & 0x03E0) + (c1 & 0x03E0)) >> 5;
719 int red = 2 * (c0 >> 10) + (c1 >> 10);
720 return red / 3 * 1024 + green / 3 * 32 + blue / 3;
721 }
722
decode_i2_frame(FourXContext * f,const uint8_t * buf,int length)723 static int decode_i2_frame(FourXContext *f, const uint8_t *buf, int length)
724 {
725 int x, y, x2, y2;
726 const int width = f->avctx->width;
727 const int height = f->avctx->height;
728 const int mbs = (FFALIGN(width, 16) >> 4) * (FFALIGN(height, 16) >> 4);
729 uint16_t *dst = f->frame_buffer;
730 const uint8_t *buf_end = buf + length;
731 GetByteContext g3;
732
733 if (length < mbs * 8) {
734 av_log(f->avctx, AV_LOG_ERROR, "packet size too small\n");
735 return AVERROR_INVALIDDATA;
736 }
737 bytestream2_init(&g3, buf, length);
738
739 for (y = 0; y < height; y += 16) {
740 for (x = 0; x < width; x += 16) {
741 unsigned int color[4] = { 0 }, bits;
742 if (buf_end - buf < 8)
743 return AVERROR_INVALIDDATA;
744 // warning following is purely guessed ...
745 color[0] = bytestream2_get_le16u(&g3);
746 color[1] = bytestream2_get_le16u(&g3);
747
748 if (color[0] & 0x8000)
749 av_log(f->avctx, AV_LOG_ERROR, "unk bit 1\n");
750 if (color[1] & 0x8000)
751 av_log(f->avctx, AV_LOG_ERROR, "unk bit 2\n");
752
753 color[2] = mix(color[0], color[1]);
754 color[3] = mix(color[1], color[0]);
755
756 bits = bytestream2_get_le32u(&g3);
757 for (y2 = 0; y2 < 16; y2++) {
758 for (x2 = 0; x2 < 16; x2++) {
759 int index = 2 * (x2 >> 2) + 8 * (y2 >> 2);
760 dst[y2 * width + x2] = color[(bits >> index) & 3];
761 }
762 }
763 dst += 16;
764 }
765 dst += 16 * width - x;
766 }
767
768 return 0;
769 }
770
decode_i_frame(FourXContext * f,const uint8_t * buf,int length)771 static int decode_i_frame(FourXContext *f, const uint8_t *buf, int length)
772 {
773 int x, y, ret;
774 const int width = f->avctx->width;
775 const int height = f->avctx->height;
776 const unsigned int bitstream_size = AV_RL32(buf);
777 unsigned int prestream_size;
778 const uint8_t *prestream;
779
780 if (bitstream_size > (1 << 26))
781 return AVERROR_INVALIDDATA;
782
783 if (length < bitstream_size + 12) {
784 av_log(f->avctx, AV_LOG_ERROR, "packet size too small\n");
785 return AVERROR_INVALIDDATA;
786 }
787
788 prestream_size = 4 * AV_RL32(buf + bitstream_size + 4);
789 prestream = buf + bitstream_size + 12;
790
791 if (prestream_size + bitstream_size + 12 != length
792 || prestream_size > (1 << 26)) {
793 av_log(f->avctx, AV_LOG_ERROR, "size mismatch %d %d %d\n",
794 prestream_size, bitstream_size, length);
795 return AVERROR_INVALIDDATA;
796 }
797
798 prestream = read_huffman_tables(f, prestream, prestream_size);
799 if (!prestream) {
800 av_log(f->avctx, AV_LOG_ERROR, "Error reading Huffman tables.\n");
801 return AVERROR_INVALIDDATA;
802 }
803
804 av_assert0(prestream <= buf + length);
805
806 init_get_bits(&f->gb, buf + 4, 8 * bitstream_size);
807
808 prestream_size = length + buf - prestream;
809
810 av_fast_padded_malloc(&f->bitstream_buffer, &f->bitstream_buffer_size,
811 prestream_size);
812 if (!f->bitstream_buffer)
813 return AVERROR(ENOMEM);
814 f->bbdsp.bswap_buf(f->bitstream_buffer, (const uint32_t *) prestream,
815 prestream_size / 4);
816 init_get_bits(&f->pre_gb, f->bitstream_buffer, 8 * prestream_size);
