From 01eb9805f37835e20501134ae26e379140fe3239 Mon Sep 17 00:00:00 2001 From: Sergey Radionov Date: Fri, 23 Dec 2011 10:37:48 +0700 Subject: [PATCH 1/9] w32thread: call ResetEvent() in pthread_cond_broadcast(). Also add "volatile" to broadcast flag (since it is used from multiple threads). Signed-off-by: Ronald S. Bultje --- libavcodec/w32pthreads.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavcodec/w32pthreads.h b/libavcodec/w32pthreads.h index 3cdbc2c343..70b84cf2e1 100644 --- a/libavcodec/w32pthreads.h +++ b/libavcodec/w32pthreads.h @@ -120,7 +120,7 @@ typedef struct { volatile int waiter_count; HANDLE semaphore; HANDLE waiters_done; - int is_broadcast; + volatile int is_broadcast; } win32_cond_t; static void pthread_cond_init(pthread_cond_t *cond, const void *unused_attr) @@ -187,6 +187,7 @@ static void pthread_cond_broadcast(pthread_cond_t *cond) ReleaseSemaphore(win32_cond->semaphore, win32_cond->waiter_count, NULL); pthread_mutex_unlock(&win32_cond->mtx_waiter_count); WaitForSingleObject(win32_cond->waiters_done, INFINITE); + ResetEvent(win32_cond->waiters_done); win32_cond->is_broadcast = 0; } else pthread_mutex_unlock(&win32_cond->mtx_waiter_count); From 82d05e78a60d5b2b3ecfaa3aa232df518c351274 Mon Sep 17 00:00:00 2001 From: Anton Khirnov Date: Thu, 22 Dec 2011 17:32:29 +0100 Subject: [PATCH 2/9] allfilters: fix type of avfilter_vsrc_buffer. --- libavfilter/allfilters.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavfilter/allfilters.c b/libavfilter/allfilters.c index a6f17317e9..ba66941002 100644 --- a/libavfilter/allfilters.c +++ b/libavfilter/allfilters.c @@ -91,7 +91,7 @@ void avfilter_register_all(void) /* vsrc_buffer is a part of public API => registered unconditionally */ { - extern avfilter_vsrc_buffer; + extern AVFilter avfilter_vsrc_buffer; avfilter_register(&avfilter_vsrc_buffer); } } From bc6a3bd4a544608211f006e2d2868cbed4e1fde6 Mon Sep 17 00:00:00 2001 From: Alexander Strange Date: Mon, 12 Dec 2011 18:13:39 -0500 Subject: [PATCH 3/9] h264: Fix a possible overread in decode_nal_units() Signed-off-by: Anton Khirnov --- libavcodec/h264.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/h264.c b/libavcodec/h264.c index a9a10513e3..2bde0fec2a 100644 --- a/libavcodec/h264.c +++ b/libavcodec/h264.c @@ -3764,7 +3764,7 @@ static int decode_nal_units(H264Context *h, const uint8_t *buf, int buf_size){ int err; if(buf_index >= next_avc) { - if(buf_index >= buf_size) break; + if (buf_index >= buf_size - h->nal_length_size) break; nalsize = 0; for(i = 0; i < h->nal_length_size; i++) nalsize = (nalsize << 8) | buf[buf_index++]; From d09298f0d6057ec2e310aebc8955df14dc844a09 Mon Sep 17 00:00:00 2001 From: Anton Khirnov Date: Thu, 22 Dec 2011 15:40:26 +0100 Subject: [PATCH 4/9] 4xm: remove unused variables. --- libavcodec/4xm.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/libavcodec/4xm.c b/libavcodec/4xm.c index 1c49ff1eba..83f0a12f1c 100644 --- a/libavcodec/4xm.c +++ b/libavcodec/4xm.c @@ -650,8 +650,6 @@ static int decode_i_frame(FourXContext *f, const uint8_t *buf, int length){ int x, y; const int width= f->avctx->width; const int height= f->avctx->height; - uint16_t *dst= (uint16_t*)f->current_picture.data[0]; - const int stride= f->current_picture.linesize[0]>>1; const unsigned int bitstream_size= AV_RL32(buf); int token_count av_unused; unsigned int prestream_size; @@ -695,7 +693,6 @@ static int decode_i_frame(FourXContext *f, const uint8_t *buf, int length){ idct_put(f, x, y); } - dst += 16*stride; } if(get_vlc2(&f->pre_gb, f->pre_vlc.table, ACDC_VLC_BITS, 3) != 256) From 846dca1aa315ebb65845a8e4774a31e368cc463d Mon Sep 17 00:00:00 2001 From: Janne Grunau Date: Fri, 23 Dec 2011 10:14:15 +0100 Subject: [PATCH 5/9] pthread: include sys/types.h before sys/sysctl.h Fixes compilation on FreeBSD with clang 3. --- libavcodec/pthread.