[MPG123]
authorThomas Faber <thomas.faber@reactos.org>
Sat, 2 Sep 2017 13:03:21 +0000 (13:03 +0000)
committerThomas Faber <thomas.faber@reactos.org>
Sat, 2 Sep 2017 13:03:21 +0000 (13:03 +0000)
- Update to version 1.25.6
CORE-13739

svn path=/trunk/; revision=75739

reactos/sdk/include/reactos/libs/libmpg123/config.h
reactos/sdk/include/reactos/libs/libmpg123/getbits.h
reactos/sdk/include/reactos/libs/libmpg123/mpg123.h
reactos/sdk/lib/3rdparty/libmpg123/frame.c
reactos/sdk/lib/3rdparty/libmpg123/id3.c
reactos/sdk/lib/3rdparty/libmpg123/layer1.c
reactos/sdk/lib/3rdparty/libmpg123/layer3.c
reactos/sdk/lib/3rdparty/libmpg123/stringbuf.c

index 079db34..e481e8d 100644 (file)
 #define PACKAGE_NAME "mpg123"
 
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "mpg123 1.25.0"
+#define PACKAGE_STRING "mpg123 1.25.6"
 
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "mpg123"
 #define PACKAGE_URL ""
 
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "1.25.0"
+#define PACKAGE_VERSION "1.25.6"
 
 /* Define if portaudio v18 API is wanted. */
 /* #undef PORTAUDIO18 */
 /* #undef USE_YASM_FOR_AVX */
 
 /* Version number of package */
-#define VERSION "1.25.0"
+#define VERSION "1.25.6"
 
 /* Define to use Win32 named pipes */
 #define WANT_WIN32_FIFO 1
index 8eff00e..b250b6c 100644 (file)
@@ -44,7 +44,10 @@ static unsigned int getbits(mpg123_handle *fr, int number_of_bits)
 #ifdef DEBUG_GETBITS
 fprintf(stderr,"g%d",number_of_bits);
 #endif
-
+  /* Safety catch until we got the nasty code fully figured out. */
+  if( (long)(fr->wordpointer-fr->bsbuf)*8
+      + fr->bitindex+number_of_bits > (long)fr->framesize*8 )
+    return 0;
 /*  This is actually slow: if(!number_of_bits)
     return 0; */
 
index 872fc42..71677a4 100644 (file)
@@ -1,5 +1,5 @@
 /*
-       libmpg123: MPEG Audio Decoder library (version 1.25.0)
+       libmpg123: MPEG Audio Decoder library (version 1.25.6)
 
        copyright 1995-2015 by the mpg123 project
        free software under the terms of the LGPL 2.1
index cffddce..f714fb0 100644 (file)
@@ -256,7 +256,8 @@ int frame_index_setup(mpg123_handle *fr)
 
 static void frame_decode_buffers_reset(mpg123_handle *fr)
 {
-       memset(fr->rawbuffs, 0, fr->rawbuffss);
+       if(fr->rawbuffs) /* memset(NULL, 0, 0) not desired */
+               memset(fr->rawbuffs, 0, fr->rawbuffss);
 }
 
 int frame_buffers(mpg123_handle *fr)
@@ -515,6 +516,7 @@ static void frame_fixed_reset(mpg123_handle *fr)
        fr->clip = 0;
        fr->oldhead = 0;
        fr->firsthead = 0;
+       fr->lay = 0;
        fr->vbr = MPG123_CBR;
        fr->abr_rate = 0;
        fr->track_frames = 0;
index 3b9740d..eafe004 100644 (file)
@@ -250,6 +250,7 @@ void id3_link(mpg123_handle *fr)
 */
 static void store_id3_text(mpg123_string *sb, unsigned char *source, size_t source_size, const int noquiet, const int notranslate)
 {
+       unsigned char encoding;
        if(!source_size)
        {
                debug("Empty id3 data!");
@@ -271,26 +272,29 @@ static void store_id3_text(mpg123_string *sb, unsigned char *source, size_t sour
                return;
        }
 
