1 |
|
|
/* |
2 |
|
|
* Discworld II BMV video decoder |
3 |
|
|
* Copyright (c) 2011 Konstantin Shishkov |
4 |
|
|
* |
5 |
|
|
* This file is part of FFmpeg. |
6 |
|
|
* |
7 |
|
|
* FFmpeg is free software; you can redistribute it and/or |
8 |
|
|
* modify it under the terms of the GNU Lesser General Public |
9 |
|
|
* License as published by the Free Software Foundation; either |
10 |
|
|
* version 2.1 of the License, or (at your option) any later version. |
11 |
|
|
* |
12 |
|
|
* FFmpeg is distributed in the hope that it will be useful, |
13 |
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 |
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
15 |
|
|
* Lesser General Public License for more details. |
16 |
|
|
* |
17 |
|
|
* You should have received a copy of the GNU Lesser General Public |
18 |
|
|
* License along with FFmpeg; if not, write to the Free Software |
19 |
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
20 |
|
|
*/ |
21 |
|
|
|
22 |
|
|
#include "libavutil/avassert.h" |
23 |
|
|
#include "libavutil/common.h" |
24 |
|
|
|
25 |
|
|
#include "avcodec.h" |
26 |
|
|
#include "bytestream.h" |
27 |
|
|
#include "internal.h" |
28 |
|
|
|
29 |
|
|
enum BMVFlags{ |
30 |
|
|
BMV_NOP = 0, |
31 |
|
|
BMV_END, |
32 |
|
|
BMV_DELTA, |
33 |
|
|
BMV_INTRA, |
34 |
|
|
|
35 |
|
|
BMV_SCROLL = 0x04, |
36 |
|
|
BMV_PALETTE = 0x08, |
37 |
|
|
BMV_COMMAND = 0x10, |
38 |
|
|
BMV_AUDIO = 0x20, |
39 |
|
|
BMV_EXT = 0x40, |
40 |
|
|
BMV_PRINT = 0x80 |
41 |
|
|
}; |
42 |
|
|
|
43 |
|
|
#define SCREEN_WIDE 640 |
44 |
|
|
#define SCREEN_HIGH 429 |
45 |
|
|
|
46 |
|
|
typedef struct BMVDecContext { |
47 |
|
|
AVCodecContext *avctx; |
48 |
|
|
|
49 |
|
|
uint8_t *frame, frame_base[SCREEN_WIDE * (SCREEN_HIGH + 1)]; |
50 |
|
|
uint32_t pal[256]; |
51 |
|
|
const uint8_t *stream; |
52 |
|
|
} BMVDecContext; |
53 |
|
|
|
54 |
|
|
#define NEXT_BYTE(v) (v) = forward ? (v) + 1 : (v) - 1; |
55 |
|
|
|
56 |
|
21 |
static int decode_bmv_frame(const uint8_t *source, int src_len, uint8_t *frame, int frame_off) |
57 |
|
|
{ |
58 |
|
21 |
unsigned val, saved_val = 0; |
59 |
|
21 |
int tmplen = src_len; |
60 |
|
21 |
const uint8_t *src, *source_end = source + src_len; |
61 |
|
21 |
uint8_t *frame_end = frame + SCREEN_WIDE * SCREEN_HIGH; |
62 |
|
|
uint8_t *dst, *dst_end; |
63 |
|
|
int len, mask; |
64 |
✓✓✓✗
|
21 |
int forward = (frame_off <= -SCREEN_WIDE) || (frame_off >= 0); |
65 |
|
|
int read_two_nibbles, flag; |
66 |
|
|
int advance_mode; |
67 |
|
21 |
int mode = 0; |
68 |
|
|
int i; |
69 |
|
|
|
70 |
✗✓ |
21 |
if (src_len <= 0) |
71 |
|
|
return AVERROR_INVALIDDATA; |
72 |
|
|
|
73 |
✓✗ |
21 |
if (forward) { |
74 |
|
21 |
src = source; |
75 |
|
21 |
dst = frame; |
76 |
|
21 |
dst_end = frame_end; |
77 |
|
|
} else { |
78 |
|
|
src = source + src_len - 1; |
