1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-12 19:18:44 +02:00
Commit Graph

275 Commits

Author SHA1 Message Date
Michael Niedermayer
ab56e62e8f avcodec/vp5/6/8: use vpX_rac_is_end()
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-22 18:35:44 +02:00
Michael Niedermayer
db6ed2b828 avcodec/vp8: do vp7_fade_frame() later
Fixes: Timeout (100sec -> 5sec)
Fixes: 15073/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP7_fuzzer-5649257362620416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-03 17:10:24 +02:00
Michael Niedermayer
b11b3d2585 avcodec/vp7: Check for end of input in vp78_decode_mv_mb_modes()
Fixes: Timeout
Fixes: 10313/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP7_fuzzer-5637719389110272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-12-16 09:49:07 +01:00
Michael Niedermayer
74af6ae021 avcodec/vp8: Check bitstream input in vp7_fade_frame() before time consuming operation
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-09-12 00:52:01 +02:00
Michael Niedermayer
115b7c96e9 libavcodec/vp8: Do not compute line pointers per pixel in fade()
72->60 seconds
Testcase: 8680/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP7_fuzzer-5861504418054144

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-07-07 12:09:34 +02:00
Michael Niedermayer
de675648ce avcodec/vp8: Check for bitstream end before vp7_fade_frame()
Fixes: Timeout
Fixes: 5653/clusterfuzz-testcase-5497680018014208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-02-17 20:31:39 +01:00
Jun Zhao
d228d52f1c lavc/vp8: Support resolution changes in the VP8 decoder hwaccel
Use the following command to reproduce this issue:
make fate-vp8-size-change HWACCEL="vaapi -vaapi_device \
/dev/dri/renderD128 -hwaccel_output_format yuv420p"
SAMPLES=../fate-suite/.

At the same time, reconstruct the public logic as a function.

Signed-off-by: Yun Zhou <yunx.z.zhou@intel.com>
Signed-off-by: Jun Zhao <jun.zhao@intel.com>
Signed-off-by: Mark Thompson <sw@jkqxz.net>
2017-12-15 16:52:32 +00:00
Philip Langdale
1da9851e34 avcodec/nvdec: Implement vp8 hwaccel 2017-11-26 14:55:01 -08:00
Mark Thompson
40b75a943b vaapi: Add VP8 decode hwaccel 2017-11-26 21:41:19 +00:00
Mark Thompson
9f00fa5369 vp8: Add hwaccel hooks
Also adds some extra fields to the main context structure that may
be needed by a hwaccel decoder.

The current behaviour of the WebP decoder is maintained by adding an
additional field to the VP8 decoder private context to indicate that
it is actually being used as WebP (no hwaccel is supported for that
case).
2017-11-26 21:41:19 +00:00
James Almer
318778de9e Merge commit 'fd9212f2edfe9b107c3c08ba2df5fd2cba5ab9e3'
* commit 'fd9212f2edfe9b107c3c08ba2df5fd2cba5ab9e3':
  Mark some arrays that never change as const.

Merged-by: James Almer <jamrial@gmail.com>
2017-09-26 16:02:40 -03:00
Michael Niedermayer
6b5d3fb26f avcodec/webp: Always set pix_fmt
Fixes: out of array access
Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632
Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-10 22:52:35 +02:00
Ronald S. Bultje
fed92adbb3 vp8: make mv_min/max thread-local if using partition threading.
Fixes tsan warnings like this in fate-vp8-test-vector-007:

WARNING: ThreadSanitizer: data race (pid=65909)
  Write of size 4 at 0x7d8c0000e088 by thread T1:
    #0 vp8_decode_mb_row_sliced vp8.c:2519 (ffmpeg:x86_64+0x100995ede)
[..]
  Previous write of size 4 at 0x7d8c0000e088 by thread T2:
    #0 vp8_decode_mb_row_sliced vp8.c:2519 (ffmpeg:x86_64+0x100995ede)
2017-04-06 10:03:28 -04:00
Ronald S. Bultje
9a54c6f243 vp8: make wait/thread_mb_pos atomic.
Fixes tsan warnings like this in fate-vp8-test-vector-007:

