1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

98096 Commits

Author SHA1 Message Date
Andreas Rheinhardt
9b61482627 avformat/webmdashenc: Remove possibility of infinite loop
The WebM DASH manifest muxer uses a loop to parse the adaptation_sets
string (which is given by the user and governs which AVStreams are
mapped to what adaptation set) and the very beginning of this loop is
"if (*p == ' ') continue;". This of course leads to an infinite loop if
the condition is true. It is true if e.g. the string begins with ' ' or
if there are more than one ' ' between different adaptation set groups.

To fix this, the parsing process has been modified to consume the space
if it is at a place where it can legitimately occur, i.e. when a new
adaptation set group is expected. The latter restriction implies that an
error is returned if a space exists where none is allowed to exist.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-23 06:29:53 +02:00
Andreas Rheinhardt
1030993db2 avformat/webmdashenc: Be more strict when parsing stream indices
The syntax of the adaptation_sets string by which the user determines
the mapping of AVStreams to adaptation sets is
"id=x,streams=a,b,c id=y,streams=d,e" (means: the streams with the
indices a, b and c belong to the adaptation set with id x). Yet there
was no check for whether these indices were actual numbers and if there
is a number whether it really extends to the next ',', ' ' or to the
end of the string or not. This commit adds a check for this.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-23 06:09:09 +02:00
Andreas Rheinhardt
325c901430 avformat/webmdashenc: Avoid allocation for parsing a number
In order to parse a number from a string, the WebM DASH manifest muxer
would duplicate (via heap-allocation) the part of the string that
contains the number, then read the number via atoi() and then free the
duplicate again. This has been replaced by simply using strtoll() (which
in contrast to atoi() has defined behaviour when the number is not
representable).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-23 06:05:16 +02:00
Andreas Rheinhardt
06fdc82337 avformat/mux: Remove unnecessary unreferencing of AVPacket
Since commit c5324d92c5 all custom
interleave_packet() functions always return clean packets (even on
error), so that unreferencing manually can be removed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-23 05:43:42 +02:00
Andreas Rheinhardt
9dd8f7312a avformat/avformat: Remove redundant "NOT PART OF PUBLIC API"
AVStream.request_probe as well as AVStream.mux_ts_offset are below the
separator of public and private fields, so that a further "NOT PART OF
PUBLIC API" is redundant.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-23 01:40:05 +02:00
Mark Reid
04f67dcccf avfilter/vf_lut3d: initial float pixel format support
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-23 00:26:38 +02:00
Oneric
e6dcb6a0db avcodec/ass: explicitly set ScaledBorderAndShadow
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-23 00:26:38 +02:00
Marton Balint
82f9eb6f6c avcodec: move mpeg4 profiles to profiles.h
Also bump micro version after the recent option changes.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:23:18 +02:00
Marton Balint
ebb770d3ab avcodec: move msbc profile to encoder
Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:23:18 +02:00
Marton Balint
d55f1cc58b avcodec/options_table: remove dts profiles
Our encoder (dcaenc) does not use any of these.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:22:46 +02:00
Marton Balint
aee036cdd0 avcodec: move aacenc profiles to profiles.h
Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:16:53 +02:00
Marton Balint
337fe4bcc2 avcodec/options_table: make AVCodecContext->profile search for child constants
This change makes it possible for child encoders to define custom profile
option names which can be used for setting the AVCodecContext->profile.

Also rename unit name to something rather unique, so it won't be used elsewhere.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:16:53 +02:00
Marton Balint
af9e622776 avutil/opt: add AV_OPT_FLAG_CHILD_CONSTS
This will be used for AVCodecContext->profile. By specifying constants in the
encoders we won't have to use the common AVCodecContext options table and
different encoders can use the same profile name even with different values.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-22 22:16:52 +02:00
Martin Storsjö
638b5d51cf movenc: Fix accidental leftover duplication from 1aec1fbcc5
Signed-off-by: Martin Storsjö <martin@martin.st>
2020-05-22 22:00:03 +03:00
Martin Storsjö
c116c127f9 mfenc: Fall back to avctx->time_base if avctx->framerate isn't set
The framerate field is the one users are supposed to set, but not
all users might be setting it, so it might be good to fall back
time_base in that case.

Signed-off-by: Martin Storsjö <martin@martin.st>
2020-05-22 21:49:48 +03:00
Martin Storsjö
fea5f5bc64 mfenc: Fix setting has_b_frames for max_b_frames == 1
This was a mistake in my own additions in
050b72ab5e.