79 |
|
|
dst = frame_end - 1; |
80 |
|
|
dst_end = frame - 1; |
81 |
|
|
} |
82 |
|
783652 |
for (;;) { |
83 |
|
783673 |
int shift = 0; |
84 |
|
783673 |
flag = 0; |
85 |
|
|
|
86 |
|
|
/* The mode/len decoding is a bit strange: |
87 |
|
|
* values are coded as variable-length codes with nibble units, |
88 |
|
|
* code end is signalled by two top bits in the nibble being nonzero. |
89 |
|
|
* And since data is bytepacked and we read two nibbles at a time, |
90 |
|
|
* we may get a nibble belonging to the next code. |
91 |
|
|
* Hence this convoluted loop. |
92 |
|
|
*/ |
93 |
✓✓✓✓
|
783673 |
if (!mode || (tmplen == 4)) { |
94 |
✓✗✗✓
|
391887 |
if (src < source || src >= source_end) |
95 |
|
|
return AVERROR_INVALIDDATA; |
96 |
|
391887 |
val = *src; |
97 |
|
391887 |
read_two_nibbles = 1; |
98 |
|
|
} else { |
99 |
|
391786 |
val = saved_val; |
100 |
|
391786 |
read_two_nibbles = 0; |
101 |
|
|
} |
102 |
✓✓ |
783673 |
if (!(val & 0xC)) { |
103 |
|
|
for (;;) { |
104 |
✗✓ |
73874 |
if(shift>22) |
105 |
|
|
return -1; |
106 |
✓✓ |
73874 |
if (!read_two_nibbles) { |
107 |
✓✗✗✓
|
38323 |
if (src < source || src >= source_end) |
108 |
|
|
return AVERROR_INVALIDDATA; |
109 |
|
38323 |
shift += 2; |
110 |
|
38323 |
val |= (unsigned)*src << shift; |
111 |
✓✓ |
38323 |
if (*src & 0xC) |
112 |
|
35465 |
break; |
113 |
|
|
} |
114 |
|
|
// two upper bits of the nibble is zero, |
115 |
|
|
// so shift top nibble value down into their place |
116 |
|
38409 |
read_two_nibbles = 0; |
117 |
|
38409 |
shift += 2; |
118 |
|
38409 |
mask = (1 << shift) - 1; |
119 |
|
38409 |
val = ((val >> 2) & ~mask) | (val & mask); |
120 |
✓✗ |
38409 |
NEXT_BYTE(src); |
121 |
✓✓ |
38409 |
if ((val & (0xC << shift))) { |
122 |
|
35570 |
flag = 1; |
123 |
|
35570 |
break; |
124 |
|
|
} |
125 |
|
|
} |
126 |
✓✓ |
712638 |
} else if (mode) { |
127 |
|
712627 |
flag = tmplen != 4; |
128 |
|
|
} |
129 |
✓✓ |
783673 |
if (flag) { |
130 |
|
391872 |
tmplen = 4; |
131 |
|
|
} else { |
132 |
|
391801 |
saved_val = val >> (4 + shift); |
133 |
|
391801 |
tmplen = 0; |
134 |
|
391801 |
val &= (1 << (shift + 4)) - 1; |
135 |
✓✗ |
391801 |
NEXT_BYTE(src); |
136 |
|
|
} |
137 |
|
783673 |
advance_mode = val & 1; |
138 |
|
783673 |
len = (val >> 1) - 1; |
139 |
✗✓ |
783673 |
av_assert0(len>0); |
140 |
|
783673 |
mode += 1 + advance_mode; |
141 |
✓✓ |
783673 |
if (mode >= 4) |
142 |
|
380507 |
mode -= 3; |
143 |
✓✗✓✗
✗✓ |
783673 |
if (len <= 0 || FFABS(dst_end - dst) < len) |
144 |
|
|
return AVERROR_INVALIDDATA; |
145 |
✓✓✓✗
|
783673 |
switch (mode) { |
146 |
|
207200 |
case 1: |
147 |
✓✗ |
207200 |
if (forward) { |
148 |
✓✗ |
207200 |
if (dst - frame + SCREEN_WIDE < frame_off || |
149 |
✓✗ |
207200 |
dst - frame + SCREEN_WIDE + frame_off < 0 || |
150 |
✓✗ |
207200 |