-       id3_to_utf8(sb, source[0], source+1, source_size-1, noquiet);
+       encoding = source[0];
+       if(encoding > mpg123_id3_enc_max)
+       {
+               if(noquiet)
+                       error1("Unknown text encoding %u, I take no chances, sorry!", encoding);
+
+               mpg123_free_string(sb);
+               return;
+       }
+       id3_to_utf8(sb, encoding, source+1, source_size-1, noquiet);
 
        if(sb->fill) debug1("UTF-8 string (the first one): %s", sb->p);
        else if(noquiet) error("unable to convert string to UTF-8 (out of memory, junk input?)!");
 }
 
 /* On error, sb->size is 0. */
+/* Also, encoding has been checked already! */
 void id3_to_utf8(mpg123_string *sb, unsigned char encoding, const unsigned char *source, size_t source_size, int noquiet)
 {
        unsigned int bwidth;
        debug1("encoding: %u", encoding);
        /* A note: ID3v2.3 uses UCS-2 non-variable 16bit encoding, v2.4 uses UTF16.
           UTF-16 uses a reserved/private range in UCS-2 to add the magic, so we just always treat it as UTF. */
-       if(encoding > mpg123_id3_enc_max)
-       {
-               if(noquiet) error1("Unknown text encoding %u, I take no chances, sorry!", encoding);
-
-               mpg123_free_string(sb);
-               return;
-       }
        bwidth = encoding_widths[encoding];
        /* Hack! I've seen a stray zero byte before BOM. Is that supposed to happen? */
        if(encoding != mpg123_id3_utf16be) /* UTF16be _can_ beging with a null byte! */
@@ -309,6 +313,7 @@ void id3_to_utf8(mpg123_string *sb, unsigned char encoding, const unsigned char
        text_converters[encoding](sb, source, source_size, noquiet);
 }
 
+/* You have checked encoding to be in the range already. */
 static unsigned char *next_text(unsigned char* prev, unsigned char encoding, size_t limit)
 {
        unsigned char *text = prev;
@@ -379,6 +384,12 @@ static void process_picture(mpg123_handle *fr, unsigned char *realdata, size_t r
                debug("Empty id3 data!");
                return;
        }
+       if(encoding > mpg123_id3_enc_max)
+       {
+               if(NOQUIET)
+                       error1("Unknown text encoding %u, I take no chances, sorry!", encoding);
+               return;
+       }
        if(VERBOSE4) fprintf(stderr, "Note: Storing picture from APIC frame.\n");
        /* decompose realdata accordingly */
        i = add_picture(fr);
@@ -447,6 +458,12 @@ static void process_comment(mpg123_handle *fr, enum frame_types tt, unsigned cha
                if(NOQUIET) error1("Invalid frame size of %"SIZE_P" (too small for anything).", (size_p)realsize);
                return;
        }
+       if(encoding > mpg123_id3_enc_max)
+       {
+               if(NOQUIET)
+                       error1("Unknown text encoding %u, I take no chances, sorry!", encoding);
+               return;
+       }
        xcom = (tt == uslt ? add_text(fr) : add_comment(fr));
        if(VERBOSE4) fprintf(stderr, "Note: Storing comment from %s encoding\n", enc_name(realdata[0]));
        if(xcom == NULL)
@@ -529,6 +546,12 @@ static void process_extra(mpg123_handle *fr, unsigned char* realdata, size_t rea
                if(NOQUIET) error1("Invalid frame size of %lu (too small for anything).", (unsigned long)realsize);
                return;
        }
+       if(encoding > mpg123_id3_enc_max)
+       {
+               if(NOQUIET)
+                       error1("Unknown text encoding %u, I take no chances, sorry!", encoding);
+               return;
+       }
        text = next_text(descr, encoding, realsize-(descr-realdata));
        if(VERBOSE4) fprintf(stderr, "Note: Storing extra from %s encoding\n", enc_name(realdata[0]));
        if(text == NULL)
@@ -681,6 +704,7 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                ,1) \
        )
        /* id3v2.3 does not store synchsafe frame sizes, but synchsafe tag size - doh! */
+       /* Remember: bytes_to_long() can yield ULONG_MAX on 32 bit platforms! */
        #define bytes_to_long(buf,res) \
        ( \
                major == 3 ? \
@@ -700,6 +724,8 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
 
