1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

23750 Commits

Author SHA1 Message Date
Andreas Rheinhardt
df9d969954 avformat/webpenc: Reindentation
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:29:32 +01:00
Andreas Rheinhardt
f9043de99a avformat/webpenc: Fix memleak when using invalid packets
The WebP muxer sometimes caches a packet it receives to write it later;
yet if a cached packet is too small (so small as to be invalid),
it is cached, but not written and not unreferenced. Such a packet leaks,
either by being overwritten by the next packet or because it is never
unreferenced at all.

Fix this by not caching unusable packets at all; and error out on
invalid packets.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:28:21 +01:00
Andreas Rheinhardt
484a322f0a avformat/webpenc: Use init instead of write_header function
webp_write_header() didn't write anything.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:27:26 +01:00
Andreas Rheinhardt
0519a32a64 avformat/ipmovie: Avoid stack packet
Replace it in ipmovie_read_header() by AVFormatInternal.parse_pkt
which is unused when reading the header.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:26:45 +01:00
Andreas Rheinhardt
79a90b42ca avformat/ipmovie: Remove redundant initializations
The demuxer's context has already been zeroed generically.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:26:18 +01:00
Andreas Rheinhardt
2ef4c5bba4 avformat/ipmovie: Fix indentation
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:25:38 +01:00
Andreas Rheinhardt
7070bc53aa avformat/ipmovie: Deduplicate parsing video data opcodes
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:24:50 +01:00
Andreas Rheinhardt
0ce702d999 avformat/ipmovie: Avoid reading packets during read_header
They will be discarded anyway because this can only happen
for invalid data. This already implies that the pkt won't be used
at all when parsing the very first chunk when reading the header,
so one can use NULL as argument and remove the av_packet_unref()
on error.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:21:32 +01:00
Andreas Rheinhardt
da9eed79b9 avformat/ipmovie: Remove redundant av_packet_unref()
When one of these errors happens during ipmovie_read_packet(),
an error is returned and the packet is cleaned up generically.
And since 712d3ac539 the same happens
in ipmovie_read_header().

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:21:01 +01:00
Andreas Rheinhardt
3750390ede avformat/asfdec_f: Avoid stack packet
Replace it by using AVFormatInternal.parse_pkt which is otherwise unused
when reading a header.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:19:54 +01:00
Andreas Rheinhardt
2e1d5123c1 avformat/moflex: Simplify freeing packets
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:18:06 +01:00
Andreas Rheinhardt
a4d036965d avformat/matroskadec: Reuse AVFormatInternal.parse_pkt
Before 8d78e90a6b the Matroska demuxer
used stack packets to hold temporary packets; now it uses a temporary
packet allocated by the Matroska demuxer. Yet because it used stack
packets the code has always properly reset the packet on error, while
on success these temporary packets were put into a packet list via
avpriv_packet_list_put(), which already resets the source packet.
This means that this code is compatible with just reusing
AVFormatInternal.parse_pkt (which is unused while one is in the
demuxer's read_packet() function). Compared to before 8d78e90a6
this no longer wastes one initialization per AVPacket read
(the resetting of the stack packet performed by av_packet_move_ref()
in avpriv_packet_list_put() was for naught).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-24 00:07:36 +01:00
Alok Priyadarshi
adff25412a avformat/rtpdec: attach producer reference time if available
This produces true wallclock time at rtp source instead of the
local wallclock time at rtp client.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-23 19:02:47 -03:00
Andreas Rheinhardt
4a9eb7072c avformat/utils: Don't allocate separate packet for extract_extradata
One can simply reuse AVFormatInternal.parse_pkt instead.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-23 14:23:49 +01:00
Andreas Rheinhardt
e375e09d82 libavformat/utils: Fix indentation
Originally added in 12f996edfa
behind #if 0; aebb56e184 then
removed the #if and replaced it by using av_dlog. Then commit
1a3eb042c7 replaced this with av_log
at trace level. Yet the code block always stayed within { }
at an increased level of indentation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-23 14:04:46 +01:00
Andreas Rheinhardt
84b02bbb78 avformat/s337m: Use av_get_packet() to read packet
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-23 01:05:17 +01:00
Andreas Rheinhardt
47d0b86cf3 avformat/s337m: Use and test Dolby-E-parser
This makes av_read_frame() return packets with proper timestamps.
As a result, seeking now works in combination with streamcopy.
A FATE-test for this has been added.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-23 01:05:17 +01:00
Andreas Rheinhardt
2fccd8bfb9 avformat/utils: Fix confusing return value for ff_read_packet()
Currently, ff_read_packet() sometimes forwards the return value of
AVInputFormat.read_packet() (which should be zero on success, but isn't
for all demuxers) and sometimes it overwrites this with zero.
Furthermore, it uses two variables, one for the read_packet return value
and one for other errors, which is a bit confusing; it is also
unnecessary given that the documentation explicitly states that
ff_read_packet() never returns positive values. Returning a positive
value would lead to leaks with some callers (namely asfrtp_parse_packet
and estimate_timings_from_pts). So always return zero in case of
success.

(This behaviour stems from a time before av_read_packet sanitized
the return value of read_packet at all: It was added in commit
626004690c and was unnecessary since
88b00723906f68b7563214c30333e48888dddf78.)

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-23 01:04:09 +01:00
Andreas Rheinhardt
ab5803553b avformat/apetag: Avoid stack packet when reading attached picture
Read it directly into AVStream.attached_pic.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-21 23:08:19 +01:00
James Almer
34f4f57800 avformat: remove FF_API_INIT_PACKET from AVStream.attached_pic
This field needs to be replaced altogether, not just its type changed.
This will be done in a separate change.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-21 18:47:27 -03:00
Derek Buitenhuis
85f397c828 avformat/mov: Fix extended atom size buffer length check
When extended atom size support was added to probing in
fec4a2d232, the buffer
size check was backwards, but probing continued to work
because there was no minimum size check yet, so despite
size being 1 on these atoms, and failing to read the 64-bit
size, the tag was still correctly read.

