Fixes: undefined memcpy() use
Fixes: 16302/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5678750575886336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2147480546 + 4096 cannot be represented in type 'int'
Fixes: 16280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5123442566758400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Use the command ./configure with/without --disable-v4l2-m2m test.
Reviewed-by: Aman Gupta <aman@tmm1.net>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
Some decoders may not need a writable buffer in some specific cases, but only
a reference to the existing buffer with updated frame properties instead, for
the purpose of returning duplicate frames. For this, the
FF_REGET_BUFFER_FLAG_READONLY flag is added, which will prevent potential
allocations and buffer copies when they are not needed.
Signed-off-by: James Almer <jamrial@gmail.com>
On some DVB stream SCTE-35 data packet are available before the end of
MpegTSContext initialization. We have to check if it is the case to
avoid a SEGFAULT.
Signed-off-by: Marton Balint <cus@passwd.hu>
When compiling natively on an RPI where libomxil-bellagio-dev
was also installed, `check_headers OMX_Core.h` succeeded and
the -isystem compiler flag was never added to the build.
For non-native builds, the error message now mentions the
raspberrypi/firmware repository where the RPI specific
headers are available.
Signed-off-by: Aman Gupta <aman@tmm1.net>
ENOMEM indicates an allocation failure, and there are no allocations
happening here. The buffers are pre-allocated and there are simply
none available at this time.
Signed-off-by: Aman Gupta <aman@tmm1.net>
When ffmpeg was streaming, multiple clients were only supported by using a
multicast destination address. An alternative was to stream to a server which
re-distributes the content. This commit adds ZeroMQ as a protocol, which allows
multiple clients to connect to a single ffmpeg instance.
Signed-off-by: Marton Balint <cus@passwd.hu>
Integer overflow in the Q16 framerate calculation was sending
invalid values to the OMX encoder.
On the RPI4, this manifested as bitrate controls being ignored
on video streams with 60000/1001 framerates. Video streams with
30000/1001 framerates were not affected.
Signed-off-by: Aman Gupta <aman@tmm1.net>
7d097a0fc57f0fa8385962a539c657c2f40b5ed0 had the same purpose as
3700f655c55e2001b57215210b957b169d66b50f but the former is much simpler, so
let's remove the latter.
Unfortunately both checks were wrong, because in order to make sure DTS > PCR
we have to give us some headroom, so instead of using a dts_difference <
max_delay check let's use a dts_difference < max_delay/2 check.
Fixes DTS < PCR errors with this command line:
./ffmpeg -loglevel verbose -y -f lavfi -i \
"testsrc=s=64x64:d=20,split=2[out0][tmp1];[tmp1]vflip[out1];sine=d=20,asetnsamples=1000[out2]" \
-flags +bitexact -fflags +bitexact -sws_flags +accurate_rnd+bitexact \
-codec:v libx264 -codec:a mp2 -b:a 32k -pix_fmt yuv420p \
-map '0✌️0' \
-map '0✌️1' \
-map '0🅰️0' \
-muxrate 800000 \
-program st=0:st=2 -program st=1:st=2 -program st=2 -program st=0 -f mpegts out1.ts
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes: left shift of negative value -3
Fixes: 16147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5658392722407424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of negative value -2
Fixes: 16145/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5146671058518016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
add inner loop specialisations for 2 bpp and 4 bpp
These are all cases for which i found testsamples.
30M cycles -> 5M cycles
Testcase: fate-rgbapng-4816
Testcase: 16097/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5664690889293824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2021654528 + 2032575680 cannot be represented in type 'int'
Fixes: 16270/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5732438816325632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1094994793 * 2 cannot be represented in type 'int'
Fixes: 16139/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5663911036059648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
ff_v4l2_m2m_create_context initialized V4L2m2mContext.fd to 0
which is a valid file descriptor value. Next ff_v4l2_m2m_codec_init
failed and v4l2_m2m_destroy_context closed file descriptor 0 even
though it didn't belong to V4L2m2mContext.
Signed-off-by: Pavel Koshevoy <pkoshevoy@gmail.com>
The current code in libavfilter/af_sofalizer.c requires
mysofa_neighborhood_init_withstepdefine function, which only appeared
in libmysofa 0.7. Use this function in configure script to bail out
early if a too old libmysofa is found in the system instead of failing
at compile time.
Fixes: Timeout (82sec -> 1sec)
Fixes: 16411/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP3_fuzzer-5166958151991296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is not clear what was real intention of previous commit to this filter.
It was not working correctly, hopefully this is fixed now.
It never checked that new x/y/w/h are actually valid, hopeffully this is fixed now.
It uses named variables in expressions that are never set, still not fixed.
It does not set named variables that uses actual frame widht/height, making actual
expressions less usable for our users, still now fixed.