From 6c6a97814ff5b7707fadaccc445615f91a07ebf7 Mon Sep 17 00:00:00 2001 From: Alexander Voronov Date: Thu, 11 Dec 2014 20:44:19 +0300 Subject: Prevent decoder from using uninitialized entropy context. If decoding starts with intra-only frame, there is a possibility of using uninitialized entropy context, what leads to undefined behavior. Change-Id: Icbb64b5b1bd1e5de2a4bfa2884e56bc0a20840af --- vp9/common/vp9_entropymode.c | 1 + vp9/common/vp9_entropymode.h | 1 + vp9/decoder/vp9_decodeframe.c | 4 ++++ 3 files changed, 6 insertions(+) (limited to 'vp9') diff --git a/vp9/common/vp9_entropymode.c b/vp9/common/vp9_entropymode.c index d7610ed28..0edc4f9ba 100644 --- a/vp9/common/vp9_entropymode.c +++ b/vp9/common/vp9_entropymode.c @@ -453,6 +453,7 @@ void vp9_setup_past_independence(VP9_COMMON *cm) { vp9_default_coef_probs(cm); vp9_init_mode_probs(cm->fc); vp9_init_mv_probs(cm); + cm->fc->initialized = 1; if (cm->frame_type == KEY_FRAME || cm->error_resilient_mode || cm->reset_frame_context == 3) { diff --git a/vp9/common/vp9_entropymode.h b/vp9/common/vp9_entropymode.h index 6831d3f87..6db10806d 100644 --- a/vp9/common/vp9_entropymode.h +++ b/vp9/common/vp9_entropymode.h @@ -50,6 +50,7 @@ typedef struct frame_contexts { struct tx_probs tx_probs; vp9_prob skip_probs[SKIP_CONTEXTS]; nmv_context nmvc; + int initialized; } FRAME_CONTEXT; typedef struct { diff --git a/vp9/decoder/vp9_decodeframe.c b/vp9/decoder/vp9_decodeframe.c index 2c5fbacb9..470b2bae8 100644 --- a/vp9/decoder/vp9_decodeframe.c +++ b/vp9/decoder/vp9_decodeframe.c @@ -1558,6 +1558,10 @@ void vp9_decode_frame(VP9Decoder *pbi, vp9_setup_block_planes(xd, cm->subsampling_x, cm->subsampling_y); *cm->fc = cm->frame_contexts[cm->frame_context_idx]; + if (!cm->fc->initialized) + vpx_internal_error(&cm->error, VPX_CODEC_CORRUPT_FRAME, + "Uninitialized entropy context."); + vp9_zero(cm->counts); vp9_zero(xd->dqcoeff); -- cgit v1.2.3