When 0b78016b2d introduced a
minimum size check, this exposed the bug, and broke probing
any files with extended atom sizes, such as entirely valid
large files that start whith mdat atoms.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2021-03-21 14:14:36 +00:00
Gyan Doshi
75fd3e1519 avformat/rtp_mpegts: typedef MuxChain struct 2021-03-21 15:50:40 +05:30
Carl Eugen Hoyos
9f8c81efc5 lavf/swfdec: Allow decoding Nellymoser in swf.
Such files exist in the wild, see ticket #9153.
2021-03-20 18:52:55 +01:00
Andreas Rheinhardt
8a73313412 avformat/pp_bnk: Fix memleaks when reading non-stereo tracks
Commit 6973df1122 added support
for music tracks by outputting its two containing tracks
together in one packet. But the actual data is not contiguous
in the file and therefore one can't simply use av_get_packet()
(which has been used before) for it. Therefore the packet was
now allocated via av_new_packet() and read via avio_read();
and this is also for non-music files.

This causes problems because one can now longer rely on things
done automatically by av_get_packet(): It automatically freed
the packet in case of errors; this lead to memleaks in several
FATE-tests covering this demuxer. Furthermore, in case the data
read is less than the data desired, the returned packet was not
zero-allocated (the packet's padding was uninitialized);
for music files the actual data could even be uninitialized.

The former problems are fixed by using av_get_packet() for
non-music files; the latter problem is handled by erroring out
unless both tracks could be fully read.

Reviewed-by: Zane van Iperen <zane@zanevaniperen.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-20 08:21:30 +01:00
Andreas Rheinhardt
258a88dfe4 avformat/utils: Always leave parse_pkt in blank state, avoid resetting
Always leaving said packet in a blank state after having used it
allows to avoid having to reset it before one uses it; and it also
allows to use it in more places than just in parse_packet() here.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-20 04:23:05 +01:00
Michael Niedermayer
c361fa9e21 Bump minor versions after release branch
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-20 01:02:11 +01:00
Michael Niedermayer
c67d2a2875 Bump Versions before release/4.4 branch
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-20 01:01:12 +01:00
Michael Niedermayer
92fde2585e avformat/mov: Check offset addition for overflow
Fixes: signed integer overflow: 9223372036854775807 + 536870912 cannot be represented in type 'long'
Fixes: 31678/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5614204619980800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-19 23:59:45 +01:00
Jiangjie Gao
3e9284fccb avformat/rtsp: support buffer_size and pkt_size options for RTP
And forward it to the underlying UDP protocol.

Fixes ticket #7517.

Signed-off-by: Jiangjie Gao <gaojiangjie@live.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-19 23:13:26 +01:00
Zhao Zhili
d86f44fecc avformat/libsrt: fix help message
SRTO_TLPKTDROP works for receiver and sender both.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-19 22:57:23 +01:00
Zhao Zhili
65bfb6af66 avformat/libsrt: fix setsockopt() typo
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-19 22:57:20 +01:00
Moritz Barsnick
94b63e8ae8 avformat/http,tls: honor http_proxy command line variable for HTTPS
Add the "http_proxy" option and its handling to the "tls" protocol,
pass the option from the "https" protocol.

The "https" protocol already defines the "http_proxy" command line
option, like the "http" protocol does. The "http" protocol properly
honors that command line option in addition to the environment
variable. The "https" protocol doesn't, because the proxy is
evaluated in the underlying "tls" protocol, which doesn't have this
option, and thus only handles the environment variable, which it
has access to.

Fixes #7223.

Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-19 22:43:02 +01:00
Zane van Iperen
6973df1122
avformat/pp_bnk: treat music files as stereo
These files are technically a series of planar mono tracks.
If the "music" flag is set, merge the packets from the two
mono tracks, essentially replicating:

  [0🅰️0][0🅰️1]join=inputs=2:channel_layout=stereo[a]

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2021-03-19 23:38:33 +10:00
Andreas Rheinhardt
a46d781905 avcodec/packet: Also change av_packet_pack/unpack_dictionary to size_t
These are auxiliary side-data functions, so they should have been
switched to size_t in d79e0fe65c,
but this has been forgotten.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 03:12:24 +01:00
Andreas Rheinhardt
e318438f2f avformat: Make AVChapter.id an int64_t on next major bump
64 bits are needed in order to retain the uid values of Matroska
chapters; the type is kept signed because the semantics of NUT chapters
depend upon whether the id is > 0 or < 0.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 02:36:58 +01:00
Andreas Rheinhardt
e1e6a5c8a5 avformat/matroskaenc: Check chapter ids for duplicates
Up until now, there has been no check that each chapter has a unique id;
there was only a check for whether a chapter id is zero (this happens
often when the chapters originated from a format that lacks the concept
of chapter id and simply counts from zero) which is invalid in Matroska.
In this case the chapter ids are offset by 1 to make them nonnegative.
Yet offsetting won't fix duplicate ids, therefore this is changed to
simply create new chapter uids when the input chapter uids don't conform
to the requirements of Matroska (in which case it can be presumed that
they did not originate from Matroska, so that we don't need to bother
to preserve them).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 02:31:49 +01:00
Andreas Rheinhardt
edcbb3e1b9 avformat/tests/fifo_muxer: Fix memleak on error, fix API violation
The test program for the FIFO muxer allocates a buffer without padding
and wraps it into a packet via av_packet_from_data(). This is an API
violation. Furthermore, said buffer leaks in case av_packet_from_data()
fails. Fix both of these issues by using av_new_packet() instead.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 02:25:02 +01:00
Andreas Rheinhardt
aff1d373b1 avformat/tests/fifo_muxer: Fix leak of AVPacket on error
Also factor allocating and freeing the packet out.
Fixes Coverity issues #1473722 and #1473723; it is a regression
since 4b386b2059.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 02:24:53 +01:00
Andreas Rheinhardt
ea1e15fdc4 avformat/mxfdec: Fix leak on error
It was introduced in d3d9b1fc8e2dfc8b4d66c9916ab7221062ff4660;
Fixes Coverity issue #733800.

Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 00:42:27 +01:00
Andreas Rheinhardt
9224b1f6b3 avformat/mxfdec: Don't use wrong type of pointer
If one of the two results of a ternary conditional is a pointer to void,
the type of the whole conditional operator is a pointer to void, even
when the other possible result is not a pointer to void. This loophole
in the type system has allowed mxf_read_local_tags to have a pointer of
type pointer to MXFMetadataSet that actually points to an MXFContext.

Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-19 00:41:16 +01:00
James Almer
d365f74dce avformat/tests/movenc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:36 -03:00
James Almer
4b386b2059 avformat/tests/fifo_muxer: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:36 -03:00
James Almer
2fdfad5525 avformat/wc3movie: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:36 -03:00
James Almer
98a776b5e3 avformat/subtitles: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:36 -03:00
James Almer
fd23efb20b avformat/rtpenc_mpegts: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:36 -03:00
James Almer
5e518c7416 avformat/rtpdec: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:19:16 -03:00
James Almer
e7f1540507 avformat/mpegtsenc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
42422b6dca avformat/mpegts: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
ecdad29b67 avformat/movenc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
2e80435a9a avformat/matroskaenc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
8d78e90a6b avformat/matroskadec: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
f57a258223 avformat/hls: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
83a320226c avformat/flacdec: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:49 -03:00
James Almer
453021c74e avformat/id3v2: replace call to av_init_packet()
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
4de3504adf avformat/flac_picture: replace call to av_init_packet()
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
9e92fd97d0 avformat/avienc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
a7c238cbd8 avformat/avidec: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
3c69e5cd6f avformat/asfdec_o: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
82faeb56ce avformat/amvenc: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
01f4d33b41 avformat/utils: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
9066969713 avformat/mux: use av_packet_alloc() to allocate packets
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 15:06:48 -03:00
James Almer
d422b2ed87 avcodec/packet_internal: make avpriv_packet_list_* functions use an internal struct
The next pointer is kept at the end for backwards compatability until the
major bump, when it should ideally be moved at the front.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 14:12:17 -03:00
James Almer
f7db77bd87 avcodec/packet: deprecate av_init_packet()
Once removed, sizeof(AVPacket) will stop being a part of the public ABI.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-17 14:12:17 -03:00
Derek Buitenhuis
8f1580c31a avformat/mov: Handle when we have an mfra box but have not read the full sidx for a fragment
Use the tfra timestamp if it is available and sidx timestamp is not.

Fixes reading the entire file after seeking in a live-style DASH FMP4
with an MFRA.

This specifically fixes when use_mfra_for is set.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2021-03-17 14:46:48 +00:00
Andriy Gelman
9383885c0d avformat/aviobuf: don't reduce short seek threshold
Commit 8c8e5d5286 added a way to reduce
seek time by waiting for the windowed tcp packets instead of creating a
new socket connection. It implemented this by overwriting
s->short_seek_threshold in avio_seek(). However,
s->short_seek_threshold could already be set and be higher than the
threshold set by the protocol (i.e. s->short_seek_threshold is set in
ff_configure_buffers_for_index()).

This new feature was only enabled for tls connections in
70d8077b79. As in Ticket #9148 it reduced
performance because instead of waiting to refill the AVIOContext buffers
with an existing connections, a new HTTP request was often made instead.

Fixes Ticket #9148.

Reviewed-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
2021-03-16 22:46:25 -04:00
Michael Niedermayer
5282147d0c avformat/matroskadec: Check for EOF in resync loop
Fixes: Timeout (too long -> instantly)
Fixes: 29136/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4586141227548672

Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-15 22:24:31 +01:00
Michael Niedermayer
712d3ac539 avformat/ipmovie: Free packets allocated in header reading
Fixes: memleaks
Fixes: 29905/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5679700745781248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-15 22:24:31 +01:00
Ed Martin
63344337f9 libavformat/hls: Reset options after open_url_keepalive() fails
open_url_keepalive() unsets the options when it uses them, this
includes the offsets for the Range: header. When using the HLS
tag #EXT-X-BYTERANGE along with multiple files, the range options
must be preserved after open_url_keepalive() returns EOF so that
the new file can be opened. Failure to do this results in ignoring
the #EXT-X-BYTERANGE tag and reading the wrong bytes of the file.

To fix it, reset the options before calling io_open() following
open_url_keepalive() reaching EOF

