1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-08 13:22:53 +02:00
Commit Graph

111625 Commits

Author SHA1 Message Date
Lynne
c39e861a3d
vulkan_h264: check if slices_buf exists on end_frame
The issue is that while decode_slice is guaranteed to never get
called without start_frame, end_frame is not. Moreover, it is
not guaranteed it won't be called twice.

On a badly-broken sample, this is what happens, which leads to
a segfault, as vp->slices_buf doesn't exist, as it has been handed
off for decoding already and isn't owned by the frame.

Return an error as it's indicative that it's a corrupt stream rather
than just missing any slices.

Prevents a segfault.
2023-06-25 03:11:38 +02:00
James Almer
10f1bbfe11 avcodec/j2kenc: use uint64_t type for the lambda value
Should fix integer overflows, and improve encoding results.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-24 14:39:04 -03:00
James Almer
35af1695a9 avcodec/aac_ac3_parser: add preprocessor checks for codec specific code
Should fix ticket #10421.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-24 14:38:29 -03:00
Zhao Zhili
af3f120785 avformat/mov: fix overallocation when reading pssh/saiz
mov_try_read_block() allocates 1MB at least, which can be more than
enough. It was called when reading saiz box, which can appear
periodically inside fmp4. This consumes a lot of memory.

We can fix mov_try_read_block() by clamp 'block_size' with 'size'.
However, the function is harmful than helpful. It avoids allocating
large memory when the real data is small. Even in that case, if
allocating large memory directly failed, it's fine to return ENOMEM;
if allocating success and reading doesn't match the given size, it's
fine to free and return AVERROR_INVALIDDATA. In other cases, it's a
waste of CPU and memory.

So I decided to remove the function, and replace it by call
av_malloc() and avio_read() directly.

mov_read_saiz() and mov_read_pssh() need more check, but they don't
belong to this patch.

Fixes #7641 and #9243.

Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
2023-06-24 12:58:15 +08:00
Michael Niedermayer
3323b515ab
doc/developer: Require new modules to include tests
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-24 01:50:24 +02:00
James Almer
a9d41ab890 avcodec/evc_frame_merge: remove an av_packet_copy_props() call
And only fill out if no failures can happen, fixing potential leaks.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 11:06:35 -03:00
Niklas Haas
5fdb12d6a0 lavfi/vf_libplacebo: simplify SAR normalization
The old logic was trying to be excessively clever in "deducing" that the
user wanted to stretch/scale the image when ow/oh differed from iw/ih
aspect ratio. But this is almost surely unintended except in
pathological cases, and in those cases users should simply disable
normalize_sar and do all the stretching/scaling logic themselves. This
is especially important in multi-input mode, where the canvas may be
vastly different from the input dimensions of any stream. Also, passing
through input 0 SAR in multi-input mode is arbitrary and nearly useless,
so again force output SAR to 1:1 here.
2023-06-23 15:18:25 +02:00
James Almer
ffe4ec5c84 avcodec/evc_ps: fix allowed range for pps_pic_parameter_set_id
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 09:39:14 -03:00
James Almer
7347b44224 avcodec/evc_ps: use unsigned types in structs where corresponds
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
5b966be5b8 avcodec/evc_parse: use unsigned types in structs where corresponds
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
528dd5637d avformat/evc: remove duplicate defines
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
3d1199dff6 avformat/evc: add range checks to evcc_parse_sps and return proper error codes
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
552879d621 avformat/evc: remove duplicate check
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
d0fc1b3507 avformat/evc: remove unnecessary struct
And don't use get_ue_golomb_long() for known small values.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
James Almer
b1b45ac9d4 avcodec/evc_frame_merge: ensure the assembled buffer fits in an AVPacket
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-23 08:37:23 -03:00
Michael Niedermayer
4aa1a42a91
avutil/softfloat: Basic documentation for av_sincos_sf()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-23 02:06:46 +02:00
Michael Niedermayer
d84677abd8
avutil/softfloat: fix av_sincos_sf()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-23 02:06:46 +02:00
Michael Niedermayer
fe167bae96
tools/target_dec_fuzzer: Adjust threshold for speex
Fixes: Timeout
Fixes: 59731/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SPEEX_fuzzer-4809436670328832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-23 02:06:46 +02:00
caleb
043a9d09cb
avcodec/jpeg2000htdec: Check for invalid magref length.
Fixes: shift exponent -8 is negative
Fixes: 58328/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-6007789196804096

