1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

42 Commits

Author SHA1 Message Date
Michael Niedermayer
d492fc3e5e
avformat/sbgdec: Check for negative duration
Fixes: signed integer overflow: 9223372036854775807 - -8000000 cannot be represented in type 'long'
Fixes: 62276/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-5133181743136768

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0bed22d597)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-03 02:03:56 +02:00
Michael Niedermayer
9b00b5734d
avformat/sbgdec: Check for negative duration or un-representable end pts
Fixes: signed integer overflow: 9230955872951340 - -9223372036854775808 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6330481893572608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 18:56:27 +02:00
Michael Niedermayer
a9137110ed
avformat/sbgdec: Check for period overflow
Fixes: signed integer overflow: 4481246996173000000 - -4778576820000000000 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-5063670588899328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-03 20:09:51 +02:00
Andreas Rheinhardt
7a2b587dea avformat/sbgdec: Use avio_read_to_bprint() where appropriate
Note: There is a slight difference in the handling of
the max_file_size option: The earlier code used it to mean
to limit the size of the buffer to allocate; the new code
treats it more literally as maximum size to read from
the input.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-08-09 23:36:12 +02:00
Michael Niedermayer
5f529e9147
avformat/sbgdec: Check ts_int in genrate_intervals
There is probably a better place to check for this, but better
here than nowhere

Fixes: signed integer overflow: -9223372036824775808 - 86400000000 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6601162580688896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:41 +02:00
Michael Niedermayer
981f5e46af
avformat/sbgdec: clamp end_ts
Fixes: signed integer overflow: 9223372036851135042 + 15666854 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6573717339111424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:29 +02:00
Anton Khirnov
5bcf9029c8 sbg: convert to new channel layout API
Signed-off-by: James Almer <jamrial@gmail.com>
2022-03-15 09:42:36 -03:00
Andreas Rheinhardt
40bdd8cc05 avformat: Avoid allocation for AVStreamInternal
Do this by allocating AVStream together with the data that is
currently in AVStreamInternal; or rather: Put AVStream at the
beginning of a new structure called FFStream (which encompasses
more than just the internal fields and is a proper context in its own
right, hence the name) and remove AVStreamInternal altogether.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-09-17 13:22:25 +02:00
Michael Niedermayer
f624c92d4c avformat/sbgdec: Check for t0 overflow in expand_tseq()
Fixes: signed integer overflow: 4611686025627387904 + 4611686025627387904 cannot be represented in type 'long'
Fixes: 35489/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-4862678601433088

