1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Commit Graph

83747 Commits

Author SHA1 Message Date
Michael Niedermayer
29638d4db9 avcodec/dcadsp: Fix 2 runtime error: signed integer overflow: -1958094138 - 1078906344 cannot be represented in type 'int'
Fixes: 722/clusterfuzz-testcase-5711268868521984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-05 12:01:48 +01:00
Michael Niedermayer
d03d386162 avcodec/wavpack: Check bitrate_acc for overflow
Fixes: undefined behavior in 717/clusterfuzz-testcase-5434924129583104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-05 12:01:46 +01:00
Michael Niedermayer
fab13bbbcd avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 134527392 * 16 cannot be represented in type 'int'
This checks the sprite delta intermediates for overflow
Fixes: 716/clusterfuzz-testcase-4890287480504320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-05 12:01:41 +01:00
Michael Niedermayer
d757ddbaab avcodec/mpeg12dec: Fix runtime error: left shift of negative value -13
Fixes: 709/clusterfuzz-testcase-4789836449841152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-04 17:48:04 +01:00
Michael Niedermayer
ab998f4c7f avcodec/h264_mvpred: Fix multiple runtime error: left shift of negative value
Fixes: 710/clusterfuzz-testcase-5091051431788544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-04 17:48:04 +01:00
Michael Niedermayer
d23727e042 avcodec/adxdec: Fix runtime error: left shift of negative value -1
Fixes: 705/clusterfuzz-testcase-5129572590813184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-04 17:48:04 +01:00
Michael Niedermayer
eb41956636 avcodec/mpeg4videodec: Improve the overflow checks in mpeg4_decode_sprite_trajectory()
Also clear the state on errors

Fixes integer overflows in 701/clusterfuzz-testcase-6594719951880192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-04 03:05:15 +01:00
Michael Niedermayer
2ce4f28431 avcodec/vp56: Require a correctly decoded frame before using vp56_conceal_mb()
Fixes timeout with 700/clusterfuzz-testcase-5660909504561152
Fixes timeout with 702/clusterfuzz-testcase-4553541576294400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-04 03:05:15 +01:00
Steven Liu
4507f29e4a avformat/hlsenc: move the segment files handler close to before temp flags process
fix ticket: #6204

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2017-03-04 09:27:56 +08:00
James Almer
68ee800a9d doc/encoders: mention valid values for compression_level when using FLAC encoder
Found-by: Miles
Signed-off-by: James Almer <jamrial@gmail.com>
2017-03-03 13:49:26 -03:00
James Almer
a43389547c avutil/md5: stop discarding the const qualifier for the src pointer
The code modifying the buffer on big endian systems was removed.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2017-03-03 13:37:11 -03:00
James Almer
e2b7ae4b19 avutil/md5: fix misaligned reads
This makes ubsan happy and also considerably increases performance on
big endian systems.

Tested on an IBM POWER7 3.55 GHz

Before:

2.24user 0.14system 0:02.39elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
2.26user 0.11system 0:02.38elapsed 99%CPU (0avgtext+0avgdata 2688maxresident)k
2.23user 0.15system 0:02.38elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
2.25user 0.12system 0:02.38elapsed 100%CPU (0avgtext+0avgdata 2624maxresident)k
2.20user 0.15system 0:02.36elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k

After:

1.86user 0.13system 0:02.00elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
1.89user 0.11system 0:02.01elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
1.85user 0.14system 0:02.00elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
1.84user 0.15system 0:01.99elapsed 99%CPU (0avgtext+0avgdata 2624maxresident)k
1.89user 0.13system 0:02.02elapsed 99%CPU (0avgtext+0avgdata 2688maxresident)k

Tested-by: Nicolas George <george@nsup.org>
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2017-03-03 13:36:49 -03:00
Michael Niedermayer
d8094a303b avcodec/vp3: Do not return random positive values but the buf size
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 17:17:53 +01:00
Takayuki 'January June' Suwa
13332504c9 omx: Add support for specifying H.264 profile [v5']
This adds "-profile[:v] profile_name"-style option.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 17:17:53 +01:00
Paul B Mahol
6d93e7d1a3 avcodec/scpr: fix top left prediction for special case when x is 0 for keyframes
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-03-03 12:28:24 +01:00
wm4
16abc10b09 ffmpeg: properly cleanup filter graph on init failure
The filter field is often used to check whether a filter is
configured. If configuring the filter actually fails somewhere in
the middle of it, these fields could still be set to non-NULL, which
lead to other code accessing the half-configured filter graph, which
in turn could lead to crashes within libavfilter.

Solve this by properly resetting all fields.

