1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-18 03:19:31 +02:00
Commit Graph

108205 Commits

Author SHA1 Message Date
Andreas Rheinhardt
8b5d155301 avformat/hevc: Fix crash on allocation failure, avoid allocations
The HEVC code currently uses an array of arrays of NALUs; one such array
contains all the SPS NALUs, one all PPS NALUs etc. The array of arrays
is grown dynamically via av_reallocp_array(), but given that the latter
function automatically frees its buffer upon reallocation error,
it may only be used with PODs, which this case is not. Even worse:
While the pointer to the arrays is reset, the counter for the number
of arrays is not, leading to a segfault in hvcc_close().

Fix this by avoiding the allocations of the array of arrays altogether.
This is easily possible because their number is bounded (by five).
Furthermore, as a byproduct we can ensure that the code always
produces the recommended ordering of VPS-SPS-PPS-SEI (which was
not guaranteed before).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-02 11:40:45 +02:00
Michael Niedermayer
b14104a637
avcodec/bink: disallow odd positioned scaled blocks
Fixes: out of array access
Fixes: 47911/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINK_fuzzer-6194020855971840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-02 10:44:28 +02:00
Carl Eugen Hoyos
ff6044b921 lavc/tiff: Support multi-component files without RowsPerStrip tag.
Fixes ticket #9514.
2022-09-01 20:27:17 +02:00
Andreas Rheinhardt
90aa2a88f9 fftools/ffmpeg_opt: Check creation of new program
Fixes Coverity issue #1512413.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-01 14:26:01 +02:00
Andreas Rheinhardt
601faaed92 fftools: Use report_error_then_exit_program() for allocation failures
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-01 14:26:00 +02:00
Andreas Rheinhardt
e157b21a90 fftools/cmdutils: Add function to report error before exit
This is designed to improve and unify error handling for
allocation failures for the many (often small) allocations that we have
in the fftools. These typically either don't return an error message
or an error message that is not really helpful to the user
and can be replaced by a generic error message without loss of
information.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-01 14:21:56 +02:00
Paul B Mahol
319e8a49b5 avcodec/amr*bdec: return only number of consumed bytes 2022-08-31 23:10:41 +02:00
Michael Niedermayer
1f1a368169
avformat/asfdec_o: limit recursion depth in asf_read_unknown()
The threshold of 5 is arbitrary, both smaller and larger should work fine

Fixes: Stack overflow
Fixes: 50603/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-6049302564175872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-31 18:03:55 +02:00
Carl Eugen Hoyos
4a054c3e97 lavc/ass: Add missing version.h include
Fixes lavc version output in ass, regression since f2da2e14
2022-08-31 16:25:31 +02:00
Carl Eugen Hoyos
7180416084 lavf/sdp: Add missing version.h include
Fixes lavf version output in SDP, regression since 4eb9232c
2022-08-31 16:24:22 +02:00
Anton Khirnov
4fce3bab64 fftools/ffmpeg: use a separate counter for encoded packet data size
update_video_stats() currently uses OutputStream.data_size to print the
total size of the encoded stream so far and the average bitrate.
However, that field is updated in the muxer thread, right before the
packet is sent to the muxer. Not only is this racy, but the numbers may
not match even if muxing was in the main thread due to bitstream
filters, filesize limiting, etc.

Introduce a new counter, data_size_enc, for total size of the packets
received from the encoder and use that in update_video_stats(). Rename
data_size to data_size_mux to indicate its semantics more clearly.

No synchronization is needed for data_size_mux, because it is only read
in the main thread in print_final_stats(), which runs after the muxer
threads are terminated.
2022-08-29 15:42:11 +02:00
Anton Khirnov
0dd7347963 fftools/ffmpeg: drop OutputStream.fps_mode
It is only used within new_video_stream(), so make it a local variable
there.
2022-08-29 15:42:11 +02:00
Anton Khirnov
d0f767f81f fftools/ffmpeg: drop OutputStream.enc
It is either equal to OutputStream.enc_ctx->codec, or NULL when enc_ctx
is NULL. Replace the use of enc with enc_ctx->codec, or the equivalent
enc_ctx->codec_* fields where more convenient.
2022-08-29 15:42:11 +02:00
Anton Khirnov
4a4a206304 fftools/ffmpeg_filter: remove an always-true check
ost->enc is always non-NULL here, since
- this code is never called for streamcopy
- opening the output file will fail if an encoder cannot be found, so
  filters are never initialized
2022-08-29 15:42:11 +02:00
Anton Khirnov
c97bb940c2 fftools/ffmpeg_filter: remove an always-false check
This code cannot be triggered, since after 90944ee3ab opening the
output file will abort if an encoder cannot be found and streamcopy was
not explicitly requested.
2022-08-29 15:42:11 +02:00
Anton Khirnov
7c8737548f fftools/ffmpeg: remove a stale extern declaration
Forgotten in 8cbf229c94
2022-08-29 15:42:11 +02:00
Anton Khirnov
8d26a21bf6 fftools/ffmpeg: stop accessing av_stream_get_parser() from the main thread
It races with the demuxing thread. Instead, send the information along
with the demuxed packets.