        /* length-10 or length-20 (footer present); 4 synchsafe integers == 28 bit number  */
        /* we have already read 10 bytes, so left are length or length+10 bytes belonging to tag */
+       /* Note: This is an 28 bit value in 32 bit storage, plenty of space for */
+       /* length+x for reasonable x. */
        if(!synchsafe_to_long(buf+2,length))
        {
                if(NOQUIET) error4("Bad tag length (not synchsafe): 0x%02x%02x%02x%02x; You got a bad ID3 tag here.", buf[2],buf[3],buf[4],buf[5]);
@@ -747,16 +773,25 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                        if((ret2 = fr->rd->read_frame_body(fr,tagdata,length)) > 0)
                        {
                                unsigned long tagpos = 0;
+                               /* bytes of frame title and of framesize value */
+                               unsigned int head_part = fr->id3v2.version > 2 ? 4 : 3;
+                               unsigned int flag_part = fr->id3v2.version > 2 ? 2 : 0;
+                               /* The amount of bytes that are unconditionally read for each frame: */
+                               /* ID, size, flags. */
+                               unsigned int framebegin = head_part+head_part+flag_part;
                                debug1("ID3v2: have read at all %lu bytes for the tag now", (unsigned long)length+6);
                                /* going to apply strlen for strings inside frames, make sure that it doesn't overflow! */
                                tagdata[length] = 0;
                                if(flags & EXTHEAD_FLAG)
                                {
                                        debug("ID3v2: skipping extended header");
-                                       if(!bytes_to_long(tagdata, tagpos))
+                                       if(!bytes_to_long(tagdata, tagpos) || tagpos >= length)
                                        {
                                                ret = 0;
-                                               if(NOQUIET) error4("Bad (non-synchsafe) tag offset: 0x%02x%02x%02x%02x", tagdata[0], tagdata[1], tagdata[2], tagdata[3]);
+                                               if(NOQUIET)
+                                                       error4( "Bad (non-synchsafe/too large) tag offset:"
+                                                               "0x%02x%02x%02x%02x"
+                                                       ,       tagdata[0], tagdata[1], tagdata[2], tagdata[3] );
                                        }
                                }
                                if(ret > 0)
@@ -765,12 +800,14 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                                        unsigned long framesize;
                                        unsigned long fflags; /* need 16 bits, actually */
                                        id[4] = 0;
-                                       /* pos now advanced after ext head, now a frame has to follow */
-                                       while(tagpos < length-10) /* I want to read at least a full header */
+                                       /* Pos now advanced after ext head, now a frame has to follow. */
+                                       /* Note: tagpos <= length, which is 28 bit integer, so both */
+                                       /* far away from overflow for adding known small values. */
+                                       /* I want to read at least one full header now. */
+                                       while(length >= tagpos+framebegin)
                                        {
                                                int i = 0;
                                                unsigned long pos = tagpos;
-                                               int head_part = fr->id3v2.version == 2 ? 3 : 4; /* bytes of frame title and of framesize value */
                                                /* level 1,2,3 - 0 is info from lame/info tag! */
                                                /* rva tags with ascending significance, then general frames */
                                                enum frame_types tt = unknown;
@@ -800,12 +837,7 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                                                                break;
                                                        }
                                                        if(VERBOSE3) fprintf(stderr, "Note: ID3v2 %s frame of size %lu\n", id, framesize);
-                                                       tagpos += head_part + framesize; /* the important advancement in whole tag */
-                                                       if(tagpos > length)
-                                                       {
-                                                               if(NOQUIET) error("Whoa! ID3v2 frame claims to be larger than the whole rest of the tag.");
-                                                               break;
-                                                       }
+                                                       tagpos += head_part;
                                                        pos += head_part;
                                                        if(fr->id3v2.version > 2)
                                                        {
@@ -814,6 +846,13 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                                                                tagpos += 2;
                                                        }
                                                        else fflags = 0;
+
+                                                       if(length - tagpos < framesize)
+                                                       {
+                                                               if(NOQUIET) error("Whoa! ID3v2 frame claims to be larger than the whole rest of the tag.");
+                                                               break;
+                                                       }
+                                                       tagpos += framesize; /* the important advancement in whole tag */
                                                        /* for sanity, after full parsing tagpos should be == pos */
                                                        /* debug4("ID3v2: found %s frame, size %lu (as bytes: 0x%08lx), flags 0x%016lx", id, framesize, framesize, fflags); */
                                                        /* %0abc0000 %0h00kmnp */
@@ -873,7 +912,9 @@ int parse_new_id3(mpg123_handle *fr, unsigned long first4bytes)
                                                                        debug2("ID3v2: de-unsync made %lu out of %lu bytes", realsize, framesize);
                                                                }
                                                                pos = 0; /* now at the beginning again... */
-                                                               switch(tt)
+                                                               /* Avoid reading over boundary, even if there is a */
+                                                               /* zero byte of padding for safety. */
+                                                               if(realsize) switch(tt)
                                                                {
                                                                        case comment:
                                                                        case uslt:
index e5f1869..d8782e0 100644 (file)
@@ -84,6 +84,9 @@ static int I_step_one(unsigned int balloc[], unsigned int scale_index[2][SBLIMIT
        return 0;
 }
 