Signed-off-by: Martin Storsjö <martin@martin.st>
2020-05-22 21:49:37 +03:00
Martin Storsjö
1aec1fbcc5 movenc: Fix conversion of the first frame for extradata-less H264/HEVC
Move the copying of the frame to vos_data further up in the function,
so that when writing the actual frame data for the first frame, it's
clear that the stream really is in annex b format, for the cases where
we create extradata from the first frame.

Alternatively - we could invert the checks for bitstream format. If
extradata is missing, we can't pretend that the bitstream is in
mp4 form, because we can't even know the NAL unit length prefix size
in that case.

Also avoid creating extradata for AVC intra. If the track tag is
an AVC intra tag, don't copy the frame into vos_data - this matches
other existing cases of how vos_data and TAG_IS_AVCI interact in
other places.

Signed-off-by: Martin Storsjö <martin@martin.st>
2020-05-22 21:01:44 +03:00
Martin Storsjö
1f7c8d319b cbs_h265: Fix use of an uninitialized variable
This fixes test failures in fate-cbs-hevc-* in certain configurations
since c53f9f4364.

Signed-off-by: Martin Storsjö <martin@martin.st>
2020-05-22 21:01:29 +03:00
James Almer
1e8ed181e3 avcodec/bsf: mention that av_bsf_send_packet() returning EAGAIN is not an error
EAGAIN is returned when input is provided but can't be consumed. The filtering
process is unaffected in this case, and the function will be able to consume
new input after retrieving filtered packets with av_bsf_receive_packet().

Remove the line about empty packets never failing added in
41b05b849f while at it. Even if it's currently
the case, it unnecessarily constrains the API and could be changed in the future
in case it needs to be extended.
The user should always check for errors and never expect a call to never fail.

Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-05-22 11:16:40 -03:00
Anton Khirnov
bdd6aa25c1 avcodec.h: split bitstream filters API into its own header 2020-05-22 14:38:57 +02:00
Anton Khirnov
bf80725352 lavc: rename bsf.h to bsf_internal.h
This will allow adding a public header named bsf.h
2020-05-22 14:38:57 +02:00
Anton Khirnov
9d443c3e68 avcodec.h: split AVCodecParameters API into its own header 2020-05-22 14:38:57 +02:00
Anton Khirnov
f30a41a608 Stop hardcoding align=32 in av_frame_get_buffer() calls.
Use 0, which selects the alignment automatically.
2020-05-22 14:38:57 +02:00
Anton Khirnov
8cfab9fa8c cmdutils: drop libavformat/network.h include
It is not a public header and has not been used since
10173c0e58
2020-05-22 14:38:57 +02:00
Paul B Mahol
ca7095a907 avfilter/af_aiir: move response drawing as last step 2020-05-22 14:14:15 +02:00
Paul B Mahol
8c825e43f8 avfilter/af_aiir: fix first denominator calculation 2020-05-22 14:12:06 +02:00
Paul B Mahol
07a9e5ec5e avfilter/af_aiir: add more descriptive options aliases 2020-05-22 12:37:17 +02:00
Paul B Mahol
ffda57b800 avfilter/af_aiir: export normalize option
And enable it in all modes by default.
2020-05-22 12:30:59 +02:00
Paul B Mahol
1fc5ddf774 avfilter/af_aiir: fix first delay value 2020-05-22 11:02:45 +02:00
Andreas Rheinhardt
38490cbeb3 avformat/utils: Set stream side-data size even without side-data
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-22 06:35:00 +02:00
Andreas Rheinhardt
72baae1395 avformat/matroskaenc: Remove pointless casts
by using a const void * pointer as an intermediate.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-22 06:33:25 +02:00
Andreas Rheinhardt
68dd1e6a57 avformat/matroskaenc: Don't use stream side-data size
av_stream_get_side_data() tells the caller whether a stream has side
data of a specific type; if present it can also tell the caller the size
of the side data via an optional argument. The Matroska muxer always
used this optional argument, although it doesn't really need the size,
as the relevant side-data are not buffers, but structures. So change
this.

Furthermore, relying on the size also made the code susceptible to
a quirk of av_stream_get_side_data(): It only sets the size argument if
it found side data of the desired type. mkv_write_video_color() checks
for side-data twice with the same variable for the size without resetting
the size in between; if the second type of side-data isn't present, the
size will still be what it was after the first call. This was not
dangerous in practice, as the check for the existence of the second
side-data compared the size with the expected size, so it would only be
problematic if lots of elements were to be added to AVContentLightMetadata.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-22 06:30:56 +02:00
Joey Smith
d29c429744 avformat/http: increase BUFFER_SIZE to MAX_URL_SIZE + HTTP_HEADERS_SIZE
Some real-world sites use an authorization header with a bearer token; when
combined with lengthy request parameters to identify the video segment,
it's rather trivial these days to have a request body of more than 4k bytes.