Ideally, the code should stop using the stream-internal parsing
completely, but that requires considerably more effort.

Fixes races, e.g. in:
- fate-h264-brokensps-2580
- fate-h264-extradata-reload
- fate-iv8-demux
- fate-m4v-cfr
- fate-m4v
2022-08-29 15:42:11 +02:00
Sebastian Beckmann
47b85c5a76 avcodec/videotoolboxenc: Add CBR option to H264 and HEVC encoder
Adds an option to use constant bitrate instead of average bitrate to the
videotoolbox encoders. This is enabled via -constant_bit_rate true.
macOS 13 is required for this option to work.

Signed-off-by: Sebastian Beckmann <beckmann.sebastian@outlook.de>
Signed-off-by: Rick Kern <kernrj@gmail.com>
2022-08-29 09:34:20 -04:00
Lynne
f99d15cca0
arm/fft: disable NEON optimizations for 131072pt transforms
This has been broken since the start, and it was only discovered
when I started testing my replacement for the FFT.
Disable it, since there's no point in fixing slower code that's about
to be removed anyway.

The vfp version is not affected.
2022-08-29 07:13:43 +02:00
gavin zhang
f5c5c04c14 lavc/qsvenc: enlarge the SPS buffer to retrieve larger header
Increase SPS header buffer to support larger header

Signed-off-by: gavin zhang <gavin.zhang@intel.com>
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
2022-08-29 09:37:49 +08:00
Haihao Xiang
ea56f7d5e7 lavc/qsvenc: ignore video signal info buffer for VP9
The SDK doesn't support this type of buffer for vp9 encoding

Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
2022-08-29 09:37:49 +08:00
Michael Niedermayer
c953baa084
avformat/mov: Check count sums in build_open_gop_key_points()
Fixes: ffmpeg.md
Fixes: Out of array access
Fixes: CVE-2022-2566

Found-by: Andy Nguyen <theflow@google.com>
Found-by: 3pvd <3pvd@google.com>
Reviewed-by: Andy Nguyen <theflow@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:45 +02:00
Michael Niedermayer
ced0dc807e
doc/git-howto.texi: Document commit signing
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:45 +02:00
Michael Niedermayer
2316d5ec1a
libavcodec/8bps: Check that line lengths fit within the buffer
Fixes: Timeout
Fixes: undefined pointer arithmetic
Fixes: 50330/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EIGHTBPS_fuzzer-5436287485607936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:45 +02:00
Michael Niedermayer
e264a4a76e
tools/target_dec_fuzzer: Adjust threshold for MVDV
Fixes: Timeout
Fixes: 50213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVDV_fuzzer-5228284098510848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:45 +02:00
Michael Niedermayer
628fb97efb
avcodec/midivid: Perform lzss_uncompress() before ff_reget_buffer()
This would avoid regeting the frame on lzss errors

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:44 +02:00
Michael Niedermayer
bcb4690304
libavformat/iff: Check for overflow in body_end calculation
Fixes: signed integer overflow: -6322983228386819992 - 5557477266266529857 cannot be represented in type 'long'
Fixes: 50112/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-6329186221948928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:44 +02:00
Michael Niedermayer
936f2d2634
tools/target_dec_fuzzer: Adjust threshold for MTS2
Fixes: Timeout
Fixes: 50030/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MTS2_fuzzer-5767793731043328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:44 +02:00
Michael Niedermayer
4d5c0cca94
avcodec/m101: Move checks before ff_get_buffer()
Fixes: Timeout
Fixes: 50109/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_M101_fuzzer-6553193986785280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:43 +02:00
Michael Niedermayer
049ed1dada
tools/target_dec_fuzzer: Adjust threshold for bethsoftvid
Fixes: Timeout
Fixes: 49791/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BETHSOFTVID_fuzzer-4583956145635328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:43 +02:00
Michael Niedermayer
d93dccdc9f
avcodec/bethsoftvideo: Check block_type before frame alloc
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:43 +02:00
Michael Niedermayer
e1c0239d5a
avcodec/bethsoftvideo: Pass GetByteContext into set_palette()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:42 +02:00
Michael Niedermayer
f3e823c2aa
avformat/avidec: Prevent entity expansion attacks
Fixes: Timeout
Fixes no testcase, this is the same idea as similar attacks against XML parsers