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/pthread.c b/libavcodec/pthread.c index 0b57156b99..89141504f8 100644 --- a/libavcodec/pthread.c +++ b/libavcodec/pthread.c @@ -37,8 +37,8 @@ #elif HAVE_GETSYSTEMINFO #include #elif HAVE_SYSCTL -#include #include +#include #endif #include "avcodec.h" From 7052618c7ed6e907434b2b6ef18e77b9d2644676 Mon Sep 17 00:00:00 2001 From: Janne Grunau Date: Fri, 23 Dec 2011 11:10:37 +0100 Subject: [PATCH 6/9] threads: check defines before using them in automatic thread detection --- libavcodec/pthread.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/pthread.c b/libavcodec/pthread.c index 89141504f8..f842edf861 100644 --- a/libavcodec/pthread.c +++ b/libavcodec/pthread.c @@ -152,7 +152,7 @@ typedef struct FrameThreadContext { static int get_logical_cpus(AVCodecContext *avctx) { int ret, nb_cpus = 1; -#if HAVE_SCHED_GETAFFINITY +#if HAVE_SCHED_GETAFFINITY && defined(CPU_COUNT) cpu_set_t cpuset; CPU_ZERO(&cpuset); @@ -165,7 +165,7 @@ static int get_logical_cpus(AVCodecContext *avctx) SYSTEM_INFO sysinfo; GetSystemInfo(&sysinfo); nb_cpus = sysinfo.dwNumberOfProcessors; -#elif HAVE_SYSCTL +#elif HAVE_SYSCTL && defined(HW_NCPU) int mib[2] = { CTL_HW, HW_NCPU }; size_t len = sizeof(nb_cpus); From be00d2e1744d5e7853d8d4ebfc109780036db0f8 Mon Sep 17 00:00:00 2001 From: Reinhard Tartler Date: Sun, 6 Nov 2011 11:12:04 +0100 Subject: [PATCH 7/9] Prepare for 0.8_beta1 snapshot release --- Changelog | 3 ++- RELEASE | 2 +- doc/RELEASE_NOTES | 50 +++++++++++++++++++++++------------------------ 3 files changed, 27 insertions(+), 28 deletions(-) diff --git a/Changelog b/Changelog index 58568c2c3d..263e6d939d 100644 --- a/Changelog +++ b/Changelog @@ -2,7 +2,8 @@ Entries are sorted chronologically from oldest to youngest within each release, releases are sorted from youngest to oldest. -version : +version 0.8_beta1: + - BWF muxer - Flash Screen Video 2 decoder - ffplay/ffprobe/ffserver renamed to avplay/avprobe/avserver diff --git a/RELEASE b/RELEASE index eb49d7c7fd..8e0f8bcd44 100644 --- a/RELEASE +++ b/RELEASE @@ -1 +1 @@ -0.7 +0.8_beta1 diff --git a/doc/RELEASE_NOTES b/doc/RELEASE_NOTES index 97875e9360..f857a183fd 100644 --- a/doc/RELEASE_NOTES +++ b/doc/RELEASE_NOTES @@ -1,22 +1,29 @@ Release Notes ============= -* 0.7 "The Big Bump" June, 2011 +* 0.8 "Forbidden Fruit" General notes ------------- -This release enables frame-based multithreaded decoding for a number of codecs, -including VP8, H.263 and H.264. Additionally, there has been a major cleanup of -both internal and external APIs. For this reason, the major versions of all -libraries have been bumped. On the one hand, this means that 0.7 can be installed -side-by-side with previous releases, on the other hand, in order to benefit -from the new features, applications need to be recompiled. +This release continues the API cleanups that have begun with the +previous release. While it is binary compatible with 0.7, many parts of +the public API were deprecated and will be removed in the git master and +later releases. Please consult the doc/APIchanges file to see intended +replacements for the deprecated APIs. -Other important changes are additions of decoders including, but not limited to, -AMR-WB, single stream LATM/LOAS, G.722 ADPCM, a native VP8 decoder -and HE-AACv2. Additionally, many new de/muxers such as WebM in Matroska, Apple -HTTP Live Streaming, SAP, IEC 61937 (S/PDIF) have been added. +Furthermore, our work on the 'ffmpeg' command-line tool has resulted in +major revisions to its interface. In order to not break existing scripts +and applications, we have chosen to introduce a new tool called +'avconv', and keep the traditional 'ffmpeg' frontend for end-user's +convenience. Please see the Changelog file for details how 'avconv' +differs from 'ffmpeg'. + +Additionally, this release introduces a number of new interesting codecs +such as the Apple Prores, Flash