frame_end - dst < frame_off + len || |
151 |
✗✓ |
207200 |
frame_end - dst < len) |
152 |
|
|
return AVERROR_INVALIDDATA; |
153 |
✓✓ |
4179410 |
for (i = 0; i < len; i++) |
154 |
|
3972210 |
dst[i] = dst[frame_off + i]; |
155 |
|
207200 |
dst += len; |
156 |
|
|
} else { |
157 |
|
|
dst -= len; |
158 |
|
|
if (dst - frame + SCREEN_WIDE < frame_off || |
159 |
|
|
dst - frame + SCREEN_WIDE + frame_off < 0 || |
160 |
|
|
frame_end - dst < frame_off + len || |
161 |
|
|
frame_end - dst < len) |
162 |
|
|
return AVERROR_INVALIDDATA; |
163 |
|
|
for (i = len - 1; i >= 0; i--) |
164 |
|
|
dst[i] = dst[frame_off + i]; |
165 |
|
|
} |
166 |
|
207200 |
break; |
167 |
|
312625 |
case 2: |
168 |
✓✗ |
312625 |
if (forward) { |
169 |
✗✓ |
312625 |
if (source + src_len - src < len) |
170 |
|
|
return AVERROR_INVALIDDATA; |
171 |
|
312625 |
memcpy(dst, src, len); |
172 |
|
312625 |
dst += len; |
173 |
|
312625 |
src += len; |
174 |
|
|
} else { |
175 |
|
|
if (src - source < len) |
176 |
|
|
return AVERROR_INVALIDDATA; |
177 |
|
|
dst -= len; |
178 |
|
|
src -= len; |
179 |
|
|
memcpy(dst, src, len); |
180 |
|
|
} |
181 |
|
312625 |
break; |
182 |
|
263848 |
case 3: |
183 |
✓✗ |
263848 |
val = forward ? dst[-1] : dst[1]; |
184 |
✓✗ |
263848 |
if (forward) { |
185 |
|
263848 |
memset(dst, val, len); |
186 |
|
263848 |
dst += len; |
187 |
|
|
} else { |
188 |
|
|
dst -= len; |
189 |
|
|
memset(dst, val, len); |
190 |
|
|
} |
191 |
|
263848 |
break; |
192 |
|
|
} |
193 |
✓✓ |
783673 |
if (dst == dst_end) |
194 |
|
21 |
return 0; |
195 |
|
|
} |
196 |
|
|
} |
197 |
|
|
|
198 |
|
21 |
static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, |
199 |
|
|
AVPacket *pkt) |
200 |
|
|
{ |
201 |
|
21 |
BMVDecContext * const c = avctx->priv_data; |
202 |
|
21 |
AVFrame *frame = data; |
203 |
|
|
int type, scr_off; |
204 |
|
|
int i, ret; |
205 |
|
|
uint8_t *srcptr, *outptr; |
206 |
|
|
|
207 |
|
21 |
c->stream = pkt->data; |
208 |
|
21 |
type = bytestream_get_byte(&c->stream); |
209 |
✓✗ |
21 |
if (type & BMV_AUDIO) { |
210 |
|
21 |
int blobs = bytestream_get_byte(&c->stream); |
211 |
✗✓ |
21 |
if (pkt->size < blobs * 65 + 2) { |
212 |
|
|
av_log(avctx, AV_LOG_ERROR, "Audio data doesn't fit in frame\n"); |
213 |
|
|
return AVERROR_INVALIDDATA; |
214 |
|
|
} |
215 |
|
21 |
c->stream += blobs * 65; |
216 |
|
|
} |
217 |
✗✓ |
21 |
if (type & BMV_COMMAND) { |
218 |
|
|
int command_size = (type & BMV_PRINT) ? 8 : 10; |
219 |
|
|
if (c->stream - pkt->data + command_size > pkt->size) { |
220 |
|
|
av_log(avctx, AV_LOG_ERROR, "Command data doesn't fit in frame\n"); |
221 |
|
|
return AVERROR_INVALIDDATA; |
222 |
|
|
} |
223 |
|
|
c->stream += command_size; |
224 |
|
|
} |
225 |
✓✓ |
21 |
if (type & BMV_PALETTE) { |
226 |
✗✓ |
1 |
if (c->stream - pkt->data > pkt->size - 768) { |
227 |
