1 /*
2 * Escape 124 Video Decoder
3 * Copyright (C) 2008 Eli Friedman (eli.friedman@gmail.com)
4 *
5 * This file is part of FFmpeg.
6 *
7 * FFmpeg is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * FFmpeg is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with FFmpeg; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #define BITSTREAM_READER_LE
23 #include "avcodec.h"
24 #include "codec_internal.h"
25 #include "get_bits.h"
26 #include "internal.h"
27
28 typedef union MacroBlock {
29 uint16_t pixels[4];
30 uint32_t pixels32[2];
31 } MacroBlock;
32
33 typedef union SuperBlock {
34 uint16_t pixels[64];
35 uint32_t pixels32[32];
36 } SuperBlock;
37
38 typedef struct CodeBook {
39 unsigned depth;
40 unsigned size;
41 MacroBlock* blocks;
42 } CodeBook;
43
44 typedef struct Escape124Context {
45 AVFrame *frame;
46
47 unsigned num_superblocks;
48
49 CodeBook codebooks[3];
50 } Escape124Context;
51
52 /**
53 * Initialize the decoder
54 * @param avctx decoder context
55 * @return 0 success, negative on error
56 */
escape124_decode_init(AVCodecContext *avctx)57 static av_cold int escape124_decode_init(AVCodecContext *avctx)
58 {
59 Escape124Context *s = avctx->priv_data;
60
61 avctx->pix_fmt = AV_PIX_FMT_RGB555;
62
63 s->num_superblocks = ((unsigned)avctx->width / 8) *
64 ((unsigned)avctx->height / 8);
65
66 s->frame = av_frame_alloc();
67 if (!s->frame)
68 return AVERROR(ENOMEM);
69
70 return 0;
71 }
72
escape124_decode_close(AVCodecContext *avctx)73 static av_cold int escape124_decode_close(AVCodecContext *avctx)
74 {
75 unsigned i;
76 Escape124Context *s = avctx->priv_data;
77
78 for (i = 0; i < 3; i++)
79 av_freep(&s->codebooks[i].blocks);
80
81 av_frame_free(&s->frame);
82
83 return 0;
84 }
85
unpack_codebook(GetBitContext* gb, unsigned depth, unsigned size)86 static CodeBook unpack_codebook(GetBitContext* gb, unsigned depth,
87 unsigned size)
88 {
89 unsigned i, j;
90 CodeBook cb = { 0 };
91
92 cb.blocks = av_malloc(size ? size * sizeof(MacroBlock) : 1);
93 if (!cb.blocks)
94 return cb;
95
96 cb.depth = depth;
97 cb.size = size;
98 for (i = 0; i < size; i++) {
99 unsigned mask_bits = get_bits(gb, 4);
100 unsigned color0 = get_bits(gb, 15);
101 unsigned color1 = get_bits(gb, 15);
102
103 for (j = 0; j < 4; j++) {
104 if (mask_bits & (1 << j))
105 cb.blocks[i].pixels[j] = color1;
106 else
107 cb.blocks[i].pixels[j] = color0;
108 }
109 }
110 return cb;
111 }
112
decode_skip_count(GetBitContext* gb)113 static unsigned decode_skip_count(GetBitContext* gb)
114 {
115 unsigned value;
116 // This function reads a maximum of 23 bits,
117 // which is within the padding space
118 if (get_bits_left(gb) < 1)
119 return -1;
120 value = get_bits1(gb);
121 if (!value)
122 return value;
123
124 value += get_bits(gb, 3);
125 if (value != (1 + ((1 << 3) - 1)))
126 return value;
127
128 value += get_bits(gb, 7);
129 if (value != (1 + ((1 << 3) - 1)) + ((1 << 7) - 1))
130 return value;
131
132 return value + get_bits(gb, 12);
133 }
134
decode_macroblock(Escape124Context* s, GetBitContext* gb, int* codebook_index, int superblock_index)135 static MacroBlock decode_macroblock(Escape124Context* s, GetBitContext* gb,
136 int* codebook_index, int superblock_index)
137 {
138 // This function reads a maximum of 22 bits; the callers
139 // guard this function appropriately
140 unsigned block_index, depth;
141 int value = get_bits1(gb);
142 if (value) {
143 static const int8_t transitions[3][2] = { {2, 1}, {0, 2}, {1, 0} };
144 value = get_bits1(gb);
145 *codebook_index = transitions[*codebook_index][value];
146 }
147
148 depth = s->codebooks[*codebook_index].depth;
149
150 // depth = 0 means that this shouldn't read any bits;
151 // in theory, this is the same as get_bits(gb, 0), but
152 // that doesn't actually work.