This was triggered by a fuzzed sample after the recent changes. It's
unknown whether this behavior could be triggered before that.
2017-03-03 08:45:43 +01:00
wm4
7dd44cde2a ffmpeg: delay processing of subtitles before filters are initialized
If a subtitle packet came before the first video frame could be fully
decoded, the subtitle packet would get discarded. This puts the subtitle
into a queue instead, and processes it once the attached filter graph is
initialized.
2017-03-03 08:45:43 +01:00
Timo Rothenpieler
736f4af4fe ffmpeg_cuvid: adapt for recent filter graph initialization changes 2017-03-03 08:45:43 +01:00
Anton Khirnov
76e13bdeaa ffmpeg: restructure sending EOF to filters
Be more careful when an input stream encounters EOF when its filtergraph
has not been configured yet. The current code would immediately mark the
corresponding output streams as finished, while there may still be
buffered frames waiting for frames to appear on other filtergraph
inputs.

This should fix the random FATE failures for complex filtergraph tests
after a3a0230a98

This merges Libav commit 94ebf55. It was previously skipped.

This is the last filter init related Libav commit that was skipped, so
this also removes the commits from doc/libav-merge.txt.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
Anton Khirnov
cb884f8d7e ffmpeg: move flushing the queued frames to configure_filtergraph()
This is a more appropriate place for it, and will also be useful in the
following commit.

This merges Libav commit d2e56cf. It was previously skipped.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
wm4
97614a68e4 ffmpeg: fix printing of filter input/output names
Broken by the previous Libav commit (even in Libav, thus a separate
commit).

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
Anton Khirnov
af1761f7b5 ffmpeg: init filtergraphs only after we have a frame on each input
This makes sure the actual stream parameters are used, which is
important mainly for hardware decoding+filtering cases, which would
previously require various weird workarounds to handle the fact that a
fake software graph has to be constructed, but never used.
This should also improve behaviour in rare cases where
avformat_find_stream_info() does not provide accurate information.

This merges Libav commit a3a0230. It was previously skipped.

The code in flush_encoders() which sets up a "fake" format wasn't in
Libav. I'm not sure if it's a good idea, but it tends to give
behavior closer to the old one in certain corner cases.

The vp8-size-change gives different result, because now the size of
the first frame is used. libavformat reported the size of the largest
frame for some reason.

The exr tests now use the sample aspect ratio of the first frame. For
some reason libavformat determines 0/1 as aspect ratio, while the
decoder returns the correct one.

The ffm and mxf tests change the field_order values. I'm assuming
another libavformat/decoding mismatch.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
Anton Khirnov
4ee5aed122 ffmpeg: do packet ts rescaling in write_packet()
This will be useful in the following commit, after which the muxer
timebase is not always available when encoding.

This merges Libav commit 3e265ca. It was previously skipped.

There are some changes with how/when the mux_timebase field is set,
because the Libav approach often causes a too imprecise time base
to be set. This is hard, because the muxer's write_header function
can readjust the timebase, at which point we might already have
encoded packets buffered. (It might be better to buffer them after
the encoder, instead of after all the timestamp handling logic
before muxing.)

The two FATE tests change because the output time base is raised
for subtitles. (Needed to avoid certain rounding issues in other
cases.)

Includes a minor merge fix by Mark Thompson, and

    avconv: Move rescale to stream timebase before monotonisation

also by Mark Thompson <sw@jkqxz.net>.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
wm4
33580a8625 ffmpeg: make sure packets put into the muxing FIFO are refcounted
Some callers (like do_subtitle_out()) call this with an AVPacket that is
not refcounted. This can cause undefined behavior.

Calling av_packet_move_ref() does not make a packet refcounted if it
isn't yet. (And it can't be made to, because it always succeeds,
and can't return ENOMEM.)

Call av_packet_ref() instead to make sure it's refcounted.

I couldn't find a case that is fixed by this with the current code. But
it will fix the fate-pva-demux test with the later patches applied.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-03 08:45:43 +01:00
Carl Eugen Hoyos
9ae762da7e lavf/matroska: Support codec ID V_FFV1 for demuxing.
Fixes ticket #6206.
2017-03-03 02:04:34 +01:00
Michael Niedermayer
55196e5d10 Revert "avutil/frame: Disallow zero sized frame side data"
Found a case where we use size==0, the other related commits
remain needed, and should be sufficient to fix the original issue

This reverts commit 7e4f32f4e4.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 01:03:29 +01:00
Michael Niedermayer
6191198c21 avcodec/interplayvideo: Fix timeout from lack of bitstream end check
Fixes: 697/clusterfuzz-testcase-6111250582863872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 01:03:29 +01:00
Michael Niedermayer
3b0b35150d avcodec/mpegaudiodec_template: Fix runtime error: signed integer overflow: 2053224902 + 2053224902 cannot be represented in type 'int'
Fixes: 696/clusterfuzz-testcase-5853632270434304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 01:03:29 +01:00
Michael Niedermayer
4b72d5cd6f avcodec/mjpegdec: Fix runtime error: left shift of negative value -511
Fixes: 693/clusterfuzz-testcase-6109776066904064

