This fixes infinite loops due to seeking back.
Reviewed-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This fixes infinite loops.
Reviewed-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
The loop can be very long, even though the file is very short.
Reviewed-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Both avio_skip and detect_unknown_subobject use int64_t for the size
parameter.
This fixes a segmentation fault due to infinite recursion.
Reviewed-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Otherwise invalid values are used unchecked in the next run.
This can cause NULL pointer dereferencing.
Reviewed-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Fixes out of array access
Fixes: asan_heap-oob_445b39_1741_d00eb645ab48eb2203b4a04a5b997103.ivr
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes runtime error: null pointer passed as argument 2, which is
declared to never be null
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Fixes out of array read
Fixes: 03c406ec9530e594a074ce2979f8a1f0/asan_heap-oob_7dec26_4664_37c52495b2870a2eaac65f53958e76c1.flac
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Use av_realloc() rather than av_malloc() when normalizing noncompliant
private data in get_qt_codec().
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Either disabling or init'ing secure memory is required after the use
of gcry_check_version. From a look at the functions rtmpdh uses, I
noticed none require the use of secure memory, so we disable it [1][2].
This resolves some errors returned by rtmpdh code with uninitialized
gcrypt, especifically:
Fatal: failed to create the RNG lock: Invalid argument
FATAL: failed to acquire the FSM lock in libgrypt: Invalid argument
Version "1.5.4" was arbitrarily chosen. An older version probably works
as well, but I couldn't compile older versions to test on my machine.
[1]
https://gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
[2]
https://www.gnupg.org/documentation/manuals/gcrypt/Controlling-the-library.html
Signed-off-by: Ricardo Constantino <wiiaboo@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is used to store the difference between pointers, so ptrdiff_t is the
correct type.
This prevents potential overflows.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This fixes segmentation faults due to out of bounds writes, when
color_start is interpreted as negative number.
This regression was introduced in commit 57631f.
Reviewed-by: Mats Peterson <matsp888@yahoo.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This patch adds a new static function get_qt_codec() that takes care of
the initial retrieval of the fourcc and codec ID for A_QUICKTIME and
V_QUICKTIME. It also normalizes noncompliant private data found in some
older files that incorrectly starts with the fourcc by expanding/shifting
the data by 4 bytes, and storing the data size at the start. This is
necessary in order for the rest of the code in the A_QUICKTIME and
V_QUICKTIME blocks (and most likely other code as well) to correctly
parse the private data.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In many older QuickTime files, the audio format, or "fourcc", is
0x00000000. The QuickTime File Format Specification states the following
regarding this situation:
"This format descriptor should not be used, but may be found in some
files. Samples are assumed to be stored in either 'raw ' or 'twos'
format, depending on the sample size field in the sound description."
MPlayer handles this logic by itself, but FFmpeg/FFplay currently does
not.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In many older QuickTime files, the audio format, or "fourcc", is
0x00000000. The QuickTime File Format Specification states the following
regarding this situation:
"This format descriptor should not be used, but may be found in some
files. Samples are assumed to be stored in either 'raw ' or 'twos'
format, depending on the sample size field in the sound description."
MPlayer handles this logic by itself, but FFmpeg/FFplay currently does
not.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Both avio_skip and detect_unknown_subobject use int64_t for the size
parameter.
This fixes a segmentation fault due to infinite recursion.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Otherwise invalid values are used unchecked in the next run.
This can cause NULL pointer dereferencing.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This fixes NULL pointer dereferencing if the codec is forced to
adpcm_thp even though a different one was detected.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This fixes NULL pointer dereferencing.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
The QuickTime File Format Specification states the following:
"Depth: A 16-bit integer that indicates the pixel depth of the
compressed image. Values of 1, 2, 4, 8 ,16, 24, and 32 indicate the
depth of color images. The value 32 should be used only if the image
contains an alpha channel. Values of 34, 36, and 40 indicate 2-, 4-, and
8-bit grayscale, respectively, for grayscale images."
There is no mention of value 33, i.e. 1-bit video (0x01) with the
greyscale bit (0x20) set. I therefore suggest that we ignore the
greyscale bit when processing 1-bit video. Another reason to do this is
that the first 1-bit sample file below will be displayed properly with
blue colors in QuickTime in Windows or Mac *in spite of* the greyscale
bit being set.
Also, QuickTime in Windows or Mac ignores the greyscale bit if the
video sample description contains a palette, regardless of bit depth.
This is undocumented behaviour, but I think we should do the same, and
it seems pretty logical after all, since one wouldn't really bother
putting a customized palette into a grayscale file anyway. See the
second 8-bit sample file below, which has the greyscale bit set, and
which contains a palette in the video sample description. In Windows or
Mac, it will be displayed with the palette in the sample description, in
spite of the greyscale bit being set.