153 block_index = get_bitsz(gb, depth);
154
155 if (*codebook_index == 1) {
156 block_index += superblock_index << s->codebooks[1].depth;
157 }
158
159 // This condition can occur with invalid bitstreams and
160 // *codebook_index == 2
161 if (block_index >= s->codebooks[*codebook_index].size || !s->codebooks[*codebook_index].blocks)
162 return (MacroBlock) { { 0 } };
163
164 return s->codebooks[*codebook_index].blocks[block_index];
165 }
166
insert_mb_into_sb(SuperBlock* sb, MacroBlock mb, unsigned index)167 static void insert_mb_into_sb(SuperBlock* sb, MacroBlock mb, unsigned index) {
168 // Formula: ((index / 4) * 16 + (index % 4) * 2) / 2
169 uint32_t *dst = sb->pixels32 + index + (index & -4);
170
171 // This technically violates C99 aliasing rules, but it should be safe.
172 dst[0] = mb.pixels32[0];
173 dst[4] = mb.pixels32[1];
174 }
175
copy_superblock(uint16_t* dest, unsigned dest_stride, uint16_t* src, unsigned src_stride)176 static void copy_superblock(uint16_t* dest, unsigned dest_stride,
177 uint16_t* src, unsigned src_stride)
178 {
179 unsigned y;
180 if (src)
181 for (y = 0; y < 8; y++)
182 memcpy(dest + y * dest_stride, src + y * src_stride,
183 sizeof(uint16_t) * 8);
184 else
185 for (y = 0; y < 8; y++)
186 memset(dest + y * dest_stride, 0, sizeof(uint16_t) * 8);
187 }
188
189 static const uint16_t mask_matrix[] = {0x1, 0x2, 0x10, 0x20,
190 0x4, 0x8, 0x40, 0x80,
191 0x100, 0x200, 0x1000, 0x2000,
192 0x400, 0x800, 0x4000, 0x8000};
193
escape124_decode_frame(AVCodecContext *avctx, AVFrame *frame, int *got_frame, AVPacket *avpkt)194 static int escape124_decode_frame(AVCodecContext *avctx, AVFrame *frame,
195 int *got_frame, AVPacket *avpkt)
196 {
197 int buf_size = avpkt->size;
198 Escape124Context *s = avctx->priv_data;
199
200 GetBitContext gb;
201 unsigned frame_flags, frame_size;
202 unsigned i;
203
204 unsigned superblock_index, cb_index = 1,
205 superblock_col_index = 0,
206 superblocks_per_row = avctx->width / 8, skip = -1;
207
208 uint16_t* old_frame_data, *new_frame_data;
209 unsigned old_stride, new_stride;
210
211 int ret;
212
213 if ((ret = init_get_bits8(&gb, avpkt->data, avpkt->size)) < 0)
214 return ret;
215
216 // This call also guards the potential depth reads for the
217 // codebook unpacking.
218 // Check if the amount we will read minimally is available on input.
219 // The 64 represent the immediately next 2 frame_* elements read, the 23/4320
220 // represent a lower bound of the space needed for skipped superblocks. Non
221 // skipped SBs need more space.
222 if (get_bits_left(&gb) < 64 + s->num_superblocks * 23LL / 4320)
223 return AVERROR_INVALIDDATA;
224
225 frame_flags = get_bits_long(&gb, 32);
226 frame_size = get_bits_long(&gb, 32);
227
228 // Leave last frame unchanged
229 // FIXME: Is this necessary? I haven't seen it in any real samples
230 if (!(frame_flags & 0x114) || !(frame_flags & 0x7800000)) {
231 if (!s->frame->data[0])
232 return AVERROR_INVALIDDATA;
233
234 av_log(avctx, AV_LOG_DEBUG, "Skipping frame\n");
235
236 *got_frame = 1;
237 if ((ret = av_frame_ref(frame, s->frame)) < 0)
238 return ret;
239
240 return 0;
241 }
242
243 for (i = 0; i < 3; i++) {
244 if (frame_flags & (1 << (17 + i))) {
245 unsigned cb_depth, cb_size;
246 if (i == 2) {
247 // This codebook can be cut off at places other than
248 // powers of 2, leaving some of the entries undefined.