Reviewed-by: Steven Liu <liuqi05@kuaishou.com>
2021-03-15 15:16:20 +08:00
Michael Niedermayer
337984c133 avformat/voc_packet: prevent remaining size from becoming negative in ff_voc_get_packet()
Fixes: memleak
Fixes: 30909/clusterfuzz-testcase-minimized-ffmpeg_dem_AVS_fuzzer-4886284057313280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-14 23:29:51 +01:00
Michael Niedermayer
403b35e16e avformat/mvi: Check audio size for more overflows
Fixes: left shift of negative value -352256000
Fixes: 30837/clusterfuzz-testcase-minimized-ffmpeg_dem_MVI_fuzzer-5755626262888448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-14 23:29:51 +01:00
Michael Niedermayer
1c88098651 avformat/samidec: Deallocate hdr_buf
Fixes: memleak
Fixes: 30841/clusterfuzz-testcase-minimized-ffmpeg_dem_SAMI_fuzzer-4521799196999680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-14 23:29:51 +01:00
Michael Niedermayer
09b3040354 avformat/cinedec: Fix index_entries size check
Fixes: out of array access
Fixes: 29868/clusterfuzz-testcase-minimized-ffmpeg_dem_CINE_fuzzer-5692001957445632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
4e7dbca74c avformat/aaxdec: Check that segments table has been initialized
Fixes: Timeout
Fixes: 29766/clusterfuzz-testcase-minimized-ffmpeg_dem_AAX_fuzzer-5635887566290944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Marton Balint
c281d84b20 avformat: add Changelog entry for librist and bump minor
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
5bd1d0f4e7 avformat/librist: clarify and limit buffer_size
As suggested by librist developers.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
4217e091fe avformat/librist: increase default loglevel
Also remove AV_LOG_SIMULATE from the list as it is not used directly, and do
not use panic level on unknown loglevel, but make them warn. Also fix mapping of
NOTICE/INFO/VERBOSE and add documentation about when the option should actually
be used.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
7b0832dea8 avformat/librist: simplify secret strlcpy
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
deffb5ddce avformat/librist: make packet size adjustable for writing, fix it for reading
Maximum packet size is 10000 (RIST_MAX_PACKET_SIZE, which is unfortunately
private) minus the RIST protocol overhead which is 28 bytes for the unencrypted
case, 36 for the encrypted case.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
4b1e387e25 avformat/librist: rework librist_read
Queue tracking makes no difference so remove it, return EAGAIN of no data is
available and rist data block needs to be freed even for zero sized packets.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Paul B Mahol
4098f809d6 libavformat: add librist protocol
This work is sponsored by Open Broadcast Systems.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2021-03-13 17:36:48 +01:00
Andreas Rheinhardt
d025a5bcc2 avformat/adp, svs: Remove redundant av_shrink_packet()
av_get_packet() already makes sure that the packet size is accurate
and that the packet data is zero-padded even when one could not read as
much as desired.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 17:13:10 +01:00
parazyd
51367267c8 avformat/gopher: Add support for Gopher over TLS
This commit adds a "gophers" handler to the gopher protocol. gophers
is a community-adopted protocol that acts the same way like normal
gopher with the added TLS encapsulation.

The gophers protocol is supported by gopher servers like geomydae(8),
and clients like curl(1), clic(1), and hurl(1).

This commit also adds compilation guards to both gopher and gophers,
since now there are two protocols in the file it makes sense to
have this addition.

Signed-off-by: parazyd <parazyd@dyne.org>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-11 23:47:19 +01:00
parazyd
ed4c2e183b avformat/gopher: Add default_whitelist to ff_gopher_protocol
Signed-off-by: parazyd <parazyd@dyne.org>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-11 23:26:37 +01:00
Stephen Hutchinson
16e8ea0dde avisynth: fix audio on big endian
AviSynth+ outputs audio in the same format as the
OS, so assuming little endian formats as input
on big endian OSes results in nothing but static.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
emcodem
8b74458d93 avisynth: populate field order
Fixes Trac ticket #8757

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
Stephen Hutchinson
4c40686ee2 avisynth: more intelligent RGB flipping
avs_is_color_space provides a generic way of checking whether the
video is RGB, and has been available through AVSC_API since 2.6.
This means that GetProcAddress doesn't have to run on every frame.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
Andreas Rheinhardt
9f1b808bde avformat/rawenc: Use init instead of write_header function
force_one_stream() does not write anything.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 20:01:28 +01:00
James Almer
e07126f54a avformat: use the buffer_size_t typedef where required
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-10 20:26:36 -03:00
James Almer
42e68fe015 avformat/utils: change AVStream side data related public function and struct size types to size_t
av_stream_add_side_data() already defines size as a size_t, so this makes it
consistent across all side data functions.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-10 20:26:36 -03:00
Michael Niedermayer
c35e456f54 avformat/mvdec: Allocate extradata only once
Fixes: memleak
Fixes: 28686/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5822961932173312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-09 21:16:56 +01:00
Michael Niedermayer
09e5e406c7 avformat/flvdec: Check double before cast in parse_keyframes_index()
Fixes: -2.21166e+304 is outside the range of representable values of type 'long'
Fixes: 29169/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5725452796821504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-08 22:08:49 +01:00
Michael Niedermayer
bcb1e9d3b9 avformat/paf: Check for EOF before allocation in read_header()
Fixes: OOM
Fixes: 26584/clusterfuzz-testcase-minimized-ffmpeg_dem_PAF_fuzzer-5172661183053824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-08 22:08:49 +01:00
Michael Niedermayer
1957095e80 avformat/swfdec: Check outlen before allocation
Fixes: Timeout (too long -> 241ms)
Fixes: 29083/clusterfuzz-testcase-minimized-ffmpeg_dem_SWF_fuzzer-6273684478230528

The source of the magic number is
A very quick simulation of the best case compression for "compress"
below is not nice written code as i did not expect I or anyone else
would ever see it again

I would have preferred some nicer expression or course, but thats
what it seems to be asymptotically. For smaller amounts of data a
tighter bound is possible but i saw no nice way to consider that
and it seems also overkill to try to do it more fine grained for
just this

main(){
    int64_t bits = 0;
    int bank = 256;
    int bitbank = 8;
    for(unsigned i = 0; i<1024*1024*1024*4U-100000;) {
        int word_size = bank-255;
        i += word_size;
        bits += bitbank;

        if (!(bank & (bank-1)))
            bitbank ++;
        bank++;
        if (bitbank > 16) {
            printf("BEST %f \n", 8.0 * i / bits );
            bank = 256;
            bitbank = 8;
        }
    }
}

above assumes i remembered correctly how the algorithm works but the
value was close to what actual compession of zeros gave

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-08 22:08:49 +01:00
Florian Nouwt
f067fcb9df mobiclip: fix copyright headers
The Mobiclip related code was based on Mobius (https://github.com/adibsurani/Mobius),
which was based on my original reverse engineering efforts (https://github.com/Gericom/MobiclipDecoder).
This commit adds the appropriate copyright headers on the related files.