WARNING: ThreadSanitizer: data race (pid=3590)
  Write of size 4 at 0x7d8c0000e07c by thread T2:
    #0 decode_mb_row_no_filter src/libavcodec/vp8.c:2330 (ffmpeg+0x000000ffb59e)
[..]
  Previous write of size 4 at 0x7d8c0000e07c by thread T1:
    #0 decode_mb_row_no_filter src/libavcodec/vp8.c:2330 (ffmpeg+0x000000ffb59e)
2017-04-06 10:03:28 -04:00
James Almer
e5623aafd8 Merge commit '87c6c78604e4dd16f1f45862b27ca006da010527'
* commit '87c6c78604e4dd16f1f45862b27ca006da010527':
  vp8: Change type of stride parameters to ptrdiff_t

Merged-by: James Almer <jamrial@gmail.com>
2017-03-19 15:11:44 -03:00
Thomas Guilbert
9bbc73ae9f avcodec/vp8: Fix hang with slice threads
Fixes: 447860.webm

Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-10 02:20:21 +01:00
Michael Niedermayer
1afd246960 avcodec/vp8: Check for the bitstream end per MB in decode_mb_row_no_filter()
Fixes: timeout in 730/clusterfuzz-testcase-5265113739165696 (part 2 of 2)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-07 21:29:43 +01:00
Michael Niedermayer
55d7371fe0 avcodec/vp568: Check that there is enough data for ff_vp56_init_range_decoder()
Fixes: timeout in 730/clusterfuzz-testcase-5265113739165696 (part 1 of 2)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-07 21:29:12 +01:00
Michael Niedermayer
5098a6f627 avcodec/vp8: remove redundant check
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-07 19:13:19 +01:00
Michael Niedermayer
7b5ff7d573 avcodec/vp8: Check for bitsteam end in decode_mb_row_no_filter()
Fixes timeout with 686/clusterfuzz-testcase-5853946876788736

this shortcuts (i.e. speeds up) the error and
return-to-user when decoding a truncated frame

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Previous version reviewed by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-01 14:07:33 +01:00
Anton Khirnov
fd9212f2ed Mark some arrays that never change as const. 2017-02-01 10:42:59 +01:00
Mark Thompson
a9fb134730 lavc/vaapi: Add VP8 decode hwaccel 2016-09-08 21:58:22 +01:00
Mark Thompson
4e528206bc vp8: Add hwaccel hooks
Also adds some extra fields to the main context structure that may
be needed by a hwaccel decoder.
2016-09-08 21:58:22 +01:00
Diego Biurrun
87c6c78604 vp8: Change type of stride parameters to ptrdiff_t
ptrdiff_t is the correct type for array strides and similar.
2016-08-26 11:36:53 +02:00
Clément Bœsch
8df1dbd798 Merge commit '5afb94c817abffad030c6b94d7003dca8aace3d5'
* commit '5afb94c817abffad030c6b94d7003dca8aace3d5':
  Mark read-only tables as static

Merged-by: Clément Bœsch <u@pkh.me>
2016-06-21 22:09:35 +02:00
Diego Biurrun
5afb94c817 Mark read-only tables as static 2016-05-05 10:48:34 +02:00
Derek Buitenhuis
a5a6621616 Merge commit 'f4d581cda3897f66c1dda7586b93f86a591dbbef'
* commit 'f4d581cda3897f66c1dda7586b93f86a591dbbef':
  lavc: Deduplicate zigzag_scan table

Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2016-04-24 11:47:39 +01:00
Diego Biurrun
f4d581cda3 lavc: Deduplicate zigzag_scan table 2016-03-25 15:23:56 +01:00
Ganesh Ajjanagadde
2cbaa078d1 avcodec: use HAVE_THREADS header guards to silence -Wunused-function
When compiled with --disable-pthreads, e.g
http://fate.ffmpeg.org/report.cgi?time=20150917015044&slot=alpha-debian-qemu-gcc-4.7,
a bunch of -Wunused-functions are reported due to missing header guards
around threading related functions.
This patch should silence such warnings.

Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com>
2015-10-04 12:47:34 -04:00
Michael Niedermayer
dabea74d0e avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup
The variable is not a constant and can lead to race conditions

Fixes: repro.webm (not reproducable with FFmpeg alone)

Found-by: Dale Curtis <dalecurtis@google.com>
Tested-by: Dale Curtis <dalecurtis@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-10-01 00:58:46 +02:00
Hendrik Leppkes
983fa5a1a9 Merge commit '7bf9647264308d2df74b2b50669f2d02a7ecc90b'
* commit '7bf9647264308d2df74b2b50669f2d02a7ecc90b':
  vp7: bound checking in vp7_decode_frame_header

Only partially merged, see 46f72ea507

Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
2015-08-18 09:14:08 +02:00
Federico Tomassetti
7bf9647264 vp7: bound checking in vp7_decode_frame_header
CC: libav-stable@libav.org
2015-08-16 19:02:16 +02:00
Michael Niedermayer
444e9874a7 Merge commit 'def97856de6021965db86c25a732d78689bd6bb0'
* commit 'def97856de6021965db86c25a732d78689bd6bb0':
  lavc: AV-prefix all codec capabilities

Conflicts:
	cmdutils.c
	ffmpeg.c
	ffplay.c
	libavcodec/8svx.c
	libavcodec/aacenc.c
	libavcodec/ac3dec.c
	libavcodec/adpcm.c
	libavcodec/alac.c
	libavcodec/atrac3plusdec.c
	libavcodec/bink.c
	libavcodec/dnxhddec.c
	libavcodec/dvdec.c
	libavcodec/dvenc.c
	libavcodec/ffv1dec.c
	libavcodec/ffv1enc.c
	libavcodec/fic.c
	libavcodec/flacdec.c
	libavcodec/flacenc.c
	libavcodec/flvdec.c
	libavcodec/fraps.c
	libavcodec/frwu.c
	libavcodec/gifdec.c
	libavcodec/h261dec.c
	libavcodec/hevc.c
	libavcodec/iff.c
	libavcodec/imc.c
	libavcodec/libopenjpegdec.c
	libavcodec/libvo-aacenc.c
	libavcodec/libvorbisenc.c
	libavcodec/libvpxdec.c
	libavcodec/libvpxenc.c
	libavcodec/libx264.c
	libavcodec/mjpegbdec.c
	libavcodec/mjpegdec.c
	libavcodec/mpegaudiodec_float.c
	libavcodec/msmpeg4dec.c
	libavcodec/mxpegdec.c
	libavcodec/nvenc_h264.c
	libavcodec/nvenc_hevc.c
	libavcodec/pngdec.c
	libavcodec/qpeg.c
	libavcodec/ra288.c
	libavcodec/rv10.c
	libavcodec/s302m.c
	libavcodec/sp5xdec.c
	libavcodec/takdec.c
	libavcodec/tiff.c
	libavcodec/tta.c
	libavcodec/utils.c
	libavcodec/v210dec.c
	libavcodec/vp6.c
	libavcodec/vp9.c
	libavcodec/wavpack.c
	libavcodec/yop.c

Merged-by: Michael Niedermayer <michael@niedermayer.cc>
2015-07-27 22:50:18 +02:00
Vittorio Giovara
def97856de lavc: AV-prefix all codec capabilities
Express bitfields more simply.

Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2015-07-27 15:24:58 +01:00
Michael Niedermayer
599d746e07 avcodec/vp8: Check buffer size in vp8_decode_frame_header()
avoids null pointer dereference
Fixes: signal_sigsegv_d5de40_964_vp80-00-comprehensive-010.ivf with memlimit of 1048576

Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-07-18 19:37:04 +02:00
Michael Niedermayer
a84f0e8d8f avcodec/vp8: Fix null pointer dereference in ff_vp8_decode_free()
Fixes: signal_sigsegv_d5de23_967_vp80_00_comprehensive_010.ivf with memlimit 524288

Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-07-18 19:03:23 +02:00
Andreas Cadhalpun
6fdbaa2b7f vp8: change mv_{min,max}.{x,y} type to int
If one of the dimensions is larger than 8176, s->mb_width or
s->mb_height is larger than 511, leading to an int16_t overflow of
s->mv_max.{x,y}. This then causes av_clip to be called with amin > amax.