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-08-28 22:06:31 +02:00
Andreas Rheinhardt
a51bdbb069 avcodec/ac3enc: Add missing header
Needed for code under #ifdef DEBUG; broken in commit
59eadb5060.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-28 12:56:26 +02:00
Andreas Rheinhardt
91ba3f5a8f avcodec/targa: Fix indentation
Forgotten after 1e85a698c0.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:57 +02:00
Andreas Rheinhardt
5714cf1b5b avcodec/internal: Move ff_dvdsub_parse_palette() to new header dvdsub.h
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:57 +02:00
Andreas Rheinhardt
d1a5ef4069 avcodec/internal: Move ff_side_data_update_matrix_encoding to decode.h
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:57 +02:00
Andreas Rheinhardt
59eadb5060 avcodec/internal: Move ff_samples_to_time_base() to encode.h
It is only used by encoders; in fact, AVCodecContext.time_base
is only used by encoders, so it is only useful for encoders.

Also constify the AVCodecContext parameter in it.

Also fixup the other headers a bit while removing now unnecessary
internal.h inclusions.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:57 +02:00
Andreas Rheinhardt
b9eaf77ed1 avcodec/internal: Move ff_set_dimensions() to decode.h
Decoder-only, as the dimensions are set by the user when encoding.

Also fixup the other headers a bit while removing unnecessary internal.h
inclusions.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:57 +02:00
Andreas Rheinhardt
b6a680989c avcodec/internal: Move ff_set_sar() to decode.h
Only used by decoders, as the SAR has to be set by the user
when encoding.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:56 +02:00
Andreas Rheinhardt
66b691f99f avcodec/internal: Move ff_get_buffer() to decode.h
Only used by decoders (encoders have ff_encode_alloc_frame()).

Also clean up the other headers a bit while removing now redundant
internal.h inclusions.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:56 +02:00
Andreas Rheinhardt
e2c24e6a29 avcodec/internal: Move ff_reget_buffer() to decode.h
Only used by decoders.

Also clean up the headers a bit while removing now unnecessary
internal.h inclusions.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:56 +02:00
Andreas Rheinhardt
17e23aed41 avcodec/internal: Move ff_get_format() to decode.h
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:56 +02:00
Andreas Rheinhardt
6be4b534ce avcodec/roqvideoenc: Remove internal.h inclusion
Possible since c954cf1e1b.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 14:14:56 +02:00
Andreas Rheinhardt
5c217119c8 avcodec/internal: Fix outdated comment
The legacy API is long gone.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00
Andreas Rheinhardt
3fdfd4b725 avcodec/encode: Fix outdated comment
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00
Andreas Rheinhardt
a499b4345b avcodec: Make ff_alloc_packet() based encoders accept user buffers
Up until now, these encoders received non-refcounted packets
(whose data was owned by the corresponding AVCodecContext)
from ff_alloc_packet(); these packets were made refcounted lateron
by av_packet_make_refcounted() generically.
This commit makes these encoders accept user-supplied buffers by
replacing av_packet_make_refcounted() with an equivalent function
that is based upon get_encode_buffer().

(I am pretty certain that one can also set the flag for mpegvideo-
based encoders, but I want to double-check this later. What is certain
is that it reallocates the buffer owned by the AVCodecContext
which should maybe be moved to encode.c, so that proresenc_kostya.c
and ttaenc.c can make use of it, too.)

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00
Andreas Rheinhardt
7360e97e4b avcodec/(dca|tta|pcm-bluray|pcm-dvd|wavpack)enc: Set pts+dur generically
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00
Andreas Rheinhardt
52dcf0e0f5 avcodec/encode: Remove redundant check
frame is always set at this point for no-delay encoders.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00
Andreas Rheinhardt
1e6307f46c avcodec/encode, frame_thread_encoder: Unify calling encode callback
The encode-callback (the callback used by the FF_CODEC_CB_TYPE_ENCODE
encoders) is currently called in two places: encode_simple_internal()
and by the worker threads of frame-threaded encoders.

After the call, some packet properties are set based upon
the corresponding AVFrame properties and the packet is made
refcounted if it isn't already. So there is some code duplication.

There was also non-duplicated code in encode_simple_internal()
which is executed even when using frame-threading. This included
an emms_c() (which is needed for frame-threading, too, if it is
needed for the single-threaded case, because there are allocations
(via av_packet_make_refcounted()) immediately after returning
from the encode-callback).

Furthermore, some further properties are only set in
encode_simple_internal(): For audio, pts and duration are derived
from the corresponding fields of the frame if the encoder does not
have the AV_CODEC_CAP_DELAY set. Yet this is wrong for frame-threaded
encoders, because frame-threading always introduces delay regardless
of whether the underlying codec has said cap. This only worked because
there are no frame-threaded audio encoders.

This commit fixes the code duplication and the above issue by factoring
this code out and reusing it in both places. It would work in case
of audio codecs with frame-threading, because now the values are
derived from the correct AVFrame.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-27 02:23:43 +02:00