+/* Something sane in place of undefined (-1)<<n. Well, not really. */
+#define MINUS_SHIFT(n) ( (int)(((unsigned int)-1)<<(n)) )
+
 static void I_step_two(real fraction[2][SBLIMIT],unsigned int balloc[2*SBLIMIT], unsigned int scale_index[2][SBLIMIT],mpg123_handle *fr)
 {
        int i,n;
@@ -112,18 +115,18 @@ static void I_step_two(real fraction[2][SBLIMIT],unsigned int balloc[2*SBLIMIT],
                for(sample=smpb,i=0;i<jsbound;i++)
                {
                        if((n=*ba++))
-                       *f0++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15( ((-1)<<n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
+                       *f0++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15(MINUS_SHIFT(n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
                        else *f0++ = DOUBLE_TO_REAL(0.0);
 
                        if((n=*ba++))
-                       *f1++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15( ((-1)<<n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
+                       *f1++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15(MINUS_SHIFT(n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
                        else *f1++ = DOUBLE_TO_REAL(0.0);
                }
                for(i=jsbound;i<SBLIMIT;i++)
                {
                        if((n=*ba++))
                        {
-                               real samp = DOUBLE_TO_REAL_15( ((-1)<<n) + (*sample++) + 1);
+                               real samp = DOUBLE_TO_REAL_15(MINUS_SHIFT(n) + (*sample++) + 1);
                                *f0++ = REAL_MUL_SCALE_LAYER12(samp, fr->muls[n+1][*sca++]);
                                *f1++ = REAL_MUL_SCALE_LAYER12(samp, fr->muls[n+1][*sca++]);
                        }
@@ -144,7 +147,7 @@ static void I_step_two(real fraction[2][SBLIMIT],unsigned int balloc[2*SBLIMIT],
                for(sample=smpb,i=0;i<SBLIMIT;i++)
                {
                        if((n=*ba++))
-                       *f0++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15( ((-1)<<n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
+                       *f0++ = REAL_MUL_SCALE_LAYER12(DOUBLE_TO_REAL_15(MINUS_SHIFT(n) + (*sample++) + 1), fr->muls[n+1][*sca++]);
                        else *f0++ = DOUBLE_TO_REAL(0.0);
                }
                for(i=fr->down_sample_sblimit;i<32;i++)
index a799ba2..a3e7fee 100644 (file)
@@ -1,7 +1,7 @@
 /*
        layer3.c: the layer 3 decoder
 
-       copyright 1995-2009 by the mpg123 project - free software under the terms of the LGPL 2.1
+       copyright 1995-2017 by the mpg123 project - free software under the terms of the LGPL 2.1
        see COPYING and AUTHORS files in distribution or http://mpg123.org
        initially written by Michael Hipp
 
@@ -47,7 +47,7 @@ static real tfcos12[3];
 #ifdef NEW_DCT9
 static real cos9[3],cos18[3];
 static real tan1_1[16],tan2_1[16],tan1_2[16],tan2_2[16];
-static real pow1_1[2][16],pow2_1[2][16],pow1_2[2][16],pow2_2[2][16];
+static real pow1_1[2][32],pow2_1[2][32],pow1_2[2][32],pow2_2[2][32];
 #endif
 #endif
 
@@ -245,7 +245,10 @@ void init_layer3(void)
                tan2_1[i] = DOUBLE_TO_REAL_15(1.0 / (1.0 + t));
                tan1_2[i] = DOUBLE_TO_REAL_15(M_SQRT2 * t / (1.0+t));
                tan2_2[i] = DOUBLE_TO_REAL_15(M_SQRT2 / (1.0 + t));
+       }
 