Changing the type to int avoids the overflow and has no negative
effect, because s->mv_max is only used in clamp_mv for clipping.
Since mv_max.{x,y} is positive and mv_min.{x,y} negative, av_clip can't
increase the absolute value. The input to av_clip is an int16_t, and
thus the output fits into int16_t as well.

For additional safety, s->mv_{min,max}.{x,y} are clipped to int16_t range
before use.

Reviewed-by: Ronald S. Bultje <rsbultje@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
2015-06-08 23:29:14 +02:00
Michael Niedermayer
0a6b410edf avcodec/vp8: Suppress empty body warnings
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-06 16:03:56 +02:00
Christophe Gisquet
3814f92fd7 lavc: use LOCAL_ALIGNED instead of DECLARE_ALIGNED
The later may yield incorrect code for on-stack variables.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-14 20:36:43 +01:00
Michael Niedermayer
9b2a964cee avcodec/vp8: Fix undefined shifts in vp8_mc_luma()
Found-by: Clang -fsanitize=shift
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-11 16:55:07 +01:00
Clément Bœsch
4d028bf202 avcodec/vp8: remove double ;; 2015-01-18 00:34:19 +01:00
Michael Niedermayer
9fb5a91c66 Merge commit '014b6b416fec89777cb9cff61bcf7896eaf7cf39'
* commit '014b6b416fec89777cb9cff61bcf7896eaf7cf39':
  vp8: improve memory allocation checks

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-01-15 13:10:48 +01:00
Vittorio Giovara
014b6b416f vp8: improve memory allocation checks
Check memory earlier, check one more allocation and clean up on error.

CC: libav-stable@libav.org
Bug-Id: CID 1257773
2015-01-15 01:25:07 +01:00
Michael Niedermayer
cdbebae444 Merge commit '85dc006b1a829726dd5e3a9b0fcc6a1dbfe6dffa'
* commit '85dc006b1a829726dd5e3a9b0fcc6a1dbfe6dffa':
  lavc: fix bitshifts amount bigger than the type

Conflicts:
	libavcodec/internal.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-18 03:16:38 +01:00
Vittorio Giovara
85dc006b1a lavc: fix bitshifts amount bigger than the type
CC: libav-stable@libav.org
Bug-Id: CID 1194387 / CID 1194389 / CID 1194393 / CID 1206638
2014-11-18 00:39:23 +01:00
Michael Niedermayer
29234f5681 vp7: fix checking vp7_feature_value_size()
CC: libav-stable@libav.org
Bug-Id: CID 1197061
2014-11-13 01:41:25 +01:00
Michael Niedermayer
3bc86462a2 Merge commit '65875a8b3b079752da25a61ec188d2e3d90a569f'
* commit '65875a8b3b079752da25a61ec188d2e3d90a569f':
  vp8: initialize color space and range properties

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-09 02:36:58 +02:00
Vittorio Giovara
65875a8b3b vp8: initialize color space and range properties 2014-10-08 18:17:50 +01:00
Michael Niedermayer
fb33bff990 Merge commit 'f929ab0569ff31ed5a59b0b0adb7ce09df3fca39'
* commit 'f929ab0569ff31ed5a59b0b0adb7ce09df3fca39':
  cosmetics: Write NULL pointer equality checks more compactly

Conflicts:
	cmdutils.c
	ffmpeg_opt.c
	ffplay.c
	libavcodec/dvbsub.c
	libavcodec/dvdsubdec.c
	libavcodec/dvdsubenc.c
	libavcodec/dxa.c
	libavcodec/libxvid_rc.c
	libavcodec/mpegvideo.c
	libavcodec/mpegvideo_enc.c
	libavcodec/rv10.c
	libavcodec/tiffenc.c
	libavcodec/utils.c
	libavcodec/vc1dec.c
	libavcodec/zmbv.c
	libavdevice/v4l2.c
	libavformat/matroskadec.c
	libavformat/movenc.c
	libavformat/sdp.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-08-15 21:00:50 +02:00
Gabriel Dume
f929ab0569 cosmetics: Write NULL pointer equality checks more compactly
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2014-08-15 03:18:18 -07:00