MAX_URL_SIZE is hard-coded to 4k bytes in libavformat/internal.h, and
HTTP_HEADERS_SIZE is 4k as well in libavformat/http.h, so this patch increases
the buffer size to 8k, as that is the default request body limit in Apache, and
most other httpds seem to support at least as much, if not more.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-05-21 22:45:21 +02:00
James Almer
13b1bbff0b avcodec: deprecate Lossless and Intra Only encoder capabilites
Both are codec properties and not encoder capabilities. The relevant
AVCodecDescriptor.props flags exist for this purpose.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-05-21 12:32:15 -03:00
James Almer
cbb1760afa fftools/cmdutils: remove lossless and intra only capability entries from print_codec()
They are codec properties, not encoder capabilities.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-05-21 12:32:15 -03:00
James Almer
0a3ba58b44 fftools/ffmpeg_filter: check the codec's descriptor to see if it's lossless
Signed-off-by: James Almer <jamrial@gmail.com>
2020-05-21 12:32:15 -03:00
James Almer
d3bedba97f avcodec/decode: remove ff_decode_bsfs_uninit()
It's been a wrapper for a simple av_bsf_free() call since c96904f525.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-05-21 12:32:15 -03:00
Michael Niedermayer
70faa9f618 avcodec/tiff: Check for Tiled and Stripped TIFFs
TIFF 6 spec: "Do not use both strip-oriented and tile-oriented fields in the same TIFF file."

Fixes: null pointer use, crash
Fixes: crash-762680f9d1b27f9b9085e12887ad44893fb2b020

Found-by: Shiziru <lunasl@protonmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 13:08:23 +02:00
Michael Niedermayer
49459aca47 avcodec/pnmdec: Use unsigned for maxval rescaling
Fixes: signed integer overflow: 65535 * 55335 cannot be represented in type 'int'
Fixes: 21955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer-5669206981083136

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
1d633e6a0a avcodec/ivi: Clear got_p_frame before decoding a new frame using it
Fixes: assertion failure
Fixes: 21666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5706468994318336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
2570a8777e avcodec/dsddec: Check channels
Fixes: division by zero
Fixes: 21677/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_MSBF_fuzzer-5712547983654912
Fixes: 21751/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_LSBF_fuzzer-5197097180856320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
620236e4d2 avcodec/xvididct: Fix integer overflow in idct_row()
Fixes: signed integer overflow: -1238335488 + -1003634688 cannot be represented in type 'int'
Fixes: 21649/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5112005765890048

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
e9a4c4fe99 avcodec/wmalosslessdec: Fix integer overflows in revert_inter_ch_decorr()
Fixes: signed integer overflow: -717241856 + -1434459904 cannot be represented in type 'int'
Fixes: 21405/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5677143666458624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
a3dc67c984 avcodec/cbs_jpeg: Fix infinite loop in cbs_jpeg_split_fragment()
Fixes: Timeout
Fixes: 21104/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5129580475318272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
9874815b1a avformat/mpegenc: Fix integer overflow with AV_NOPTS_VALUE
Fixes: signed integer overflow: -9223372036854775808 - 45000 cannot be represented in type 'long'
Fixes: ticket8187

Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
31f956acad avformat/swfenc: Fix integer overflow in frame rate handling
Fixes: signed integer overflow: 30000299 * 256 cannot be represented in type 'int'
Fixes: ticket8184

Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
a629cec58e avcodec/bitpacked: Add codec_tags list
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
daa2482871 avformat/aadec: Check toc_size to contain the minimum to demuxer uses
Fixes: out of array access
Fixes: stack-buffer-overflow-READ-0x0831fff1

Found-by: GalyCannon <galycannon@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Michael Niedermayer
435fa373d1 avcodec/cbs_h265_syntax_template: Limit num_long_term_pics more strictly
The limit is based on hevcdec.c
Fixes: 20854/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5160442882424832
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-05-21 09:31:08 +02:00
Andreas Rheinhardt
dbacecd347 avformat/ttaenc: Defer freeing dynamic buffer
The TTA muxer writes a seektable in a dynamic buffer as it receives
packets and when writing the trailer, closes the dynamic buffer using
avio_close_dyn_buf(), writes the seektable and frees the buffer. But
the TTA muxer already has a deinit function which unconditionally
calls ffio_free_dyn_buf() on the dynamic buffer, so switching to
avio_get_dyn_buf() means that one can remove the code to free the
buffer; furthermore, it also might save an allocation if the seektable
is so small that it fits into the dynamic buffer's write buffer or if
adding the padding that avio_close_dyn_buf() adds necessitated
reallocating of the underlying buffer.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-05-21 05:30:26 +02:00