249 cb_size = get_bits(&gb, 20);
250 if (!cb_size) {
251 av_log(avctx, AV_LOG_ERROR, "Invalid codebook size 0.\n");
252 return AVERROR_INVALIDDATA;
253 }
254 cb_depth = av_log2(cb_size - 1) + 1;
255 } else {
256 cb_depth = get_bits(&gb, 4);
257 if (i == 0) {
258 // This is the most basic codebook: pow(2,depth) entries
259 // for a depth-length key
260 cb_size = 1 << cb_depth;
261 } else {
262 // This codebook varies per superblock
263 // FIXME: I don't think this handles integer overflow
264 // properly
265 cb_size = s->num_superblocks << cb_depth;
266 }
267 }
268 if (s->num_superblocks >= INT_MAX >> cb_depth) {
269 av_log(avctx, AV_LOG_ERROR, "Depth or num_superblocks are too large\n");
270 return AVERROR_INVALIDDATA;
271 }
272
273 av_freep(&s->codebooks[i].blocks);
274 if (cb_size >= INT_MAX / 34 || get_bits_left(&gb) < (int)cb_size * 34)
275 return AVERROR_INVALIDDATA;
276
277 if (cb_size >= INT_MAX / sizeof(MacroBlock))
278 return AVERROR_INVALIDDATA;
279 s->codebooks[i] = unpack_codebook(&gb, cb_depth, cb_size);
280 if (!s->codebooks[i].blocks)
281 return AVERROR(ENOMEM);
282 }
283 }
284
285 if ((ret = ff_get_buffer(avctx, frame, AV_GET_BUFFER_FLAG_REF)) < 0)
286 return ret;
287
288 new_frame_data = (uint16_t*)frame->data[0];
289 new_stride = frame->linesize[0] / 2;
290 old_frame_data = (uint16_t*)s->frame->data[0];
291 old_stride = s->frame->linesize[0] / 2;
292
293 for (superblock_index = 0; superblock_index < s->num_superblocks;
294 superblock_index++) {
295 MacroBlock mb;
296 SuperBlock sb;
297 unsigned multi_mask = 0;
298
299 if (skip == -1) {
300 // Note that this call will make us skip the rest of the blocks
301 // if the frame prematurely ends
302 skip = decode_skip_count(&gb);
303 }
304
305 if (skip) {
306 copy_superblock(new_frame_data, new_stride,
307 old_frame_data, old_stride);
308 } else {
309 copy_superblock(sb.pixels, 8,
310 old_frame_data, old_stride);
311
312 while (get_bits_left(&gb) >= 1 && !get_bits1(&gb)) {
313 unsigned mask;
314 mb = decode_macroblock(s, &gb, &cb_index, superblock_index);
315 mask = get_bits(&gb, 16);
316 multi_mask |= mask;
317 for (i = 0; i < 16; i++) {
318 if (mask & mask_matrix[i]) {
319 insert_mb_into_sb(&sb, mb, i);
320 }
321 }
322 }
323
324 if (!get_bits1(&gb)) {
325 unsigned inv_mask = get_bits(&gb, 4);
326 for (i = 0; i < 4; i++) {
327 if (inv_mask & (1 << i)) {
328 multi_mask ^= 0xF << i*4;
329 } else {
330 multi_mask ^= get_bits(&gb, 4) << i*4;
331 }
332 }
333
334 for (i = 0; i < 16; i++) {
335 if (multi_mask & mask_matrix[i]) {
336 mb = decode_macroblock(s, &gb, &cb_index,
337 superblock_index);
338 insert_mb_into_sb(&sb, mb, i);
339 }
340 }
341 } else if (frame_flags & (1 << 16)) {
342 while (get_bits_left(&gb) >= 1 && !get_bits1(&gb)) {
343 mb = decode_macroblock(s, &gb, &cb_index, superblock_index);
344 insert_mb_into_sb(&sb, mb, get_bits(&gb, 4));
345 }
346 }
347
348 copy_superblock(new_frame_data, new_stride, sb.pixels, 8);
349 }
350
351 superblock_col_index++;
352 new_frame_data += 8;
353 if (old_frame_data)
354 old_frame_data += 8;
355 if (superblock_col_index == superblocks_per_row) {
356 new_frame_data += new_stride * 8 - superblocks_per_row * 8;
357 if (old_frame_data)
358 old_frame_data += old_stride * 8 - superblocks_per_row * 8;
359 superblock_col_index = 0;
360 }
361 skip--;
362 }
363
364 av_log(avctx, AV_LOG_DEBUG,
365 "Escape sizes: %i, %i, %i\n",
366 frame_size, buf_size, get_bits_count(&gb) / 8);
367
368 av_frame_unref(s->frame);
369 if ((ret = av_frame_ref(s->frame, frame)) < 0)
370 return ret;
371
372 *got_frame = 1;
373
374 return 0;
375 }
376
377
378 const FFCodec ff_escape124_decoder = {
379 .p.name = "escape124",
380 .p.long_name = NULL_IF_CONFIG_SMALL("Escape 124"),
381 .p.type = AVMEDIA_TYPE_VIDEO,
382 .p.id = AV_CODEC_ID_ESCAPE124,
383 .priv_data_size = sizeof(Escape124Context),
384 .init = escape124_decode_init,
385 .close = escape124_decode_close,
386 FF_CODEC_DECODE_CB(escape124_decode_frame),
387 .p.capabilities = AV_CODEC_CAP_DR1,
388 .caps_internal = FF_CODEC_CAP_INIT_THREADSAFE,
389 };
390