+       for(i=0;i<32;i++)
+       {
                for(j=0;j<2;j++)
                {
                        double base = pow(2.0,-0.25*(j+1.0));
@@ -696,12 +699,30 @@ static unsigned char pretab_choice[2][22] =
 */
 
 /* 24 is enough because tab13 has max. a 19 bit huffvector */
-#define BITSHIFT ((sizeof(long)-1)*8)
+/* The old code played games with shifting signed integers around in not quite */
+/* legal ways. Also, it used long where just 32 bits are required. This could */
+/* be good or bad on 64 bit architectures ... anyway, making clear that */
+/* 32 bits suffice is a benefit. */
+#if 0
+/* To reconstruct old code, use this: */
+#define MASK_STYPE long
+#define MASK_UTYPE unsigned long
+#define MASK_TYPE MASK_STYPE
+#define MSB_MASK (mask < 0)
+#else
+/* This should be more proper: */
+#define MASK_STYPE int32_t
+#define MASK_UTYPE uint32_t
+#define MASK_TYPE  MASK_UTYPE
+#define MSB_MASK ((MASK_UTYPE)mask & (MASK_UTYPE)1<<(sizeof(MASK_TYPE)*8-1))
+#endif
+#define BITSHIFT ((sizeof(MASK_TYPE)-1)*8)
 #define REFRESH_MASK \
        while(num < BITSHIFT) { \
-               mask |= ((unsigned long)getbyte(fr))<<(BITSHIFT-num); \
+               mask |= ((MASK_UTYPE)getbyte(fr))<<(BITSHIFT-num); \
                num += 8; \
                part2remain -= 8; }
+/* Complicated way of checking for msb value. This used to be (mask < 0). */
 
 static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],int *scf, struct gr_info_s *gr_info,int sfreq,int part2bits)
 {
@@ -716,9 +737,9 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
 
        /* mhipp tree has this split up a bit... */
        int num=getbitoffset(fr);
-       long mask;
+       MASK_TYPE mask;
        /* We must split this, because for num==0 the shift is undefined if you do it in one step. */
-       mask  = ((unsigned long) getbits(fr, num))<<BITSHIFT;
+       mask  = ((MASK_UTYPE) getbits(fr, num))<<BITSHIFT;
        mask <<= 8-num;
        part2remain -= num;
 
@@ -750,7 +771,14 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                        }
                }
        }
+
+#define CHECK_XRPNT if(xrpnt >= &xr[SBLIMIT][0]) \
+{ \
+       if(NOQUIET) \
+               error2("attempted xrpnt overflow (%p !< %p)", (void*) xrpnt, (void*) &xr[SBLIMIT][0]); \
+       return 1; \
+}
+
        if(gr_info->block_type == 2)
        {
                /* decoding with short or mixed mode BandIndex table */
@@ -781,7 +809,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                        const struct newhuff *h = ht+gr_info->table_select[i];
                        for(;lp;lp--,mc--)
                        {
-                               register long x,y;
+                               register MASK_STYPE x,y;
                                if( (!mc) )
                                {
                                        mc    = *m++;
@@ -809,7 +837,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                        const short *val = h->table;
                                        REFRESH_MASK;
 #ifdef USE_NEW_HUFFTABLE
-                                       while((y=val[(unsigned long)mask>>(BITSHIFT+4)])<0)
+                                       while((y=val[(MASK_UTYPE)mask>>(BITSHIFT+4)])<0)
                                        {
                                                val -= y;
                                                num -= 4;
@@ -822,7 +850,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
 #else
                                        while((y=*val++)<0)
                                        {
-                                               if (mask < 0) val -= y;
+                                               if (MSB_MASK) val -= y;
 
                                                num--;
                                                mask <<= 1;
@@ -831,14 +859,15 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                        y &= 0xf;
 #endif
                                }
+                               CHECK_XRPNT;
                                if(x == 15 && h->linbits)
                                {
                                        max[lwin] = cb;
                                        REFRESH_MASK;
-                                       x += ((unsigned long) mask) >> (BITSHIFT+8-h->linbits);
+                                       x += ((MASK_UTYPE) mask) >> (BITSHIFT+8-h->linbits);
                                        num -= h->linbits+1;
                                        mask <<= h->linbits;
-                                       if(mask < 0) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
                                        else         *xrpnt = REAL_MUL_SCALE_LAYER3( ispow[x], v, gainpow2_scale_idx);
 