Signed-off-by: Florian Nouwt <fnouwt2@gmail.com>
2021-03-08 19:19:19 +01:00
Andreas Rheinhardt
ea3953ad40 avformat/dashdec: Don't needlessly strdup metadata
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-08 02:25:52 +01:00
Andreas Rheinhardt
9a38e6ff97 avformat/dashdec: Remove limit on length of id
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-08 02:25:32 +01:00
Andreas Rheinhardt
9665fd31e8 avformat/http: Fix leak when using deprecated option
When the deprecated option "user-agent" was set to something different
than its default value, said option would always precede and overwrite
the ordinary user_agent option (regardless of whether it was explicitly
set) which leads to a leak of the user_agent option (which has a default
value, so the leak happens always).
Fix this by setting the same destination for both options; the last
option applied wins then.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-07 00:39:32 +01:00
Jan Ekström
64af14555b avformat: add TTML muxer
Enables writing TTML documents or encoded TTML paragraphs as such
documents.

Additionally, a test for the combined TTML encoder and muxer has
been added to validate that the components still work.

Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
2021-03-05 19:45:00 +02:00
Andreas Rheinhardt
491a30c79c avformat/aadec: Replace strncpy by av_strlcpy
While this usage of strncpy is correct, said function nevertheless has
the disadvantage of not automatically ensuring that the destination
string is zero-terminated. So av_strlcpy should be preferred.
This also removes a -Wstringop-truncation warning from GCC (it doesn't
matter whether the buffer is truncated, as long as it can fit all
the names of the supported codecs).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-05 09:16:00 +01:00
Andreas Rheinhardt
80038fd524 avformat/aadec: Use smaller scope for variables, remove initializations
avio_get_str always zero terminates the strings it reads.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-05 09:16:00 +01:00
Carl Eugen Hoyos
b6fe10fa39 lavf/sga: Silence several warnings because of wrong format specifiers.
Fixes warnings like:
warning: format ‘%lX’ expects argument of type ‘long unsigned int’, but argument n has type ‘uint64_t’
2021-03-04 22:22:36 +01:00
Marton Balint
088f35f036 avformat/mxfdec: add support for getting product version number metadata
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-04 20:23:51 +01:00
Marton Balint
7cb40b270c avformat/mxfdec: change toolkit_version metadata field to toolkit_version_num
It only got added recently, and the new name makes it consistent with
product_version_num in the next patch.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-04 20:23:49 +01:00
Michael Niedermayer
7819412f44 avformat/lxfdec: Fix multiple integer overflows related to track_size
Fixes: signed integer overflow: 538976288 * 8 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_LXF_fuzzer-6634030636335104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-03 16:54:20 +01:00
Michael Niedermayer
6c5121379a avformat/mccdec: Use av_sat_add64() for fs
Fixes: signed integer overflow: -9223372036854775808 + -242 cannot be represented in type 'long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MCC_fuzzer-6723018395090944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-03 16:54:20 +01:00
Michael Niedermayer
787501db16 avformat/mspdec: Check packet_size more completely
Fixes: OOM
Fixes: 28348/clusterfuzz-testcase-minimized-ffmpeg_dem_MSP_fuzzer-4612055872831488
Fixes: 28360/clusterfuzz-testcase-minimized-ffmpeg_dem_MSP_fuzzer-6245230626078720

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-03 16:54:20 +01:00
Michael Niedermayer
460d3dc41f avformat/aiffdec: Check that SSND is at least 8 bytes
Fixes: Infinite loop
Fixes: 30874/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-5933710488764416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-03 16:54:20 +01:00
Michael Niedermayer
fdcb966f4a avformat/dcstr: Check sample rate
Fixes: signed integer overflow: -1300248894420254720 * 16 cannot be represented in type 'long'
Fixes: 30879/clusterfuzz-testcase-minimized-ffmpeg_dem_DCSTR_fuzzer-5094464215449600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-03 16:54:20 +01:00
Andreas Rheinhardt
6a3f345c1a avformat/frmdec: Simplify finding pixel format
The fourccs used by the Megalux Frame format to determine the pixel
format are actually no fourccs at all as they are a single byte.
Furthermore, their range is continuous (1-5), so they are actually
ordinary indices. So treat them as such and don't use PixelFormatTags
for them.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-03 16:46:09 +01:00
Andreas Rheinhardt
2ff40b98ec avformat: Deprecate AVFMT_FLAG_PRIV_OPT, remove av_demuxer_open on bump
This flag was added in 492026209b
in conjunction with av_demuxer_open() to allow to pass private
options to demuxers. It worked as follows: av_open_input_stream()
(the predecessor of avformat_open_input()) would not call the
read_header function if this flag is set. Instead the user could set
private options of the demuxer via the format's private class after
avformat_open_input() and then call av_demuxer_open() which called
the format's read_header function.

