search for: _zzi

...5-08-17 09:58:23.000000000 +0200 +++ test/lib/decode.c 2005-08-20 11:19:04.052143250 +0200 @@ -1083,53 +1083,53 @@ to. This is updated before the function returns.*/ typedef void (*oc_token_expand_func)(int _token,int _extra_bits, - ogg_int16_t _dct_coeffs[64],int *_zzi); + ogg_int16_t _dct_coeffs[128],int *_zzi); /*Expands a zero run token.*/ void oc_token_expand_zrl(int _token,int _extra_bits, - ogg_int16_t _dct_coeffs[64],int *_zzi){ + ogg_int16_t _dct_coeffs[128],int *_zzi){ int zzi; zzi=*_zzi; - do _dct_coeffs[OC_FZIG_ZAG[zzi++]]=0; + do _dct_coef...

...ted literally, since that routine doesn't know the number of coded blocks, much less the array TIS, which is never explicitly constructed in my decoder implementation. It just returns a really big number instead.) This should prevent overflow in decoder.c:895 while(cfi+eobs<_ntoks_left[pli][_zzi]){ Alternatively that could be rewritten while(eobs<_ntoks_left[pli][_zzi]-cfi){ But I'm not positive that's the only place using eobs could overflow. I thought I checked, but clearly I missed at least one. Let's get rid of all of them at once. That should at least make the decoder...