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-23 02:06:45 +02:00
Michael Niedermayer
a4bf559683
avcodec/utils: fix 2 integer overflows in get_audio_frame_duration()
Fixes: signed integer overflow: 256 * 668003712 cannot be represented in type 'int'
Fixes: 59819/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-4674636538052608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-23 02:06:45 +02:00
James Almer
25ce1c8333 avformat/id3v2: check the return value of avio_close_dyn_buf()
Fixes ticket #10424.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-22 21:00:15 -03:00
James Almer
9834660601 avcodec/evc_frame_merge: copy input packet props to output
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-22 16:08:14 -03:00
James Almer
daf61a706a avcodec/evc_frame_merge: reindent after previous commit
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-22 16:08:14 -03:00
James Almer
e6359b0cc1 avcodec/evc_frame_merge: properly support packets with more than one NALU
Parse through all NALUs in a packet, pull new ones when a complete AU could not
be assembled, or keep them around if an AU was assembled while data remained in
them.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-22 16:08:14 -03:00
Ricardo Monteiro
99dfdb45a8 avcodec/nvenc: let preset decide default gop size
Default GOP size is now set by preset and tuning info. This GOP size is only overwriten if -g value is provided.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
2023-06-22 19:33:09 +02:00
Lynne
997d8a7e73
vulkan_decode: reject decoding of frames with no slices
As per the spec:
VUID-VkVideoDecodeH264PictureInfoKHR-sliceCount-arraylength
sliceCount must be greater than 0

VUID-VkVideoDecodeH265PictureInfoKHR-sliceSegmentCount-arraylength
sliceSegmentCount must be greater than 0

This particularly happens with seeking in field-coded H264.
2023-06-22 18:18:53 +02:00
Lynne
4ff303a7b8
vulkan_decode: simplify and make session parameter generation more robust
This commit scraps a bool to signal to recreate the session parameters,
but instead destroys them, forcing them to be recreated.

As this can happen between start_frame and end_frame, do this
at both places.
2023-06-22 18:17:54 +02:00
Dave Airlie
343716bd74
vulkan/av1: fix tile upload offsets.
This fixes decoding av1-1-b8-22-svc-L2T1.ivf
while not breaking other videos.
2023-06-22 18:17:54 +02:00
Lynne
ba8a803236
vulkan_decode: clean up slice handling
Move the slice offsets buffer to the thread decode context.
It isn't part of the resources for frame decoding, the driver
has to process and finish with it at submission time.
That way, it doesn't need to be alloc'd + freed on every frame.
2023-06-22 18:17:54 +02:00
Lynne
237c400727
vulkan_decode: remove unused fields 2023-06-22 18:17:53 +02:00
Lynne
d9af84426b
vulkan_decode: fix small memory leak
This requires using the new AVHWFramesContext.opaque field, as
otherwise, the profile attached to the decoder will be freed
before the frames context, rendering the frames context useless.
2023-06-22 18:17:53 +02:00
Lynne
13ff3aa9e7
vulkan_decode: use the hwfc->user_opaque field to store the profile 2023-06-22 18:17:47 +02:00
James Almer
1bcb8a7338 avcodec/evc_parser: use a GetBitContext to parse entire NALUs
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
7fc6c7633e avcodec/evc_frame_merge: use a GetBitContext to parse entire NALUs
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
c7183a22db avformat/evc: move NALU length and type parsing functions to a header
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
e5da2ec456 avcodec/evc_parse: pass a GetBitContext to the slice header parsing function
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
2212808a72 avcodec/evc_ps: pass a GetBitContext to the SPS and PPS parsing functions
This is in preparation for the following patch.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
d0d20f16ce avformat/evcdec: use an unsigned type for nalu_size
But ensure the value returned by evc_read_nal_unit_length() fits in an int.
Should prevent integer overflows later in the code.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
a6a5e53595 avformat/evcdec: flush the bsf on EOF
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
43ace56c7e avformat/evcdec: remove unnecessary av_packet_unref() calls
And return proper error codes.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
James Almer
2276bcc52a avformat/evcdec: ensure there are enough bytes to seekback
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-21 13:31:14 -03:00
Anton Khirnov
83b3ff741b tests/fate/ffmpeg: silence the audio for fate-ffmpeg-streamloop-transcode-av
Fixed-point AAC decoder currently does not produce the same output on
all platforms. Until that is fixed, silence the audio stream using the
volume filter.