                                        mask <<= 1;
@@ -846,7 +875,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                else if(x)
                                {
                                        max[lwin] = cb;
-                                       if(mask < 0) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
                                        else         *xrpnt = REAL_MUL_SCALE_LAYER3( ispow[x], v, gainpow2_scale_idx);
 
                                        num--;
@@ -855,14 +884,15 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                else *xrpnt = DOUBLE_TO_REAL(0.0);
 
                                xrpnt += step;
+                               CHECK_XRPNT;
                                if(y == 15 && h->linbits)
                                {
                                        max[lwin] = cb;
                                        REFRESH_MASK;
-                                       y += ((unsigned long) mask) >> (BITSHIFT+8-h->linbits);
+                                       y += ((MASK_UTYPE) mask) >> (BITSHIFT+8-h->linbits);
                                        num -= h->linbits+1;
                                        mask <<= h->linbits;
-                                       if(mask < 0) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
                                        else         *xrpnt = REAL_MUL_SCALE_LAYER3( ispow[y], v, gainpow2_scale_idx);
 
                                        mask <<= 1;
@@ -870,7 +900,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                else if(y)
                                {
                                        max[lwin] = cb;
-                                       if(mask < 0) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
                                        else         *xrpnt = REAL_MUL_SCALE_LAYER3( ispow[y], v, gainpow2_scale_idx);
 
                                        num--;
@@ -887,29 +917,14 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                        const struct newhuff* h;
                        const short* val;
                        register short a;
-                       /*
-                               This is only a humble hack to prevent a special segfault.
-                               More insight into the real workings is still needed.
-                               Especially why there are (valid?) files that make xrpnt exceed the array with 4 bytes without segfaulting, more seems to be really bad, though.
-                       */
-                       #ifdef DEBUG
-                       if(!(xrpnt < &xr[SBLIMIT][0]))
-                       {
-                               if(VERBOSE) debug2("attempted soft xrpnt overflow (%p !< %p) ?", (void*) xrpnt, (void*) &xr[SBLIMIT][0]);
-                       }
-                       #endif
-                       if(!(xrpnt < &xr[SBLIMIT][0]+5))
-                       {
-                               if(NOQUIET) error2("attempted xrpnt overflow (%p !< %p)", (void*) xrpnt, (void*) &xr[SBLIMIT][0]);
-                               return 2;
-                       }
+
                        h = htc+gr_info->count1table_select;
                        val = h->table;
 
                        REFRESH_MASK;
                        while((a=*val++)<0)
                        {
-                               if(mask < 0) val -= a;
+                               if(MSB_MASK) val -= a;
 
                                num--;
                                mask <<= 1;
@@ -949,13 +964,14 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                        }
                                        mc--;
                                }
+                               CHECK_XRPNT;
                                if( (a & (0x8>>i)) )
                                {
                                        max[lwin] = cb;
                                        if(part2remain+num <= 0)
                                        break;
 
-                                       if(mask < 0) *xrpnt = -REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt = -REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
                                        else         *xrpnt =  REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
 
                                        num--;
@@ -973,6 +989,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                        {
                                for(;mc > 0;mc--)
                                {
+                                       CHECK_XRPNT;
                                        *xrpnt = DOUBLE_TO_REAL(0.0); xrpnt += 3; /* short band -> step=3 */
                                        *xrpnt = DOUBLE_TO_REAL(0.0); xrpnt += 3;
                                }
@@ -1018,7 +1035,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
 
                        for(;lp;lp--,mc--)
                        {
-                               long x,y;
+                               MASK_STYPE x,y;
                                if(!mc)
                                {
                                        mc = *m++;
@@ -1039,7 +1056,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                        const short *val = h->table;
                                        REFRESH_MASK;
 #ifdef USE_NEW_HUFFTABLE
-                                       while((y=val[(unsigned long)mask>>(BITSHIFT+4)])<0)
+                                       while((y=val[(MASK_UTYPE)mask>>(BITSHIFT+4)])<0)
                                        {
                                                val -= y;
                                                num -= 4;
@@ -1052,7 +1069,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
 #else
                                        while((y=*val++)<0)
                                        {
-                                               if (mask < 0) val -= y;
+                                               if (MSB_MASK) val -= y;
 