This approach was abandoned in e37f161e66
and av_demuxer_open() deprecated; instead the AVDictionary based way of
passing private options to the demuxer was choosen. Yet
AVFMT_FLAG_PRIV_OPT has never been deprecated and av_demuxer_open()
never removed. This commit implements the deprecation of the flag and
schedules av_demuxer_open for removal on the next major bump.
Given that av_demuxer_open() has been deprecated in 2012 and that this
flag is useless without it, the flag will be ignored after the next
major version bump.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-03 14:41:08 +01:00
Ronald S. Bultje
d29ec02d48 ivfenc: write duration for frame_cnt=1. 2021-03-03 07:22:02 -05:00
Andreas Rheinhardt
98c5d6b845 avformat/dashdec: Increase size of id buffer
The current size is not enough, see e.g.
http://ftp.itec.aau.at/datasets/DASHDataset2014/TearsOfSteel/1sec/TearsOfSteel_1s_simple_2014_05_09.mpd

Reviewed-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-02 11:49:28 +01:00
Andreas Rheinhardt
ec5663d0a7 avformat/dashdec: Ensure strings are zero-terminated
strncpy only ensures that one does not write beyond the end of the
destination buffer; in case of truncation it does not zero-terminate
the destination buffer. This makes using it the way it is now in the
DASH demuxer dangerous. So use av_strlcpy instead.

Also don't write anything if there is no id: The buffer has already been
zeroed initially.

The DASH testset from the Universität Klagenfurt contains samples with
ids that are too long. E.g.
http://ftp.itec.aau.at/datasets/DASHDataset2014/TearsOfSteel/1sec/TearsOfSteel_1s_simple_2014_05_09.mpd

Reviewed-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-02 11:49:10 +01:00
Andreas Rheinhardt
9b06c4c10d avformat/matroskaenc: Add support for FlagOriginal
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-02 07:04:11 +01:00
Andreas Rheinhardt
b243be85d9 avformat/matroskadec: Add support for FlagOriginal
Needs a CountedElement in order to distinguish the case of the element
not being present and the element being present with a value of zero.

(It has been argued by Ridley Combs that one should only ever use the
AV_DISPOSITION_DUB field for audio tracks. Yet given that there is no
definition for the disposition flags, one can also interpret it to mean
that e.g. a subtitle track is meant to be used with the dubbed audio
track or the original audio track. This commit interprets this flag in
this sense, which also allows to maintain it on remuxing.)

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-02 06:54:47 +01:00
Michael Niedermayer
74c4c53953 avformat/mov: Extend data_size check in mov_read_udta_string()
Fixes: signed integer overflow: -2147483634 - 16 cannot be represented in type 'int'
Fixes: 28322/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5711888402612224

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-01 20:19:15 +01:00
Michael Niedermayer
bcc7d14453 avformat/aadec: Check for EOF while reading chapters
Fixes: timeout
Fixes: 28199/clusterfuzz-testcase-minimized-ffmpeg_dem_AA_fuzzer-4896162657861632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-01 20:19:15 +01:00
Michael Niedermayer
52f75181bf avformat/voc_packet: Add a basic check on max_size
Fixes: signed integer overflow: -2147483648 - 4 cannot be represented in type 'int'
Fixes: 28127/clusterfuzz-testcase-minimized-ffmpeg_dem_VOC_fuzzer-4880586455646208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-01 20:19:15 +01:00
Paul B Mahol
498be38e32 avformat/sga: improve probing for valid files
Update variables depending on high four bits of first two bytes.
2021-03-01 18:41:19 +01:00
Paul B Mahol
c6c82428af avformat: add Digital Pictures SGA game demuxer 2021-03-01 17:41:05 +01:00
Andreas Rheinhardt
0e645b98c6 Remove double ';'
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-01 06:10:44 +01:00
Andreas Rheinhardt
546e3964dd avformat/webmdashenc: Use av_strstart instead of strncmp
It makes the intent clearer and avoids calculating the length
separately.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:22 +01:00
Andreas Rheinhardt
0f906be430 avformat/matroskadec: Use av_strstart instead of strncmp
It makes the intent clearer and avoids calculating the length
separately.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:22 +01:00
Andreas Rheinhardt
ea5bf12a9a avformat/avio: Use av_strstart instead of strncmp
It makes the intent clearer and avoids calculating the length
in advance.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
3d79ce0c29 avformat/pcmdec: Beautify pcm_read_header
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
5f8e015225 avformat/pcmdec: Simplify parsing MIME type
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
b9b0c96db7 avformat/pcmdec: Fix NULL + 1
It is undefined behaviour.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
301ae25e99 avformat/pcm(dec|enc): Don't include disabled (de)muxers
Also make the macro used for the demuxers spec-compliant. The earlier
macro was not, because the ... argument of a variadic macro must not be
left out. GCC and Clang warn about this when using -pedantic.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
90723d1721 avformat/movenc: Only check for timecodes if they are used
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
13101f916f avformat/movenc: Don't check for disabled muxers
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Andreas Rheinhardt
f87b33b5bf avformat/movenc: Remove always true check
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-28 17:14:21 +01:00
Vadym Bezdushnyi
bc04ea39a5 avformat/movenccenc: Fix memory leak for muxing CENC-encrypted files
Memory for auxillary_info was not freed after usage.

Leak can be reproduced with following commands:

Optionally, generate input video:
ffmpeg -f lavfi -i testsrc=duration=10:size=1280x720:rate=30 input.mp4

Run ffmpeg with valgrind:
valgrind --leak-check=full --show-leak-kinds=all \
ffmpeg -y -i input.mp4 -vcodec copy -acodec copy \
-encryption_scheme cenc-aes-ctr \
-encryption_key 00000000000000000000000000000000 \
-encryption_kid 00000000000000000000000000000000 \
ffmpeg_encrypted.mp4

For test video which has duration of 10 sec, leak is 4 Kb.
For 100 sec video, leak will be 33 Kb. Most likely,
leaked memory will grow linearly to the number of input frames.

