If probe_codec is called with pkt == NULL, it sets probe_packets to 0
and request_probe to -1.
However, request_probe can change when calling s->iformat->read_packet
and thus a probe_packets value of 0 doesn't guarantee a request_probe
value of -1.
In that case calling probe_codec again is necessary to prevent
triggering the assert.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit a5b4476a60)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This assert can with crafted files fail, a warning is already printed
for this case.
Fixes assertion failure
Fixes:1/assert.avi
Found-by: 连一汉 <lianyihan@360.cn>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 14bac7e00d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes assertion failure
Found-by: durandal117
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2834313933)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit deabcd2c05)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When there is only one stream and stream_index has not specified,
The ts has been transferd by the timebase of stream0 without modifying the stream_index
In this condation it cause seek failure.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ecc04b4f2f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Actual allocation size is computed as (count + 1)*sizeof(meta_keys), so
we need to check that (count + 1) won't cause overflow.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 347cb14b7c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5800
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c75273310c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array read
Fixes: 049fdf78565f1ce5665df236d90f8657/asan_heap-oob_10a5a97_1026_42f9d4855547329560f385768de2f3fb.wtv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cc5e5548df)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If negative pts are possible for some codecs in ogg then the code needs to be
changed to use signed values.
Found-by: Thomas Guilbert <tguilbert@google.com>
Fixes: clusterfuzz_usan-2016-08-02
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c5cc3b08e5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes crash in avformat_open_input() when accessing
protocol_whitelist field.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e947b75b1c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4cc896ea5f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5428
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d0b21b28a3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes part of Ticket5648
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e8931d79cc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes mis-detection of tiff as mpegts
Fixes Ticket5565
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00c4861f13)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Improves score for 1000-frames-of-noise-encoded-with-lame.mp3 without file extension
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5fd73948bb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When multiple threads tries to call av_register_all(), the first thread sets
initialized to 1 and do the register process. At the same time, other thread might
also call av_register_all(), which returns immediately because initialized is set to 1
(even when it has not completed registering codecs). We can avoid this problem
if we set initialised to 1 while exiting from function.
Github: Closes#196
(cherry picked from commit b092ee701f)
Conflicts:
libavformat/allformats.c
Fixes: usan_granule_overflow
constant type fix by commiter
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1a82d2cf8f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: usan_granule_overflow
Found-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c1ed78a591)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: usan_granule_overflow
Found-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2be3007ed5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5498
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d08f2c172f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes division by 0 in fate-acodec-ra144
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 635b2ec5f2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Leaking this private structure opens up the possibility that it may
be re-used when parsing later packets in the stream. This is
problematic if the later packets are not the same codec type (e.g.
private allocated during Vorbis parsing, but later packets are Opus
and the private is assumed to be the oggopus_private type in
opus_header()).
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 542f725964)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Larger values would imply file durations of astronomic proportions and cause
overflows
Fixes integer overflow
Fixes: usan_int64_overflow
Found-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8efaee3710)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5443
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 11db7eee9b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Original mail and my own followup on ffmpeg-user earlier today:
I have a device sending out a MJPEG/RTP stream on a low quality setting.
Decoding and displaying the video with libavformat results in a washed
out, low contrast, greyish image. Playing the same stream with VLC results
in proper color representation.
Screenshots for comparison:
http://zevv.nl/div/libav/shot-ffplay.jpghttp://zevv.nl/div/libav/shot-vlc.jpg
A pcap capture of a few seconds of video and SDP file for playing the
stream are available at
http://zevv.nl/div/libav/mjpeg.pcaphttp://zevv.nl/div/libav/mjpeg.sdp
I believe the problem might be in the calculation of the quantization
tables in the function create_default_qtables(), the attached patch
solves the issue for me.
The problem is that the argument 'q' is of the type uint8_t. According to the
JPEG standard, if 1 <= q <= 50, the scale factor 'S' should be 5000 / Q.