                                                num--;
                                                mask <<= 1;
@@ -1062,14 +1079,15 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
 #endif
                                }
 
+                               CHECK_XRPNT;
                                if(x == 15 && h->linbits)
                                {
                                        max = cb;
                                        REFRESH_MASK;
-                                       x += ((unsigned long) mask) >> (BITSHIFT+8-h->linbits);
+                                       x += ((MASK_UTYPE) mask) >> (BITSHIFT+8-h->linbits);
                                        num -= h->linbits+1;
                                        mask <<= h->linbits;
-                                       if(mask < 0) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
                                        else         *xrpnt++ = REAL_MUL_SCALE_LAYER3( ispow[x], v, gainpow2_scale_idx);
 
                                        mask <<= 1;
@@ -1077,7 +1095,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                else if(x)
                                {
                                        max = cb;
-                                       if(mask < 0) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[x], v, gainpow2_scale_idx);
                                        else         *xrpnt++ = REAL_MUL_SCALE_LAYER3( ispow[x], v, gainpow2_scale_idx);
                                        num--;
 
@@ -1085,14 +1103,15 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                }
                                else *xrpnt++ = DOUBLE_TO_REAL(0.0);
 
+                               CHECK_XRPNT;
                                if(y == 15 && h->linbits)
                                {
                                        max = cb;
                                        REFRESH_MASK;
-                                       y += ((unsigned long) mask) >> (BITSHIFT+8-h->linbits);
+                                       y += ((MASK_UTYPE) mask) >> (BITSHIFT+8-h->linbits);
                                        num -= h->linbits+1;
                                        mask <<= h->linbits;
-                                       if(mask < 0) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
                                        else         *xrpnt++ = REAL_MUL_SCALE_LAYER3( ispow[y], v, gainpow2_scale_idx);
 
                                        mask <<= 1;
@@ -1100,7 +1119,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                else if(y)
                                {
                                        max = cb;
-                                       if(mask < 0) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt++ = REAL_MUL_SCALE_LAYER3(-ispow[y], v, gainpow2_scale_idx);
                                        else         *xrpnt++ = REAL_MUL_SCALE_LAYER3( ispow[y], v, gainpow2_scale_idx);
 
                                        num--;
@@ -1120,7 +1139,7 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                        REFRESH_MASK;
                        while((a=*val++)<0)
                        {
-                               if (mask < 0) val -= a;
+                               if (MSB_MASK) val -= a;
 
                                num--;
                                mask <<= 1;
@@ -1153,13 +1172,14 @@ static int III_dequantize_sample(mpg123_handle *fr, real xr[SBLIMIT][SSLIMIT],in
                                        }
                                        mc--;
                                }
+                               CHECK_XRPNT;
                                if( (a & (0x8>>i)) )
                                {
                                        max = cb;
                                        if(part2remain+num <= 0)
                                        break;
 
-                                       if(mask < 0) *xrpnt++ = -REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
+                                       if(MSB_MASK) *xrpnt++ = -REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
                                        else         *xrpnt++ =  REAL_SCALE_LAYER3(v, gainpow2_scale_idx);
 
                                        num--;
index cc1c9ae..b1cecc9 100644 (file)
@@ -1,7 +1,8 @@
 /*
        stringbuf: mimicking a bit of C++ to more safely handle strings
 
-       copyright 2006-10 by the mpg123 project - free software under the terms of the LGPL 2.1
+       copyright 2006-17 by the mpg123 project
+           - free software under the terms of the LGPL 2.1
        see COPYING and AUTHORS files in distribution or http://mpg123.org
        initially written by Thomas Orgis
 */
@@ -86,7 +87,8 @@ int attribute_align_arg mpg123_copy_string(mpg123_string* from, mpg123_string* t
 
        if(mpg123_resize_string(to, fill))
        {
-               memcpy(to->p, text, fill);
+               if(fill) /* Avoid memcpy(NULL, NULL, 0) */
+                       memcpy(to->p, text, fill);
                to->fill = fill;
                return 1;
        }