817
818 f->last_dc = 0 * 128 * 8 * 8;
819
820 for (y = 0; y < height; y += 16) {
821 for (x = 0; x < width; x += 16) {
822 if ((ret = decode_i_mb(f)) < 0)
823 return ret;
824
825 idct_put(f, x, y);
826 }
827 }
828
829 if (get_vlc2(&f->pre_gb, f->pre_vlc.table, ACDC_VLC_BITS, 3) != 256)
830 av_log(f->avctx, AV_LOG_ERROR, "end mismatch\n");
831
832 return 0;
833 }
834
decode_frame(AVCodecContext * avctx,void * data,int * got_frame,AVPacket * avpkt)835 static int decode_frame(AVCodecContext *avctx, void *data,
836 int *got_frame, AVPacket *avpkt)
837 {
838 const uint8_t *buf = avpkt->data;
839 int buf_size = avpkt->size;
840 FourXContext *const f = avctx->priv_data;
841 AVFrame *picture = data;
842 int i, frame_4cc, frame_size, ret;
843
844 if (buf_size < 20)
845 return AVERROR_INVALIDDATA;
846
847 av_assert0(avctx->width % 16 == 0 && avctx->height % 16 == 0);
848
849 if (buf_size < AV_RL32(buf + 4) + 8) {
850 av_log(f->avctx, AV_LOG_ERROR, "size mismatch %d %"PRIu32"\n",
851 buf_size, AV_RL32(buf + 4));
852 return AVERROR_INVALIDDATA;
853 }
854
855 frame_4cc = AV_RL32(buf);
856
857 if (frame_4cc == AV_RL32("cfrm")) {
858 int free_index = -1;
859 int id, whole_size;
860 const int data_size = buf_size - 20;
861 CFrameBuffer *cfrm;
862
863 if (f->version <= 1) {
864 av_log(f->avctx, AV_LOG_ERROR, "cfrm in version %d\n", f->version);
865 return AVERROR_INVALIDDATA;
866 }
867
868 id = AV_RL32(buf + 12);
869 whole_size = AV_RL32(buf + 16);
870
871 if (data_size < 0 || whole_size < 0) {
872 av_log(f->avctx, AV_LOG_ERROR, "sizes invalid\n");
873 return AVERROR_INVALIDDATA;
874 }
875
876 for (i = 0; i < CFRAME_BUFFER_COUNT; i++)
877 if (f->cfrm[i].id && f->cfrm[i].id < avctx->frame_number)
878 av_log(f->avctx, AV_LOG_ERROR, "lost c frame %d\n",
879 f->cfrm[i].id);
880
881 for (i = 0; i < CFRAME_BUFFER_COUNT; i++) {
882 if (f->cfrm[i].id == id)
883 break;
884 if (f->cfrm[i].size == 0)
885 free_index = i;
886 }
887
888 if (i >= CFRAME_BUFFER_COUNT) {
889 i = free_index;
890 f->cfrm[i].id = id;
891 }
892 cfrm = &f->cfrm[i];
893
894 if (data_size > UINT_MAX - cfrm->size - AV_INPUT_BUFFER_PADDING_SIZE)
895 return AVERROR_INVALIDDATA;
896
897 cfrm->data = av_fast_realloc(cfrm->data, &cfrm->allocated_size,
898 cfrm->size + data_size + AV_INPUT_BUFFER_PADDING_SIZE);
899 // explicit check needed as memcpy below might not catch a NULL
900 if (!cfrm->data) {
901 av_log(f->avctx, AV_LOG_ERROR, "realloc failure\n");
902 return AVERROR(ENOMEM);
903 }
904
905 memcpy(cfrm->data + cfrm->size, buf + 20, data_size);
906 cfrm->size += data_size;
907
908 if (cfrm->size >= whole_size) {
909 buf = cfrm->data;
910 frame_size = cfrm->size;
911
912 if (id != avctx->frame_number)
913 av_log(f->avctx, AV_LOG_ERROR, "cframe id mismatch %d %d\n",
914 id, avctx->frame_number);
915
916 if (f->version <= 1)
917 return AVERROR_INVALIDDATA;
918
919 cfrm->size = cfrm->id = 0;
920 frame_4cc = AV_RL32("pfrm");
921 } else
922 return buf_size;
923 } else {
924 buf = buf + 12;
925 frame_size = buf_size - 12;
926 }
927
928 if ((ret = ff_get_buffer(avctx, picture, 0)) < 0)
929 return ret;
930
931 if (frame_4cc == AV_RL32("ifr2")) {
932 picture->pict_type = AV_PICTURE_TYPE_I;
933 if ((ret = decode_i2_frame(f, buf - 4, frame_size + 4)) < 0) {