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-09-16 18:41:10 +02:00
Michael Niedermayer
2768928624 avformat/sbgdec: Check opt_duration and start for overflow
Fixes: signed integer overflow: 2788626175500000000 + 7118941284000000000 cannot be represented in type 'long'
Fixes: 35215/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6123272247836672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-09-15 14:57:36 +02:00
Michael Niedermayer
9dbed90840 avformat/sbgdec: Check for overflow in timestamp preparation
Fixes: signed integer overflow: 9223372036854775807 + 86400000000 cannot be represented in type 'long'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6731040263634944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-07-31 22:08:38 +02:00
Andreas Rheinhardt
1be3d8a0cb avcodec/avcodec: Stop including channel_layout.h in avcodec.h
Also include channel_layout.h directly wherever used.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-07-22 11:14:31 +02:00
James Almer
591b88e678 avformat: move AVStream.{first,cur}_dts to AVStreamInternal
They are private fields, no reason to have them exposed in a public header.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-06-09 13:55:25 -03:00
James Almer
fab2ed4704 avformat: move AVStream.probe_packets to AVStreamInternal
It's a private fields, no reason to have it exposed in a public header.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-05-07 09:27:20 -03:00
Andreas Rheinhardt
bc70684e74 avformat: Constify all muxer/demuxers
This is possible now that the next-API is gone.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2021-04-27 11:48:06 -03:00
Michael Niedermayer
f44068db1e avformat/sbgdec: Check for overflow in last loop in expand_timestamps()
Fixes: signed integer overflow: 9223372036854775807 + 86400000000 cannot be represented in type 'long'
Fixes: 31003/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6256298771480576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-26 15:53:30 +01:00
Michael Niedermayer
5441699f83 avformat/sbgdec: Use av_sat_add64() in str_to_time()
Fixes: signed integer overflow: 7279992792120000000 + 4611686018427387904 cannot be represented in type 'long long'
Fixes: 29744/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6434060249464832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-01 19:03:53 +01:00
Michael Niedermayer
ac6c8993f7 avformat/sbgdec: Reduce the amount of floating point in str_to_time()
Fixes: 1e+75 is outside the range of representable values of type 'long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6626834808700928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-19 00:05:50 +01:00
Michael Niedermayer
9ef60a66f1 avformat/sbgdec: Check that end is not before start
Fixes: signed integer overflow: -9223372036854775808 + -5279949906739200 cannot be represented in type 'long'
Fixes: 26908/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6329610851319808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-11 17:05:24 +01:00
Michael Niedermayer
685ed1cbd1 avformat/sbgdec: Check for timestamp overflow in parse_time_sequence()
Fixes: signed integer overflow: 3458015007900000256 + 6425686373040000000 cannot be represented in type 'long'
Fixes: 26430/clusterfuzz-testcase-minimized-ffmpeg_dem_BRSTM_fuzzer-5761175004119040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-10-20 10:27:31 +02:00
Michael Niedermayer
b6663adaae avformat/sbgdec: Check for overflow in parse_timestamp()
Fixes: signed integer overflow: 33986707200000000 + 9195561788997000192 cannot be represented in type 'long'
Fixes: 23790/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6554232198266880

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-07-20 19:47:27 +02:00
Andreas Rheinhardt
c1e439d7e9 avformat: Forward errors where possible
It is not uncommon to find code where the caller thinks to know better
what the return value should be than the callee. E.g. something like
"if (av_new_packet(pkt, size) < 0) return AVERROR(ENOMEM);". This commit
changes several instances of this to instead forward the actual error.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-12 19:25:33 +01:00
Michael Niedermayer
2a0f23b9d6 avformat/sbgdec: Fixes integer overflow in str_to_time() with hours
Fixes: signed integer overflow: 904444 * 3600 cannot be represented in type 'int'
Fixes: 15113/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5764083346833408

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-14 21:36:39 +02:00
Carl Eugen Hoyos
4d8875ec23 lavf: Constify the probe function argument.
Reviewed-by: Lauri Kasanen
Reviewed-by: Tomas Härdin
2019-03-21 11:42:17 +01:00
Andreas Cadhalpun
dbefbb61b7 sbgdec: prevent NULL pointer access
Reviewed-by: Josh de Kock <josh@itanimul.li>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
2016-11-23 01:16:42 +01:00
Derek Buitenhuis
6f69f7a8bf Merge commit '9200514ad8717c63f82101dc394f4378854325bf'
* commit '9200514ad8717c63f82101dc394f4378854325bf':
  lavf: replace AVStream.codec with AVStream.codecpar

This has been a HUGE effort from:
    - Derek Buitenhuis <derek.buitenhuis@gmail.com>
    - Hendrik Leppkes <h.leppkes@gmail.com>
    - wm4 <nfxjfg@googlemail.com>
    - Clément Bœsch <clement@stupeflix.com>
    - James Almer <jamrial@gmail.com>
    - Michael Niedermayer <michael@niedermayer.cc>
    - Rostislav Pehlivanov <atomnuker@gmail.com>

Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2016-04-10 20:59:55 +01:00
Michael Niedermayer
ce4e57dbb5 avformat/sbgdec: Check alloc_array_elem() return value
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-06-02 16:42:33 +02:00
Clément Bœsch
14f3e8b821 avformat/sbgdec: remove double ;; 2015-01-18 00:36:56 +01:00
Michael Niedermayer
5ece4f8b73 avformat/sbgdec: Use localtime_r() for thread saftey
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-02 20:08:59 +01:00
Paul B Mahol
a807c68253 avformat: use ff_alloc_extradata()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2013-10-13 20:13:38 +00:00
Nicolas George
ca4872e887 lavf/sbgdec: use proper constants for av_log(). 2012-11-24 23:56:52 +01:00
Nicolas George
e9b8523d52 sbgdec: dont set slide to a uninitialized value
Fixed CID703833
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-11-06 21:46:22 +01:00
Michael Niedermayer
d46c1c72e4 Merge commit 'e6153f173a49e5bfa70b0c04d2f82930533597b9'
* commit 'e6153f173a49e5bfa70b0c04d2f82930533597b9':
  avopt: Store defaults for AV_OPT_TYPE_INT in the i64 union member

Conflicts:
	libavcodec/libopenjpegdec.c
	libavcodec/libopenjpegenc.c
	libavcodec/libx264.c
	libavcodec/mpeg12enc.c
	libavcodec/options_table.h
	libavcodec/snowenc.c
	libavcodec/tiffenc.c
	libavdevice/v4l2.c
	libavdevice/x11grab.c
	libavfilter/af_amix.c
	libavfilter/af_asyncts.c
	libavfilter/af_join.c
	libavfilter/buffersrc.c
	libavfilter/src_movie.c
	libavfilter/vf_delogo.c
	libavfilter/vf_drawtext.c
	libavformat/http.c
	libavformat/img2dec.c
	libavformat/img2enc.c
	libavformat/movenc.c
	libavformat/mpegenc.c
	libavformat/mpegtsenc.c
	libavformat/options_table.h
	libavformat/segment.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-09-05 14:33:32 +02:00
Michael Niedermayer
7a72695c05 Merge commit '36ef5369ee9b336febc2c270f8718cec4476cb85'
* commit '36ef5369ee9b336febc2c270f8718cec4476cb85':
  Replace all CODEC_ID_* with AV_CODEC_ID_*
  lavc: add AV prefix to codec ids.

Conflicts:
	doc/APIchanges
	doc/examples/decoding_encoding.c
	doc/examples/muxing.c
	ffmpeg.c
	ffprobe.c
	ffserver.c
	libavcodec/8svx.c
	libavcodec/avcodec.h
	libavcodec/dnxhd_parser.c
	libavcodec/dvdsubdec.c
	libavcodec/error_resilience.c
	libavcodec/h263dec.c
	libavcodec/libvorbisenc.c
	libavcodec/mjpeg_parser.c
	libavcodec/mjpegenc.c
	libavcodec/mpeg12.c
	libavcodec/mpeg4videodec.c
	libavcodec/mpegvideo.c
	libavcodec/mpegvideo_enc.c
	libavcodec/pcm.c
	libavcodec/r210dec.c
	libavcodec/utils.c
	libavcodec/v210dec.c
	libavcodec/version.h
	libavdevice/alsa-audio-dec.c
	libavdevice/bktr.c
	libavdevice/v4l2.c
	libavformat/asfdec.c
	libavformat/asfenc.c
	libavformat/avformat.h
	libavformat/avidec.c
	libavformat/caf.c
	libavformat/electronicarts.c
	libavformat/flacdec.c
	libavformat/flvdec.c
	libavformat/flvenc.c
	libavformat/framecrcenc.c
	libavformat/img2.c
	libavformat/img2dec.c
	libavformat/img2enc.c
	libavformat/ipmovie.c
	libavformat/isom.c
	libavformat/matroska.c
	libavformat/matroskadec.c
	libavformat/matroskaenc.c
	libavformat/mov.c
	libavformat/movenc.c
	libavformat/mp3dec.c
	libavformat/mpeg.c
	libavformat/mpegts.c
	libavformat/mxf.c
	libavformat/mxfdec.c
	libavformat/mxfenc.c
	libavformat/nsvdec.c
	libavformat/nut.c
	libavformat/oggenc.c
	libavformat/pmpdec.c
	libavformat/rawdec.c
	libavformat/rawenc.c
	libavformat/riff.c
	libavformat/sdp.c
	libavformat/utils.c
	libavformat/vocenc.c
	libavformat/wtv.c
	libavformat/xmv.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-08-07 22:45:46 +02:00
Nicolas George
b6ff81d63b sbgdec: read_seek was undeprecated. 2012-02-23 16:00:22 +01:00
Michael Niedermayer
e37f161e66 Merge remote-tracking branch 'qatar/master'
* qatar/master: (71 commits)
  movenc: Allow writing to a non-seekable output if using empty moov
  movenc: Support adding isml (smooth streaming live) metadata
  libavcodec: Don't crash in avcodec_encode_audio if time_base isn't set
  sunrast: Document the different Sun Raster file format types.
  sunrast: Add a check for experimental type.
  libspeexenc: use AVSampleFormat instead of deprecated/removed SampleFormat
  lavf: remove disabled FF_API_SET_PTS_INFO cruft
  lavf: remove disabled FF_API_OLD_INTERRUPT_CB cruft
  lavf: remove disabled FF_API_REORDER_PRIVATE cruft
  lavf: remove disabled FF_API_SEEK_PUBLIC cruft
  lavf: remove disabled FF_API_STREAM_COPY cruft
  lavf: remove disabled FF_API_PRELOAD cruft
  lavf: remove disabled FF_API_NEW_STREAM cruft
  lavf: remove disabled FF_API_RTSP_URL_OPTIONS cruft
  lavf: remove disabled FF_API_MUXRATE cruft
  lavf: remove disabled FF_API_FILESIZE cruft
  lavf: remove disabled FF_API_TIMESTAMP cruft
  lavf: remove disabled FF_API_LOOP_OUTPUT cruft
  lavf: remove disabled FF_API_LOOP_INPUT cruft
  lavf: remove disabled FF_API_AVSTREAM_QUALITY cruft
  ...