Sample file 1 (1-bit QuickTime Animation):
https://drive.google.com/open?id=0B3_pEBoLs0faTThSek1EeXQ0ZHM
Earth Spin 1-bit qtrle orig.mov
Sample file 2 (8-bit QuickTime Animation):
https://drive.google.com/open?id=0B3_pEBoLs0fad2s0V1YzUWo5aDA
quiz-palette+gs.mov
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes segmentation faults caused by passing a packet_ptr of NULL to
memcpy.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This preempts potential bugs if this is changed and the indention
ends up different from C interpretation
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes ubsan runtime error: left shift by 8 places cannot be
represented in type 'int'
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
* commit '69a68593ce5684409c3c4dd9a901bfd8b16925b1':
Remove stray line breaks from avpriv_{report_missing_feature|request_samples}
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
Also use a unsigned constant for the shift calculation, as 1 << 31 is
undefined for int32_t. This is also fixed oggparsetheora.
This fixes ubsan runtime error: shift exponent is too large for
32-bit type 'int'
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Fixes Ticket #5032
The samples in Ticket #5032 is using \r\r\n as line breaks. Since we
already are handling \r, or \n, or \r\n as line breaks, \r\n\n will be
considered as a double line breaks. This is an issue because
ff_subtitles_read_text_chunk() will as a result stop extracting a chunk
after just one line.
So instead of parsing the SRT by "chunks" (which means splitting every
double LB), this new parser is detecting timing lines, and split the
events on this basis. While this sounds safe and simple, it needs to
take into account the event number preceding the timing line while
handling situations such as:
- event number starting at 0 or actually any number instead of 1
- event numbers not being ordered at all
- event number being followed by text garbage (this really happened,
see Ticket #4898)
- event payload containing one or multiple number (a protagonist saying
a count-down, a date or whatever) which could be confused with a
chapter number
- event number being empty (see Ticket #2167)
- all kind of weird line breaks can appear randomly like wild pokémons
- untrustable line breaks (Ticket #5032)
The sample madness.srt tries to sum up most of this into one sample,
ticket5032-rrn.srt is the file containing \r\r\n line breaks. and
empty-events-2167.srt contains empty events.
* commit '64f8c439fd663fec4d57ac21af572d498fe21f7a':
rtmpproto: Include the full path as app when "slist=" is found
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
* commit '2d0432d918a71468419b7ac1e543ab3b399d3d37':
vocdec: put the code not shared with other demuxers under appropriate ifdef
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
This unbreaks muxing-encoding
Example:
ffmpeg -i matrixbench_mpeg2.mpg new.avi
-rw-r----- 1 michael michael 226035354 Jan 1 16:27 new.avi
-rw-r----- 1 michael michael 10016802 Jan 1 16:28 ref.avi
Also av_get_audio_frame_duration() itself uses frame_size
This reverts commit 29e6606e9b, reversing
changes made to 53448461a7.
* commit '955aec3c7c7be39b659197e1ec379a09f2b7c41c':
mpegaudiodecheader: check the header in avpriv_mpegaudio_decode_header
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
* commit '6bf4c1d71199b92894f24db6386ed5070e590a16':
r3d: do not create the audio stream until we know the sample rate
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
* commit '9f1eccb97bf8894cb18b14f642500686505ef186':
ff_parse_specific_params: do not use AVCodecContext.frame_size
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
support reading encrypted mp4 using aes-ctr, conforming to ISO/IEC
23001-7.
a new parameter was added:
- decryption_key - 128 bit decryption key (hex)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes crashes caused by out-of-bounds writes.
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This commit for qtpalette.c and qtpalette.h adds 1-bit video to the
"palettized video" category, since if the video sample description
contains a palette, the two colors in the palette can be any color, not
necessarily black & white.
Unfortunately, I've noticed that the qtrle (QuickTime Animation) decoder
blindly assumes that 1-bit video is black & white. I don't have enough
knowledge about the decoder to fix this, though.
Below is a link to a sample 1-bit QuickTime Animation clip of a rotating
earth that uses blueish colors, and they will be correctly rendered in
QuickTime, but not in FFmpeg (which will use black & white).
https://drive.google.com/open?id=0B3_pEBoLs0faUlItWm9KaGJSTEE
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This solves the problem discussed in https://ffmpeg.org/pipermail/ffmpeg-devel/2015-September/179238.html
by allowing AVCodec::write_header to be delayed until after packets have been
run through required bitstream filters in order to generate global extradata.
It also provides a mechanism by which a muxer can add a bitstream filter to a
stream automatically, rather than prompting the user to do so.
Palettized QuickTime video in Matroska has hitherto not been recognized
whatsoever, and the "palette" used has been completely random.