Screen Video 2 and Windows Media Image, +and muxers such as LATM or CELT in Ogg, among many others. Moreover, our +H.264 decoder has been improved to decode 4:2:2 material and our libx264 +wrapper now allows to produce 4:2:2 and 4:4:4 video. See the Changelog file for a list of significant changes. @@ -30,23 +37,14 @@ report against the development code following the usual bug reporting guidelines API changes ----------- -Please see the file doc/APIchanges for programmer-centric information. Note that a -lot of long-time deprecated APIs have been removed. Also, a number of additional -APIs have been deprecated and are scheduled for removal in the next release. +A number of additional APIs have been introduced and some existing +functions have been deprecated and are scheduled for removal in the next +release. Please see the file doc/APIchanges for details along with +similar programmer-centric information. + Other notable changes --------------------- -- many ARM NEON optimizations -- libswscale cleanup started, optimizations should become easier in the future -- nonfree libfaad support for AAC decoding removed -- 4:4:4 H.264 decoding -- 9/10bit H.264 decoding -- Win64 Assembler support -- native MMSH/MMST support -- Windows TV demuxing -- native AMR-WB decoding -- native GSM-MS decoding -- SMPTE 302M decoding -- AVS encoding +Please see the Changelog file for a more detailed list of changes. From 6e24b9488e67849a28e64a8056e05f83cf439229 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 18 Nov 2011 19:10:21 +0100 Subject: [PATCH 8/9] svq1dec: call avcodec_set_dimensions() after dimensions changed. Fixes NGS00148, CVE-2011-4579 Found-by: Phillip Langlois Signed-off-by: Michael Niedermayer --- libavcodec/svq1dec.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/svq1dec.c b/libavcodec/svq1dec.c index 7eb6e607d1..69dbd1b25d 100644 --- a/libavcodec/svq1dec.c +++ b/libavcodec/svq1dec.c @@ -659,6 +659,7 @@ static int svq1_decode_frame(AVCodecContext *avctx, av_dlog(s->avctx, "Error in svq1_decode_frame_header %i\n",result); return result; } + avcodec_set_dimensions(avctx, s->width, s->height); //FIXME this avoids some confusion for "B frames" without 2 references //this should be removed after libavcodec can handle more flexible picture types & ordering From 8b94df0f2047e9728cb872adc9e64557b7a5152f Mon Sep 17 00:00:00 2001 From: Reinhard Tartler Date: Sun, 4 Dec 2011 10:10:33 +0100 Subject: [PATCH 9/9] vp3dec: Check coefficient index in vp3_dequant() Based on a patch by Michael Niedermayer Fixes NGS00145, CVE-2011-4352 Found-by: Phillip Langlois Signed-off-by: Reinhard Tartler --- libavcodec/vp3.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c index 51ab048ac0..f44d084dbd 100644 --- a/libavcodec/vp3.c +++ b/libavcodec/vp3.c @@ -1363,6 +1363,10 @@ static inline int vp3_dequant(Vp3DecodeContext *s, Vp3Fragment *frag, case 1: // zero run s->dct_tokens[plane][i]++; i += (token >> 2) & 0x7f; + if (i > 63) { + av_log(s->avctx, AV_LOG_ERROR, "Coefficient index overflow\n"); + return i; + } block[perm[i]] = (token >> 9) * dequantizer[perm[i]]; i++; break; @@ -1566,7 +1570,10 @@ static void render_slice(Vp3DecodeContext *s, int slice) /* invert DCT and place (or add) in final output */ if (s->all_fragments[i].coding_method == MODE_INTRA) { - vp3_dequant(s, s->all_fragments + i, plane, 0, block); + int index; + index = vp3_dequant(s, s->all_fragments + i, plane, 0, block); + if (index > 63) + continue; if(s->avctx->idct_algo!=FF_IDCT_VP3) block[0] += 128<<3; s->dsp.idct_put( @@ -1574,7 +1581,10 @@ static void render_slice(Vp3DecodeContext *s, int slice) stride, block); } else { - if (vp3_dequant(s, s->all_fragments + i, plane, 1, block)) { + int index = vp3_dequant(s, s->all_fragments + i, plane, 1, block); + if (index > 63) + continue; + if (index > 0) { s->dsp.idct_add( output_plane + first_pixel, stride,