Because the create_default_qtables() reuses the variable 'q' to store the
result of this calculation, for small values of q < 19, q wil subsequently
overflow and give wrong results in the calculated quantization tables. The
patch below uses a new variable 'S' (same name as in RFC2435) with the proper
range to store the result of the division.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e3e6a2cff4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Simplifies code
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 50d017a281)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5287
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit efa98cdc2f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b2ab3398f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is safer, as a selected demuxer could still mean that it was auto-detected
by a user application
Reviewed-previously-by: Nicolas George <george@nsup.org>
Reviewed-previously-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 689211d572)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit de1de49324)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
RTCP synchronization packet was broken since commit in ffmpeg version > 2.8.3
(commit: e04b039b15) Since this commit (2e814d0329)
"rtpenc: Simplify code by introducing a macro for rescaling NTP timestamps", NTP_TO_RTP_FORMAT
uses av_rescale_rnd() function to add the data to the packet.
This causes an overflow in the av_rescale_rnd() function and it will return INT64_MIN.
Causing the NTP stamp in the RTCP packet to have an invalid value.
Github: Closes#182
Reverting commit '2e814d0329aded98c811d0502839618f08642685' solves the problem.
(cherry picked from commit 1109ed7973)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 554f6e930c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
I discovered that ffserver streaming was broken (it seems like it has been since 20th November) and I opened a ticket for this (https://trac.ffmpeg.org/ticket/5250 <https://trac.ffmpeg.org/ticket/5250>).
I spent yesterday learning git bisect (with the kind help of cehoyos) to painstakingly track down the cause. This was made more difficult due to the presence of a segfault in ffserver during the period where the bug was introduced so I first had to identify when and how that was fixed and then retrospectively apply that fix again for each step of the second git bisect to find the actual bug.
Anyway, the fruits of my labour are the innocent looking patch below to correct a couple of typos and define a valid range for two variables.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a2f8beef2d)
This avoid "libavformat/genh.c:43:14: warning: variable coef_splitted set but not used"
Fewer warnings makes it easier to see new and important warnings
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Currently it is broken when explicitly using the file protocol, it uses an
insecure temporary file name, and in commit b4431c80 disabling the option by
default was already considered. Also it is not very consistent to have such an
option for one particular muxer.
Signed-off-by: Marton Balint <cus@passwd.hu>
This also deprecates our old duplicated callbacks.
* commit '9f61abc8111c7c43f49ca012e957a108b9cc7610':
lavf: allow custom IO for all files
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
The UUID is based on http://www.adobe.com/devnet/xmp.html
The patch is made according to XMP SPECIFICATION PART 3 - STORAGE IN
FILES See Table 8
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Silences: CID1351343
The header is calculated by the code above the changed hunk, it is
thus asserted that the header is always correct.
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This can provide a manual workaround for ticket #4230.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
Checked compatiblity with VLC, Windows Media Player 12 and Windows Media ASF
Viewer 9 series.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
Note to maintainers: update tools
Note to maintainers: set a default whitelist for your protocol
If that makes no sense then consider to set "none" and thus require the user to specify a white-list
for sub-protocols to be opened
Note, testing and checking for missing changes is needed
Reviewed-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This reverts commit 8ed82d8174.
SMPTE S377-1-2009c defines in F.4.1 that the Video Line Map should
always be an array with two 32 bit integers as elements. This is
repeated in G.2.12 with actual examples for progressive content,
where the second value would always be 0.
Additionally, the IRT MXF analyser also lists this as the only
error in the MXF output from ffmpeg: https://mxf-analyser-cloud.irt.de
Reviewed-by: Tomas Härdin <tomas.hardin@codemill.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This can cause problems with urls that have arguments after the filename
This reverts commit b0c57206d5.
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Due to this bug in VC++ 2015 Update 1:
https://connect.microsoft.com/VisualStudio/feedback/details/2291638
the 'key' array in ff_read_riff_info() ends up being not null
terminated which led to failures in a Chromium unit tests. Update 2
should have a fix, but until then it is important to avoid problems.