The patch for matroskadec.c fixes this issue by adding a palette side
data packet in matroska_deliver_packet(), much in the same way as it's
done in mov.c.
Video samples for testing are available at
https://drive.google.com/open?id=0B3_pEBoLs0faWElmM2FnLTZYNlk.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This consists mainly of moving the palette handling from
the mov_parse_stsd_video() function to a new ff_get_qtpalette() function
in the new file qtpalette.c, which will be shared by both matroskadec.c and
mov.c.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Previous "currently size is limited" didn't give away
much in terms of useful info.
Signed-off-by: Reynaldo H. Verdejo Pinochet <reynaldo@osg.samsung.com>
So far an AC-3 elementary stream is refered to in the PMT according to
System A (ATSC). An E-AC-3 ES in contrast is embedded the System B (DVB) way.
To fix this inconsistency, this commit changes the default E-AC-3 behaviour to
use the ATSC way, too. Furthermore a new flag is added to optionally select the
DVB way (regarding both codecs and possible further differences in the future).
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes a specific srt sample, which has an event with negative duration.
libavcodec will convert an event with negative duration to an ASS event
which will be displayed forever, which is not wanted here.
Treat negative duration always as unknown duration instead, and show it
until the next subtitle event.
A negative bits_per_coded_sample doesn't make sense.
If it is too large, the size calculation for av_get_packet overflows,
resulting in allocation of a too small buffer.
Also make sure width and height are sane.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
If it is negative, it can cause the byte position to move backwards in
avio_skip, which in turn makes sm_size negative and thus size larger
than the size of the packet buffer, causing invalid writes in avio_read.
Also fix potential overflow of avio_tell(bc) + value_len.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be null
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Since the parser was merged back almost 2 months ago this is the first
time the bitstream of the container has been updated.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
* commit 'e02de9df4b218bd6e1e927b67fd4075741545688':
lavc: export Dirac parsing API used by the ogg demuxer as public
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
A negative codec_id cannot be handled by the found_decoder API of
AVStream->info: if the codec_id is not recognized, found_decoder is set
to -codec_id, which has to be '<0' according to the API documentation.
This can cause NULL pointer dereferencing in try_decode_frame.
Also make sure the codec_type matches the expected one for codec_id.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
support writing encrypted mp4 using aes-ctr, conforming to ISO/IEC
23001-7.
3 new parameters were added:
- encryption_scheme - allowed values are none (default) and cenc-aes-ctr
- encryption_key - 128 bit encryption key (hex)
- encryption_kid - 128 bit encryption key identifier (hex)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
So far an AC-3 elementary stream is refered to in the PMT according to
System A (ATSC). However System B (DVB) has a different way to signal an AC-3
ES within the PMT. This different way can be enabled by a new flag. The flag is
more generally named 'system_b' as there are further differences between ATSC
and DVB (e.g. the signalling of E-AC-3) which should then also be covered by it
in the future.
Bug-Id: 73
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Similar to 33fefdb44.
Fix trac ticket #4921.
Signed-off-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The current muxer behaviour is to create streams in read_header() based
on the audio/video presence flags, but fill in the stream parameters
later when we actually get some packets for them. This is rather shady,
since other demuxers set the stream parameters immediately when the
stream is created and do not touch the stream codec context after that.
Change the flv demuxer to behave in the same way as other similar
demuxers -- create the streams only when we get a packet for them.
Almost all the places from which this function is called already check
the header manually and in the two that don't (the mp3 muxer) the check
should not cause any problems.
It will not be set unless the muxing codec context is also the encoding
context, which is discouraged. When the frame size is not known from
av_get_audio_frame_duration(), the fallback should still be good enough.
It will not be set if the stream codec context is not the encoding
context. Use av_get_audio_frame_duration() instead, it should work for
all audio codecs supported by the muxer.
* commit '5f3a081b42b84404a40a52c80ef7a354cf048c56':
avi: Spin out the logic to position to the next non-interleaved stream
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
matroskaenc applies divisors to the display width/height when generating
stereo content. This patch adds the corresponding multipliers to matroskadec
so that the original sample aspect ratio can be recovered.
Signed-off-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* commit 'a0fa6d06b848f26b16ba12f0a9a4a85b93ab8022':
matroska: Warn when metadata references a non-existent element
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
It is required to call va_end for each invocation of va_start within the
same function.
Fixes: CID 1341583.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com>
Checking the codec context parameters to find out this information is
far too unreliable to be useful, so it is safer to assume B-frames are
always present.
QuickTime metadata can come after trak data. Add indicator for which trak is being parsed (-1 if none) so that global metadata after the trak can be parsed.
Signed-off-by: Neil Birkbeck <neil.birkbeck@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