Conflicts:
	doc/APIchanges
	libavcodec/8bps.c
	libavcodec/avcodec.h
	libavcodec/libx264.c
	libavcodec/mjpegbdec.c
	libavcodec/options.c
	libavcodec/sunrast.c
	libavcodec/utils.c
	libavcodec/version.h
	libavcodec/x86/h264_deblock.asm
	libavdevice/libdc1394.c
	libavdevice/v4l2.c
	libavformat/avformat.h
	libavformat/avio.c
	libavformat/avio.h
	libavformat/aviobuf.c
	libavformat/dv.c
	libavformat/mov.c
	libavformat/utils.c
	libavformat/version.h
	libavformat/wtv.c
	libavutil/Makefile
	libavutil/file.c
	libswscale/x86/input.asm
	libswscale/x86/swscale_mmx.c
	libswscale/x86/swscale_template.c
	tests/ref/lavf/ffm

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-28 07:53:34 +01:00
Nicolas George
b0aaf304a7 Replace PATCHWELCOME by relevant error codes.
This supersedes commit 154c0a8.
The bug was also reported by Rafaël Carré.
2011-12-20 19:08:04 +01:00
Michael Niedermayer
154c0a8c98 replace ENOTSUP by AVERROR_PATCHWELCOME
This unbreaks compilation
Found by: jb

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2011-12-20 18:34:44 +01:00
Nicolas George
6d7b50117a sbgdec: change -1 into AVERROR(EINVAL).
This is not as accurate as ELOOP, but there is an explicit error message
just before anyway.
2011-12-18 09:33:09 +01:00
Michael Niedermayer
4734fb0ece sbgdec: Replace ELOOP by -1 to fix compilation on win32.
This should be replaced by a more appropriate error code of course but
we should not leave compilation broken until that is decided.

Found-by: jb
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2011-12-18 03:57:11 +01:00
Nicolas George
9cb6a39c46 sbgdec: replace EOVERFLOW with ENOMEM.
This should fix track issue #781, regarding compilation with
i686-w64-mingw32-gcc.
2011-12-17 22:43:34 +01:00
Nicolas George
2c82ab946b lavf: add SBG demuxer. 2011-12-15 18:38:06 +01:00