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-03 01:03:29 +01:00
Carl Eugen Hoyos
46082c2b3f lavc/sheervideo: Fix Y prediction for interlaced frames with transparency.
Based on 260de8a2 by Paul B Mahol.
Fixes ticket #6210.
2017-03-02 18:11:57 +01:00
Carl Eugen Hoyos
d1bfd19ad1 doc: Link to "Resampler Options" in the aresample documentation. 2017-03-02 18:05:58 +01:00
Kostya Shishkov
a63496cc88 avcodec: add ClearVideo decoder
Only I-frames are decoded for now.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-03-02 11:39:54 +01:00
Mark Thompson
2b8151c806 hwcontext_vaapi: Don't abort on failing to allocate from a fixed-size pool
Cherry-picked from Libav d30719e62d.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
2017-03-02 11:20:47 +01:00
wm4
f07492e7fb avcodec/videotoolbox: set kCVPixelBufferIOSurfaceOpenGLTextureCompatibilityKey
Makes sure the output can be mapped as OpenGL texture.
This is what at least video players normally want.
2017-03-02 10:32:21 +01:00
wm4
ade7c1a232 avcodec/videotoolbox: allow not setting the kCVPixelBufferPixelFormatTypeKey
If AVVideotoolboxContext.cv_pix_fmt_type is set to 0, don't set the
kCVPixelBufferPixelFormatTypeKey value on the VT decoder.

This makes VT output its native format, which can be much faster on
some hardware iterations (if the native format does not match with
the requested format, it will be converted, which is slow).

The default is still forcing nv12.
2017-03-02 10:32:21 +01:00
wm4
227f6e1e8d avformat: fix AVStream private fields marker
Public fields were added after the private fields (negating the entire
point of this). New private fields go into AVStreamInternal anyway.

The new marker was set by guessing which fields are supposed to be
private and wshich not. recommended_encoder_configuration is accessed by
ffserver_config.c directly, and is supposed to use the public API.

ffmpeg.c accesses AVStream.cur_dts, even though it's a private field,
but that seems to be an older error.
2017-03-02 10:32:21 +01:00
wm4
554bc4eea8 avcodec, avutil, avformat: remove AVOption requirement for some fields
Allow all struct fields to be accessed directly, as long as they're
public.

Before this change, many fields were "public", but could be accessed via
AVOption only. This meant they were effectively not public, but were
present for documentation purposes, which was incredibly confusing at
best.
2017-03-02 10:32:12 +01:00
Carl Eugen Hoyos
3733039610 lavf/flacdec: Return maximum score if the streaminfo header is valid. 2017-03-02 09:29:10 +01:00
Michael Niedermayer
4bed066377 avcodec/vp56: Clear dimensions in case of failure in the middle of a resolution change
Similar code is used elsewhere in vp56 to force a more complete reinit in the future.
Fixes null pointer dereference
Fixes: 707/clusterfuzz-testcase-4717453097566208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:16:18 +01:00
Michael Niedermayer
f8060ab927 avcodec/wavpack: Check value before shift in wp_exp2()
Fixes undefined shift, all callers should be changed to check the value
they use with wp_exp2() or its return value.

Fixes: 692/clusterfuzz-testcase-5757381516460032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:16:15 +01:00
Michael Niedermayer
12c3e120fe avcodec/ituh263dec: Use 0xffff as error code in h263p_decode_umotion()
This matches ff_h263_decode_motion() both functions error codes are interpreted by the same common code

Fixes: 690/clusterfuzz-testcase-4744944981901312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:16:12 +01:00
Michael Niedermayer
04c99c8042 avcodec/h264idct_template: Fix several runtime error: signed integer overflow
Fixes: 689/clusterfuzz-testcase-6029352737177600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:16:10 +01:00
Michael Niedermayer
e46ab99750 avformat/oggdec: fix leak in ogg_restore()
Fixes: asan_bug_leak

Found-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:12:26 +01:00
Michael Niedermayer
fb6fa48fce avformat/oggdec: Factor free_stream out
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:12:25 +01:00
Michael Niedermayer
3250d4b39c avformat/oggdec: remove unused parameter of ogg_restore()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-02 03:12:25 +01:00
Rick Kern
70ebc05bce lavc/videotoolboxenc: fix symbol linking
Removes explicit reference to symbols and fixes dereferencing issue.

Signed-off-by: Rick Kern <kernrj@gmail.com>
2017-03-01 10:43:08 -05:00
Michael Niedermayer
7b5ff7d573 avcodec/vp8: Check for bitsteam end in decode_mb_row_no_filter()
Fixes timeout with 686/clusterfuzz-testcase-5853946876788736

this shortcuts (i.e. speeds up) the error and
return-to-user when decoding a truncated frame

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Previous version reviewed by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-01 14:07:33 +01:00
Michael Niedermayer
4bd3f1ce3e avcodec/h264_direct: Fix runtime error: left shift of negative value -14
Fixes: 682/clusterfuzz-testcase-4799120021651456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-01 14:07:33 +01:00
Michael Niedermayer
2c00b37302 avcodec/avpacket: Check metadata key in av_packet_unpack_dictionary()
Fixes timeout
Fixes: 501/clusterfuzz-testcase-5672752870588416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-01 14:07:33 +01:00
Carl Eugen Hoyos
a2ca9e11ff Makefile: Clean compat/atomics/pthread subdirectory. 2017-03-01 13:43:03 +01:00