1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00

15573 Commits

Author SHA1 Message Date
Aneesh Dogra
3e9cd8b4b0 qpeg: Use bytestream2 functions to prevent buffer overreads.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-03 20:40:00 -08:00
Ronald S. Bultje
b4188f0d46 vp8: convert simple loopfilter x86 assembly to use named arguments. 2012-03-03 20:40:00 -08:00
Ronald S. Bultje
8476ca3b4e vp8: convert idct x86 assembly to use named arguments. 2012-03-03 20:40:00 -08:00
Ronald S. Bultje
21ffc78fd7 vp8: convert mc x86 assembly to use named arguments. 2012-03-03 20:40:00 -08:00
Ronald S. Bultje
28170f1a39 vp8: convert loopfilter x86 assembly to use cpuflags(). 2012-03-03 20:40:00 -08:00
Ronald S. Bultje
e25be47154 vp8: convert idct/mc x86 assembly to use cpuflags(). 2012-03-03 20:39:59 -08:00
Justin Ruggles
51ddf35c90 wmaenc: fix m/s stereo encoding for the first frame
We need to set ms_stereo in encode_init() in order to avoid incorrectly
encoding the first frame as non-m/s while flagging it as m/s. Fixes an
uncomfortable pop in the left channel at the start of playback.

CC:libav-stable@libav.org
2012-03-03 18:20:10 -05:00
Justin Ruggles
8ed7488ea3 wmaenc: return s->block_align instead of recalculating it 2012-03-03 18:20:10 -05:00
Justin Ruggles
5d652e063b wmaenc: check final frame size against output packet size
Currently we have an assert() that prevents the frame from being too large,
but it is more user-friendly to give an error message instead of aborting on
assert(). This condition is quite unlikely due to the minimum bit rate check
in encode_init(), but it is still worth having.
2012-03-03 18:20:10 -05:00
Justin Ruggles
dfc4fdedf8 wmaenc: require a large enough output buffer to prevent overwrites
The maximum theoretical frame size is around 17000 bytes. Although in
practice it will generally be much smaller, we require a larger buffer
just to be safe.

CC: libav-stable@libav.org
2012-03-03 18:20:10 -05:00
Justin Ruggles
1ec075cfec wmaenc: limit allowed sample rate to 48kHz
ff_wma_init() allows up to 50kHz, but this generates an exponent band
size table that requires 65 bands. The code assumes 25 bands in many
places, and using sample rates higher than 48kHz will lead to buffer
overwrites.

CC:libav-stable@libav.org
2012-03-03 18:20:10 -05:00
Justin Ruggles
c2b8dea182 wmaenc: limit block_align to MAX_CODED_SUPERFRAME_SIZE
This is near the theoretical limit for wma frame size and is the most that
our decoder can handle. Allowing higher bit rates will just end up padding
each frame with empty bytes.

Fixes invalid writes for avconv when using very high bit rates.

CC:libav-stable@libav.org
2012-03-03 18:20:09 -05:00
Justin Ruggles
0b8b7db01b mpegaudio_parser: do not ignore information from the first parsed frame
Update some demuxing and seeking fate tests.
2012-03-03 17:03:26 -05:00
Michael Niedermayer
6776a8f189 mpegaudio_parser: be less picky about the start position
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
2012-03-03 17:03:26 -05:00
Justin Ruggles
5602a464c9 avcodec: add a Vorbis parser to get packet duration
This also allows for removing some of the Vorbis-related hacks.
2012-03-03 16:43:11 -05:00
Justin Ruggles
737ca4482b vorbisdec: read the previous window flag for long windows
When reading sequentially, we are using the actual flag from the previous
frame, but when seeking we do not know what the previous window flag was, so
we need to read it from the bitstream.
2012-03-03 16:43:11 -05:00
Anton Khirnov
7fb6c9225c lavc: free the output packet when encoding failed or produced no output. 2012-03-03 06:31:41 +01:00
Anton Khirnov
e42e9b0e4d lavc: preserve avpkt->destruct in ff_alloc_packet().
Also, don't bother with saving/restoring data, av_init_packet doesn't
touch it.
2012-03-03 06:31:41 +01:00
Anton Khirnov
c179c9e19d lavc: clarify the meaning of AVCodecContext.frame_number. 2012-03-03 06:31:41 +01:00
Ronald S. Bultje
9d87374ec0 amrwb: remove duplicate arguments from extrapolate_isf().
Prevents warnings because the dst and src overlap (are the same) in the
memcpy() inside the function.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-02 12:50:00 -08:00
Ronald S. Bultje
154b8bb800 amrwb: error out early if mode is invalid.
Prevents using the invalid mode as an index in a static array, which
would generate invalid reads.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-02 10:34:50 -08:00
Ronald S. Bultje
291c9b6285 h264: change underread for 10bit QPEL to overread.
This prevents us from reading before the start of the buffer, and thus
prevents crashes resulting from this behaviour. Fixes bug 237.
2012-03-02 10:33:05 -08:00
Ronald S. Bultje
45549339bc vp8: disable mmx functions with sse/sse2 counterparts on x86-64.
x86-64 is guaranteed to have at least SSE2, therefore the MMX/MMX2
functions will never be used in practice.
2012-03-02 10:32:05 -08:00
Ronald S. Bultje
bd66f073fe vp8: change int stride to ptrdiff_t stride.
On 64bit platforms with 32bit int, this means we won't have to sign-
extend the integer anymore.
2012-03-02 10:31:50 -08:00
Ronald S. Bultje
349b7977e4 wma: fix invalid buffer size assumptions causing random overreads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-02 10:31:28 -08:00
Mashiat Sarker Shakkhar
9d25f1f619 Windows Media Audio Lossless decoder
Decodes 16-bit WMA Lossless encoded files. 24-bit is not supported yet.