The index creation is O(N^2) with number of entries (typically thousands).
On a Pi this can take more than 60 seconds to execute for a recording of a few hours.
By replacing with an O(N) loop, this takes virtually zero time
Liked-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Decodes YUV 4:2:2 10-bit and RGB 12-bit files.
Older files with more subbands, skips, Bayer, alpha not supported.
Alpha requires addition of GBRAP12 pixel format.
Some muxer use the FLV field PreviousTagSize to be the sum of tag
length. Without this change, the flv demuxer think the file is broken
and the re-sync will fail.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This option can force the segmenter to only start a new segment if a packet
reaches the muxer within the specified duration after the segmenting clock
time, which makes it more resilient to backward local time jumps, such as leap
seconds or transition to standard time from daylight savings time.
Reviewed-by: Stefano Sabatini <stefasab@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
Libav, for some reason, merged this as a public API function. This will
aid in future merges.
A define is left for backwards compat, just in case some person
used it, since it is in a public header.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
commit "avpacket: Deprecate av_dup_packet" broke the use
av_interleaved_write_uncoded_frame as any input uncoded frame has an
invalid packet size that will crash when av_packet_ref tries to allocate
'size' new memory. Since the packet is a temporary created within mux.c
itself it can be used directly without needing a new ref.
Signed-off-by: Matt Oliver <protogonoi@gmail.com>
The purpose of this patch is to preserve timestamps when using ffmpeg for publishing RTMP streams, e.g. ffmpeg -i rtmp://source/stream -f flv rtmp://target/stream.
There is a setting "copyts" for that purpose. Unfortunately it doesn't work with FLV muxer because it has its own timestamp correction which makes global setting "copyts" ineffective.
This patch removes timestamp correction in FLV muxer. This means FLV will rely on ffmpeg timestamp correction which makes it possible to use copyts.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Possibly the check as a whole causes more problems than it helps, if so dont
hesitate to remove it
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Some (de)muxers open additional files beyond the main IO context.
Currently, they call avio_open() directly, which prevents the caller
from using custom IO for such streams.
This commit adds callbacks to AVFormatContext that default to
avio_open2()/avio_close(), but can be overridden by the caller. All
muxers and demuxers using AVIO are switched to using those callbacks
instead of calling avio_open()/avio_close() directly.
(de)muxers that use the URLProtocol layer directly instead of AVIO
remain unconverted for now. This should be fixed in later commits.
adds two new options that may be set via the dictionary:
- send_buffer_size
- recv_buffer_size
When present, setsockopt() is used with SO_SNDBUF and SO_RCVBUF to set
socket buffer sizes. I chose to make send and receive independent
because buffering requirements are often asymmetric.
Errors in setting the buffer size mean the socket will use its
default, so they are ignored.
There is no sanity checking on values, as the kernel/socket layers
already impose reasonable limits if asked for something crazy.
Rationale for enlarging receive buffers is to reduce susceptibility
to intermittent network delays/congestion. I added setting the send
buffer for symmetry.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This feature is mostly only used by NLE software, and is
both of dubious value being enabled by default, and a
possible security risk.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
This feature is not know much or used much AFAIK, and it might be helpfull in
exploits.
No specific case is known where it can be used in an exploit though
subsequent commits depend on this commit though
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
With this, user applications which use custom IO and have set a IO context will not have
their already opened IO context ignored and glob/seq being interpreted
Comments and tests from maintainers of user apps are welcome!
Liked-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This feature is mostly only used by NLE software, and is
both of dubious value being enabled by default, and a
possible security risk.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
For http, this avoids spurious warnings about failed requests (e.g.
HTTP error 416 Requested Range Not Satisfiable), if the last packet
is truncated and the size read is bogus.
Signed-off-by: Martin Storsjö <martin@martin.st>
When loading a truncated flv file, it would previously try to do a seek to
the end of every packet read. For some input protocols (such as http), such
repeated seek attempts are cripple the reading performance.
Signed-off-by: Martin Storsjö <martin@martin.st>