Signed-off-by: Vadym Bezdushnyi <vadim.bezdush@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-02-27 22:09:51 +01:00
Andreas Rheinhardt
173d902cd1 avformat/matroskadec: Add webm file extension
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-27 08:17:42 +01:00
Andreas Rheinhardt
963d4b76de avformat/concat: Remove unnecessary check
This code was written when the allocation functions used parameters of
type unsigned. This is no longer true today and therefore we only need
to check whether the multiplication of the array's size stays within
a size_t -- and this can be offloaded to av_realloc_array.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-27 04:27:09 +01:00
Andreas Rheinhardt
e38cbb8d19 avformat/spdifenc: Fix leak upon error
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-27 04:27:09 +01:00
Andreas Rheinhardt
19ae873252 avformat/wavenc: Fix leak and segfault on reallocation error
Up until now, the wav muxer used a reallocation of the form ptr =
av_realloc(ptr, size); that leaks upon error. Furthermore, if a
failed reallocation happened when writing the trailer, a segfault
would occur due to avio_write(NULL, size) because the muxer only
prints an error message upon allocation error, but does not return
the error.

Moreover setting the pointer to the buffer to NULL on error seems to
be done on purpose in order to record that an error has occured so that
outputting the peak values is no longer attempted. This behaviour has
been retained by simply disabling whether peak data should be written
if an error occurs.

Finally, the reallocation is now done once per peak block and not once
per peak block per channel; it is also done with av_fast_realloc and not
with a linear size increase.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-27 04:27:09 +01:00
Paul B Mahol
e937457b7b avformat/imx: set video stream duration 2021-02-25 23:10:14 +01:00
Paul B Mahol
34c805c0fe avcodec/imx: use ff_reget_buffer()
Also flush internal stuff upon seeking.
This codec is not intra only.
2021-02-25 23:10:14 +01:00
Andreas Rheinhardt
ab8d2d97a1 avformat/avlanguage: Remove long disabled av_convert_lang_to
1582e306a4 scheduled it for removal with
libavformat major version 58, but it was never removed.

Reviewed-by: Paul B Mahol <onemda@gmail.com
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-25 22:05:09 +01:00
Andreas Rheinhardt
6eab25fd13 avformat/wavenc: Improve unsupported codec error messages
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-25 16:52:50 +01:00
Anton Khirnov
9e4225cf7f Handle AVID MJPEG streams directly in the MJPEG decoder.
AVID streams - currently handled by the AVRN decoder - can be (depending
on extradata contents) either MJPEG or raw video. To decode the MJPEG
variant, the AVRN decoder currently instantiates a MJPEG decoder
internally and forwards decoded frames to the caller (possibly after
cropping them).

This is suboptimal, because the AVRN decoder does not forward all the
features of the internal MJPEG decoder, such as direct rendering.
Handling such forwarding in a full and generic manner would be quite
hard, so it is simpler to just handle those streams in the MJPEG decoder
directly.

The AVRN decoder, which now handles only the raw streams, can now be
marked as supporting direct rendering.

This also removes the last remaining internal use of the obsolete
decoding API.
2021-02-25 11:46:28 +01:00
Paul B Mahol
8213f0a7f7 avformat/vpk: check that samples_per_block is > 0
Fixes floating point exception.
2021-02-24 17:04:40 +01:00
Andreas Rheinhardt
6f3fe7b2c0 avformat/asf: Move ff_asf_audio_conceal_none to its only user
It is only used inside code guarded by #ifdef DEBUG, i.e. it is normally
unused.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-24 08:17:50 +01:00
Andreas Rheinhardt
78d5e1c653 avformat/Makefile: Remove unnecessary dependencies on vocdec
Commit 0d1229f1d2 factored the main part
of the voc demuxer's read_packet function out; yet when this Libav
commit was merged in f99195d56f, the
dependency of the other users of this function on vocdec.o was
unnecessarily kept. This commit fixes this.

While just at it, also disable the data only used by the voc demuxer
and muxer in voc.c if both of them are disabled.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 21:12:26 +01:00
Paul B Mahol
081cbe6961 avformat/imx: remove unused header 2021-02-23 11:57:51 +01:00
Andreas Rheinhardt
926c1bf85c avformat/wavdec: Share wav and w64 options
The options of the w64 demuxer are a proper subset of the options for
the wav demuxer, making it possible to reuse a part of the options for
the wav demuxer for the w64 demuxer.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
1df1083b6c avformat/wav: Deduplicate codec tags lists
Also saves relocations.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
09e6d3a026 avformat/avienc, wtvenc: Deduplicate codec tags list
Also saves relocations.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
08b4a25ff9 avformat/aiff: Deduplicate codec tags and codec tags list
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
697066af01 avformat/ast: Deduplicate codec tags lists
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
a442670a32 avformat/movenc: Deduplicate codec tags lists
Also saves relocations.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:30:57 +01:00
Andreas Rheinhardt
22d8010f13 avformat/oma: Move stuff only used by demuxer to demuxer
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:26:21 +01:00
Andreas Rheinhardt
81a86c7e1e avformat/oma: Deduplicate codec tags list
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:24:00 +01:00
Andreas Rheinhardt
cccb7cf44e avformat/rso: Deduplicate codec tags list
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:24:00 +01:00
Andreas Rheinhardt
e772e253cb avformat/voc: Deduplicate codec tags list
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 11:23:29 +01:00
Andreas Rheinhardt
ef3224c911 avformat/caf: Deduplicate codec tags list
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
Andreas Rheinhardt
c50c85911e avformat/asfenc: Deduplicate codec tags lists
Also saves relocations.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
Andreas Rheinhardt
6cb6ee754b avformat/au: Deduplicate codec_tag lists
Also saves a relocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
Andreas Rheinhardt
20ff7b1f16 avformat/isom: Remove outcommented function
There is another ff_mov_read_chan in mov_chan.c.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
Andreas Rheinhardt
bb9167dbde avformat/isom: Split movaudio/movvideo tags off into a separate file
The NUT and avi demuxers only need ff_codec_movvideo_tags and so this
removes a dependency on the rest of isom.c as well as on mpeg4audio.c
(which isom depends on); it is similar for the Matroska demuxer and
muxers, except that the mpeg4audio.c dependency can't be avoided.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
Andreas Rheinhardt
215536ad0c avformat/Makefile: Remove outdated AIFF demuxer dependency on iso_media
This is a result of the mov channel parsing stuff being factored out
of mov.c twice: Once in 91b782720f
to isom.c and later in 3bab7cd128.