Also, actually use the aac_fixed decoder as was the original intent.
2023-06-21 10:07:41 +02:00
Romain Beauxis
468615f204 libavformat/mpegts.c: fix hardcoded 5-bytes skip for metadata streams.
Before the introduction of AV_CODEC_ID_TIMED_ID3 for timed_id3 metadata streams
in mpegts (commit 4a4437c0fb), AV_CODEC_ID_SMPTE_KLV
was the only existing codec for metadata.

It seems that this codec has a 5-bytes metadata header[1] that, for some reason,
was always skipped when decoding data packets.

However, when working with a AV_CODEC_ID_TIMED_ID3 streams, this results in the
5 first bytes of the payload being cut-off, which includes essential informations
such as the ID3 tag version.

This patch fixes the issue by keeping the 5-bytes skip only for AV_CODEC_ID_SMPTE_KLV
streams.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-20 21:08:06 -03:00
James Almer
98cae37e23 Changelog: mention the recent AC-4 additions
Signed-off-by: James Almer <jamrial@gmail.com>
2023-06-20 14:54:11 -03:00
Michael Niedermayer
6a9d13acc2
avformat/jpegxl_anim_dec: fix out of array read using buffer padding
Fixes: out of array read
Fixes: 59828/clusterfuzz-testcase-minimized-ffmpeg_dem_JPEGXL_ANIM_fuzzer-5029813220671488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-06-20 12:47:31 -04:00
Leo Izen
33c9972808
MAINTAINERS: change Leo Izen IRC nickname
I use a different nick on IRC now, Traneptora, instead of what I
formerly used, thebombzen.

Signed-off-by: <leo.izen@gmail.com>
2023-06-20 12:46:47 -04:00
Niklas Haas
e998d0a4f7 lavfi/vf_libplacebo: allow pos_w to depend on pos_h
Ditto for crop_w/crop_h. Requires simply repeating the evaluation of the
first variable to be evaluated.
2023-06-20 17:09:58 +02:00
Niklas Haas
f998a618ba lavfi/vf_libplacebo: add nb_inputs option
To control the number of inputs.
2023-06-20 17:09:58 +02:00
Niklas Haas
9049ea6763 lavfi/vf_libplacebo: set time_base/frame_rate dynamically
Use the gcd of all input timebases to ensure PTS accuracy. For the
framerate, just pick the highest of all the inputs, under the assumption
that we will render frames with approximately this frequency. Of course,
this is not 100% accurate, in particular if the input frames are badly
misaligned. But this field is informational to begin with.

Importantly, it covers the "common" case of combining high FPS and low
FPS streams with aligned frames.
2023-06-20 17:09:58 +02:00
Niklas Haas
1b2c6c9a03 lavfi/vf_libplacebo: also skip cache if in FPS == out FPS
Fixes an oversight in the previous code which should have been >=, not >.
2023-06-20 17:09:58 +02:00