|
|
av_log(avctx, AV_LOG_ERROR, "Palette data doesn't fit in frame\n"); |
228 |
|
|
return AVERROR_INVALIDDATA; |
229 |
|
|
} |
230 |
✓✓ |
257 |
for (i = 0; i < 256; i++) |
231 |
|
256 |
c->pal[i] = 0xFFU << 24 | bytestream_get_be24(&c->stream); |
232 |
|
|
} |
233 |
✗✓ |
21 |
if (type & BMV_SCROLL) { |
234 |
|
|
if (c->stream - pkt->data > pkt->size - 2) { |
235 |
|
|
av_log(avctx, AV_LOG_ERROR, "Screen offset data doesn't fit in frame\n"); |
236 |
|
|
return AVERROR_INVALIDDATA; |
237 |
|
|
} |
238 |
|
|
scr_off = (int16_t)bytestream_get_le16(&c->stream); |
239 |
✓✓ |
21 |
} else if ((type & BMV_INTRA) == BMV_INTRA) { |
240 |
|
11 |
scr_off = -640; |
241 |
|
|
} else { |
242 |
|
10 |
scr_off = 0; |
243 |
|
|
} |
244 |
|
|
|
245 |
✗✓ |
21 |
if ((ret = ff_get_buffer(avctx, frame, 0)) < 0) |
246 |
|
|
return ret; |
247 |
|
|
|
248 |
✗✓ |
21 |
if (decode_bmv_frame(c->stream, pkt->size - (c->stream - pkt->data), c->frame, scr_off)) { |
249 |
|
|
av_log(avctx, AV_LOG_ERROR, "Error decoding frame data\n"); |
250 |
|
|
return AVERROR_INVALIDDATA; |
251 |
|
|
} |
252 |
|
|
|
253 |
|
21 |
memcpy(frame->data[1], c->pal, AVPALETTE_SIZE); |
254 |
|
21 |
frame->palette_has_changed = type & BMV_PALETTE; |
255 |
|
|
|
256 |
|
21 |
outptr = frame->data[0]; |
257 |
|
21 |
srcptr = c->frame; |
258 |
|
|
|
259 |
✓✓ |
9030 |
for (i = 0; i < avctx->height; i++) { |
260 |
|
9009 |
memcpy(outptr, srcptr, avctx->width); |
261 |
|
9009 |
srcptr += avctx->width; |
262 |
|
9009 |
outptr += frame->linesize[0]; |
263 |
|
|
} |
264 |
|
|
|
265 |
|
21 |
*got_frame = 1; |
266 |
|
|
|
267 |
|
|
/* always report that the buffer was completely consumed */ |
268 |
|
21 |
return pkt->size; |
269 |
|
|
} |
270 |
|
|
|
271 |
|
3 |
static av_cold int decode_init(AVCodecContext *avctx) |
272 |
|
|
{ |
273 |
|
3 |
BMVDecContext * const c = avctx->priv_data; |
274 |
|
|
|
275 |
|
3 |
c->avctx = avctx; |
276 |
|
3 |
avctx->pix_fmt = AV_PIX_FMT_PAL8; |
277 |
|
|
|
278 |
✓✗✗✓
|
3 |
if (avctx->width != SCREEN_WIDE || avctx->height != SCREEN_HIGH) { |
279 |
|
|
av_log(avctx, AV_LOG_ERROR, "Invalid dimension %dx%d\n", avctx->width, avctx->height); |
280 |
|
|
return AVERROR_INVALIDDATA; |
281 |
|
|
} |
282 |
|
|
|
283 |
|
3 |
c->frame = c->frame_base + 640; |
284 |
|
|
|
285 |
|
3 |
return 0; |
286 |
|
|
} |
287 |
|
|
|
288 |
|
|
AVCodec ff_bmv_video_decoder = { |
289 |
|
|
.name = "bmv_video", |
290 |
|
|
.long_name = NULL_IF_CONFIG_SMALL("Discworld II BMV video"), |
291 |
|
|
.type = AVMEDIA_TYPE_VIDEO, |
292 |
|
|
.id = AV_CODEC_ID_BMV_VIDEO, |
293 |
|
|
.priv_data_size = sizeof(BMVDecContext), |
294 |
|
|
.init = decode_init, |
295 |
|
|
.decode = decode_frame, |
296 |
|
|
.capabilities = AV_CODEC_CAP_DR1, |
297 |
|
|
.caps_internal = FF_CODEC_CAP_INIT_THREADSAFE, |
298 |
|
|
}; |