934 av_log(f->avctx, AV_LOG_ERROR, "decode i2 frame failed\n");
935 return ret;
936 }
937 } else if (frame_4cc == AV_RL32("ifrm")) {
938 picture->pict_type = AV_PICTURE_TYPE_I;
939 if ((ret = decode_i_frame(f, buf, frame_size)) < 0) {
940 av_log(f->avctx, AV_LOG_ERROR, "decode i frame failed\n");
941 return ret;
942 }
943 } else if (frame_4cc == AV_RL32("pfrm") || frame_4cc == AV_RL32("pfr2")) {
944 picture->pict_type = AV_PICTURE_TYPE_P;
945 if ((ret = decode_p_frame(f, buf, frame_size)) < 0) {
946 av_log(f->avctx, AV_LOG_ERROR, "decode p frame failed\n");
947 return ret;
948 }
949 } else if (frame_4cc == AV_RL32("snd_")) {
950 av_log(avctx, AV_LOG_ERROR, "ignoring snd_ chunk length:%d\n",
951 buf_size);
952 } else {
953 av_log(avctx, AV_LOG_ERROR, "ignoring unknown chunk length:%d\n",
954 buf_size);
955 }
956
957 picture->key_frame = picture->pict_type == AV_PICTURE_TYPE_I;
958
959 av_image_copy_plane(picture->data[0], picture->linesize[0],
960 (const uint8_t*)f->frame_buffer, avctx->width * 2,
961 avctx->width * 2, avctx->height);
962 FFSWAP(uint16_t *, f->frame_buffer, f->last_frame_buffer);
963
964 *got_frame = 1;
965
966 emms_c();
967
968 return buf_size;
969 }
970
decode_end(AVCodecContext * avctx)971 static av_cold int decode_end(AVCodecContext *avctx)
972 {
973 FourXContext * const f = avctx->priv_data;
974 int i;
975
976 av_freep(&f->frame_buffer);
977 av_freep(&f->last_frame_buffer);
978 av_freep(&f->bitstream_buffer);
979 f->bitstream_buffer_size = 0;
980 for (i = 0; i < CFRAME_BUFFER_COUNT; i++) {
981 av_freep(&f->cfrm[i].data);
982 f->cfrm[i].allocated_size = 0;
983 }
984 ff_free_vlc(&f->pre_vlc);
985
986 return 0;
987 }
988
decode_init(AVCodecContext * avctx)989 static av_cold int decode_init(AVCodecContext *avctx)
990 {
991 FourXContext * const f = avctx->priv_data;
992 int ret;
993
994 if (avctx->extradata_size != 4 || !avctx->extradata) {
995 av_log(avctx, AV_LOG_ERROR, "extradata wrong or missing\n");
996 return AVERROR_INVALIDDATA;
997 }
998 if((avctx->width % 16) || (avctx->height % 16)) {
999 av_log(avctx, AV_LOG_ERROR, "unsupported width/height\n");
1000 return AVERROR_INVALIDDATA;
1001 }
1002
1003 ret = av_image_check_size(avctx->width, avctx->height, 0, avctx);
1004 if (ret < 0)
1005 return ret;
1006
1007 f->frame_buffer = av_mallocz(avctx->width * avctx->height * 2);
1008 f->last_frame_buffer = av_mallocz(avctx->width * avctx->height * 2);
1009 if (!f->frame_buffer || !f->last_frame_buffer) {
1010 decode_end(avctx);
1011 return AVERROR(ENOMEM);
1012 }
1013
1014 f->version = AV_RL32(avctx->extradata) >> 16;
1015 ff_blockdsp_init(&f->bdsp, avctx);
1016 ff_bswapdsp_init(&f->bbdsp);
1017 f->avctx = avctx;
1018 init_vlcs(f);
1019
1020 if (f->version > 2)
1021 avctx->pix_fmt = AV_PIX_FMT_RGB565;
1022 else
1023 avctx->pix_fmt = AV_PIX_FMT_BGR555;
1024
1025 return 0;
1026 }
1027
1028 AVCodec ff_fourxm_decoder = {
1029 .name = "4xm",
1030 .long_name = NULL_IF_CONFIG_SMALL("4X Movie"),
1031 .type = AVMEDIA_TYPE_VIDEO,
1032 .id = AV_CODEC_ID_4XM,
1033 .priv_data_size = sizeof(FourXContext),
1034 .init = decode_init,
1035 .close = decode_end,
1036 .decode = decode_frame,
1037 .capabilities = AV_CODEC_CAP_DR1,
1038 };
1039