the init.mp4 can be expanded with strftime the same way as
hls_segment_filename.
Signed-off-by: Nikola Pajkovsky <nikola@pajkovsky.cz>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
fix ticket: 8989
This is is due to the following behavior in the current code:
1. The initial_prog_date_time gets set to the current local time
2. The existing playlist (.m3u8) file gets parsed and the segments
present are added to the variant stream
3. The new segment is created and added
4. The existing segments and the new segment are written to the
playlist file. The initial_prog_date_time from point 1 is used
for calculating "#EXT-X-PROGRAM-DATE-TIME" for the segments,
which results in incorrect "#EXT-X-PROGRAM-DATE-TIME" values
for existing segments
The following approach fixes this bug:
1. Add a new variable "discont_program_date_time" of type double
to HLSSegment struct
2. Store the "EXT-X-PROGRAM-DATE-TIME" value from the existing
segments in this variable
3. When writing to playlist file if "discont_program_date_time"
is set, then use that value for "EXT-X-PROGRAM-DATE-TIME" else
use the value present in vs->initial_prog_date_time
Signed-off-by: Vignesh Ravichandran <vignesh.ravichandran02@gmail.com>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
As this is a meta muxer and the same flag is set with the fifo
meta muxer, there is really no reason not to have this set here
as well.
Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
Fixes: signed integer overflow: 175 + 2147483571 cannot be represented in type 'int'
Fixes: 26833/clusterfuzz-testcase-minimized-ffmpeg_dem_IMAGE2_fuzzer-5969501214212096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 46671062 * 100 cannot be represented in type 'int'
Fixes: 26826/clusterfuzz-testcase-minimized-ffmpeg_dem_REALTEXT_fuzzer-5644062910316544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
By using the frame counter (and the video time base) for audio pts we lose some
timestamp precision but we ensure that video and audio coming from the same DV
frame are always in sync.
This patch also makes timestamps after seek consistent and it should also fix
the timestamps when the audio clock is unlocked and have a completely
indpendent clock source. (E.g. runs on fixed 48009 Hz which should have been
exact 48000 Hz)
Fixes out of sync timestamps in ticket #8762.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes: signed integer overflow: 18 + 9223372036854775799 cannot be represented in type 'long'
Fixes: 26731/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5696846019952640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
These fields are not signed in the spec (1.0) so they cannot be negative
Changing bytes_per_packet to unsigned would not solve this as it is exported
as block_align which is signed
Fixes: Infinite loop
Fixes: 26492/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5632087614554112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is a pathological case where the fuzzer provides only 2 bytes per iteration.
Fixes: Timeout (>30 -> 0.9sec)
Fixes: 26488/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTS_fuzzer-5911031077142528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Currently a repeating setup request (with the same stream id) will
simply overwrite rtp_handle/transport_priv without freeing the
resources first. This is fixed by closing the previous setup request.
Reviewed-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
Fixes: signed integer overflow: -4683718486770919638 * 2 cannot be represented in type 'long'
Fixes: 26704/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6327056939614208
Fixes: 27550/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6259212652642304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of 65536 by 15 places cannot be represented in type 'int'
Fixes: 26801/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-5164313092030464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The FLAC muxer currently stores an attached picture corresponding to an
AVStream in AVStream.priv_data. The AVPacket contained therein is
unreferenced after it has been written. The AVPacket structure itself is
then freed generically as AVStream.priv_data.
And this can lead to memleaks if an attached picture is not written:
It might be because the trailer is never written or because writing
a previous attached picture failed in case error_recognition is set
to explode.
Therefore free the packets properly (i.e. with av_packet_free())
in the muxer's deinit function.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long'
Fixes: 26549/clusterfuzz-testcase-minimized-ffmpeg_dem_AVS_fuzzer-4844306424397824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The 'alac' identifier has been registered to ISO and thus towards
ISOBMFF at the MP4 registration authority. The existing non-MOV
mux mode matches the official ALAC-in-MP4 specification.
Fixes: signed integer overflow: 9223372036854775807 + 8 cannot be represented in type 'long'
Fixes: 27341/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5442833206738944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In sdp_read_header() some ff_network_close() calls were missed.
Also in rtp_read_header() update comment to explain why a single
call to ff_network_close() is enough to cover all cases even if
sdp_read_header() returns an error.
Reviewed-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
In this error path ret still stores the number of bytes read in
ffurl_read().
Reviewed-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
As per the docs network initialization is required before ff_url_join().
Furthermore, because the ff_network_init() was skipped, this makes
one additional call to ff_network_close() if the stream exits without
errors.
The was forgotten in the origin commit of the listen mode:
a8ad6ffafe
Reviewed-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
The Block timestamp read in matroska_parse_block() is in track timebase and is
passed on as such to the AVPacket which uses this timebase.
In the normal case the Cluster and Track timebases are the same because the
track->time_scale is 1.0. But when it is not the case, the values in Cluster
timebase need to be transformed in Track timebase so they can be added
together.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
When the check was added (in 3668701f96, in 2015), some IO
functions returned 0 on EOF (in particular, the TCP protocol
did, but the TLS protocol returned AVERROR_EOF). Since
0e1f771d22 in 2017, the TCP protocol also returns AVERROR_EOF
instead of 0, making the check for premature end never have the
intended effect.
Signed-off-by: Martin Storsjö <martin@martin.st>
mpegts_read_header stops parsing the file at the first PMT. However the check
that ensured this was wrong because streams can also be added before the first
PMT is received (e.g. EIT).
So let's make sure we are in the header reading phase by checking if ts->pkt is
unset instead of checking if the number of streams found so far is 0.
Signed-off-by: Marton Balint <cus@passwd.hu>
A variable has been assigned a value twice consecutively; essentially
the same happens when one performs av_init_packet on an AVPacket after
a call to av_packet_unref.
Found via PVS-Studio (see ticket #8156).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The ASF specification of Metadata Objects' stream number is as follows:
"Specifies whether the entry applies to a specific digital media stream
or whether it applies to the whole file. A value of 0 in this field
indicates that it applies to the whole file; otherwise, the entry
applies only to the indicated stream number and must be between 1 and
127."
Yet the asf_o demuxer (the one originating from Libav) has always
treated such metadata as if it applied to a stream even though no stream
with a stream number may exist in a valid ASF file. This is fixed in
this commit; it affected e.g. the file
wma_with_metadata_library_object_tag_trimmed.wma from the FATE suite.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The ASF file format has a limit of 127 streams and the "asf_o" demuxer
(the ASF demuxer from Libav) has an array of pointers for a structure
called ASFStream that is allocated on demand for every stream. Attached
pictures are not streams in the sense of the ASF specification, yet the
demuxer created an ASFStream for them; and in one codepath it also
forgot to check whether the array of ASFStreams is already full. The
result is a write beyond the end of the array and a segfault lateron.
Fixing this is easy: Don't create ASFStreams for attached picture
streams.
(Other results of the current state of affairs are unnecessary allocations
(of ASFStreams structures), the misparsing of valid files (there might not
be enough ASFStreams left for the valid streams if attached pictures take
up too many); furthermore, the ASFStreams created for attached pictures all
have the stream number 0, an invalid stream number (the valid range is
1-127). This means that invalid data (packets for a stream with stream
number 0) won't get rejected lateron.)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