Bitstream parser written by Andreas Öman with contributions from
Baptiste Coudurier and Ulion.

Includes a number of bug-fixes from Benjamin Larsson, Michael Niedermayer and
Konstantin Shishkov, shine and polish by Diego Biurrun.

Signed-off-by: Diego Biurrun <diego@biurrun.de>
2012-03-02 19:10:29 +01:00
Alex Converse
9243ec4a50 rv10/20: Fix slice overflow with checked bitstream reader. 2012-03-02 09:31:32 -08:00
Michael Niedermayer
71db86d53b h263dec: Disallow width/height changing with frame threads.
Fixes CVE-2011-3937

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-02 09:31:32 -08:00
Alex Converse
2f6528537f rv10/20: Fix a buffer overread caused by losing track of the remaining buffer size.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-02 09:31:32 -08:00
Martin Storsjö
b087ce2bee g722: Fix the QMF scaling
This fixes clipping if the encoder input used the full 16 bit
input range (samples with a magnitude below 16383 worked fine).
The filtered subband samples should be 15 bit maximum, while
the code earlier produced them scaled to 16 bit.

This makes the decoder output have double the magnitude
compared to before.

The spec reference samples doesn't test the QMF at all, which
was why this part slipped past initially.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-03-02 18:58:19 +02:00
Derek Buitenhuis
f604eab30a wavpack: Fix an integer overflow
Integer Overflow Checker detected an integer
overflow while FATE was running.

See: http://fate.libav.org/x86_64-linux-ioc/

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
2012-03-02 08:26:36 +01:00
Diego Biurrun
1c4717be4f mjpegdec: use correct variable in av_log invocation
libavcodec/mjpegdec.c:1463: warning: format ‘%x’ expects type ‘unsigned int’, but argument 5 has type ‘const uint8_t *’
2012-03-01 23:11:15 +01:00
Diego Biurrun
324deaa268 Replace AVFrame pointer type punning by proper struct member assignments. 2012-03-01 23:11:13 +01:00
Diego Biurrun
47c0ac96aa Replace AVFrame pointer casts by proper struct member accesses. 2012-03-01 23:11:11 +01:00
Diego Biurrun
562b6c744a Remove unnecessary AVFrame pointer casts. 2012-03-01 23:11:10 +01:00
Diego Biurrun
2f4b476e04 msmpeg4: Split encoding backend code off from general backend code. 2012-03-01 23:11:09 +01:00
Anton Khirnov
eb727387fd lavc: shrink encoded video packet size after encoding.
Based on a patch by Nicolas George <nicolas.george <at> normalesup.org>
2012-03-01 22:21:35 +01:00
Ronald S. Bultje
0ce4fe482c h264: error out on invalid bitdepth.
Fixes invalid reads while initializing the dequant tables, which uses
the bit depth to determine the QP table size.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-01 12:15:51 -08:00
Christophe Gisquet
cc412b7104 aacsbr: use a swap index for the Y matrix rather than copy buffers.
Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-03-01 11:03:00 -08:00
Ronald S. Bultje
63c9de6469 huffyuv: do not abort on unknown pix_fmt; instead, return an error.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-01 10:23:36 -08:00
Ronald S. Bultje
bd17a40a7e lcl: return negative error codes on decode_init() errors.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-01 07:12:29 -08:00
Martin Storsjö
bdc1220eeb h263enc: Add an option for outputting info about MBs as side data
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-03-01 16:08:31 +02:00
Martin Storsjö
442c1320e7 avpacket: Add a function for shrinking already allocated side data
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-03-01 16:08:30 +02:00
Vitor Sessak
5cd1337f5d nellymoserdec: Saner and faster IMDCT windowing
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-02-29 15:38:35 -08:00
Vitor Sessak
882abda5a2 amrnbdec: check frame size before decoding.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-02-29 14:13:58 -08:00
Ronald S. Bultje
8a9faf33f2 cscd: use negative error values to indicate decode_init() failures.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-29 14:04:23 -08:00
Ronald S. Bultje
d1604b3de9 h264: prevent overreads in intra PCM decoding.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-29 13:17:34 -08:00
Vitor Sessak
9b4cd58611 mpegaudiodec: use DSPUtil.butterflies_float().
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-02-29 12:12:50 -08:00
Ronald S. Bultje
07a180972f vmnc: return error on decode_init() failure.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-29 11:58:27 -08:00
Justin Ruggles
a45a1ea521 libvorbis: add/update error messages
also use AVERROR codes for some return values instead of -1
2012-02-29 14:54:25 -05:00