Also remove the isom.h header; and while just at it, remove an unused
mathematics.h inclusion.

(isom.c actually depends upon mpeg4audio from libavcodec for
avpriv_mpeg4audio_get_config2 and avpriv_mpa_freq_tab; yet there is
no configure dependency for iso_media which leads to failure of shared
builds.)

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-23 10:14:26 +01:00
James Almer
7b30dad3a6 avcodec: remove pointless lowres deprecation wrappers
Neither the feature, public fields, or AVOptions were ever truly deprecated,
nor will have been removed if this FF_API_ define was left in place, so
get rid of it as it's misleading.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-02-22 20:50:15 -03:00
Mark Reid
a82a052769 avformat/mov: fix timecode with counter mode flag set
The current behaviour ends up squaring the avg_frame_rate if the conter mode flag is set.
This messes up the timecode calculation, and looks to me as a regression that
seems to have been introduced 428b4aac.

Upon further testing is seems that no special case is need for having the counter flag set.
av_timecode_init appears to handles the timecode correctly, at least in the sample files
I have.

Here is a sample mov file with the counter flag set
https://www.dropbox.com/s/5l4fucb9lhq523s/timecode_counter_mode.mov

before the patch ffmpeg will report the timecode as:
00:37:11:97 and warns that the timecode framerate is 576000000/1002001

after patch:
14:50:55:02

Signed-off-by: Anton Khirnov <anton@khirnov.net>
2021-02-22 11:12:10 +01:00
Andreas Rheinhardt
053144008e avformat/matroskaenc: Add support for FlagTextDescriptions
This is the Matroska equivalent of D_WEBVTT_DESCRIPTIONS and is
therefore only enabled for subtitles.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:14:26 +01:00
Andreas Rheinhardt
48cf1d878c avformat/matroskadec: Add support for FlagTextDescriptions
This is the equivalent of the WebM "D_WEBVTT/DESCRIPTIONS" and is
therefore only exported for subtitles.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:14:20 +01:00
Andreas Rheinhardt
f9ceb18f3b avformat/matroskaenc: Add support for FlagHearing/VisualImpaired
Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:13:17 +01:00
Andreas Rheinhardt
51e1067729 avformat/matroskadec: Add support for FlagHearing/VisualImpaired
Given that our disposition flags provide no way to distinguish the
cases of "track is unsuitable for hearing impaired users" and "it is
unknown whether the track is suitable for hearing impaired users" we do
not need to use a CountedElement for these flags.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:12:25 +01:00
Andreas Rheinhardt
8949be0086 avformat/matroskaenc: Add support for FlagCommentary
Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:12:08 +01:00
Andreas Rheinhardt
18b3deee22 avformat/matroskadec: Add support for FlagCommentary
Hint: Matroska actually provides a way to distinguish the cases of
"track is no commentary track" and "it is unknown whether the track
is a commentary track", but our disposition flags do not. Therefore
we need not use a CountedElement.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 04:12:02 +01:00
Andreas Rheinhardt
05ae0b239f avformat/matroskadec: Beautify setting default values
Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:58:18 +01:00
Andreas Rheinhardt
7471f473c5 avformat/matroskadec: Reindent after the previous commit
Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:58:13 +01:00
Andreas Rheinhardt
0a99c3dadc avformat/matroskadec: Make reading zero-length elements spec-compliant
For a very long time, the payload of integer and float elements had to
have a length > 0. Our parser treated such invalid elements as having a
value zero. But now it has been defined what an EBML element with length
zero means: It is a shorthand for the default value. This has also been
defined for strings (both ASCII and UTF-8). This commit modifies our
parser to support this.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:57:52 +01:00
Andreas Rheinhardt
2f1a5621d3 avformat/matroskadec: Don't use fake default value for ReferenceBlock
This has been done in order to find out whether this element is present
at all; but this can now be done in a cleaner way by using a CountedElement
for it.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:57:52 +01:00
Andreas Rheinhardt
3ac5530244 avformat/matroskaenc: Don't write empty language
According to the new EBML specifications, a string element of length
zero would be read as the default value by a compliant parser.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:57:52 +01:00
Andreas Rheinhardt
e8f3901604 avformat/matroskadec: Check min_luminance more thoroughly
In the absence of an explicitly coded minimal luminance, the current
code inferred it to be -1, an invalid value. Yet it did not check the
value lateron at all, so that if a valid maximum luminance is
encountered, but no minimal luminance, an invalid minimal luminance of
-1 is exported. If an minimal luminance element with a negative value is
present, it is exported, too. This can be simply fixed by adding a check
for the value of the element.

Yet given that a minimal luminance of zero Cd/m² is legal and can be
coded with a length of zero, we must not use a fake default value to
find out whether the element is present or not. Therefore this patch
uses an explicit counter for it.

While just at it, also check for max_luminance > min_luminance.

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:57:52 +01:00
Andreas Rheinhardt
5b9a0e6031 avformat/matroskadec: Allow to count the number of element occurences
Up until now, the generic EBML reader used by the Matroska demuxer did
not have the capability to record whether an element was actually
present or not; instead, in cases where it mattered one typically added
an invalid default value and checked whether the value is valid (in
which case it is guaranteed to be present). This worked pretty well so
far, yet the EBML specifications have evolved: It is now legal to use
zero-length elements for floats, ints, uints and strings (both ASCII and
UTF-8); the value of these elements is the default value of the element
(if it has one) or zero for scalar types and an empty string for
strings. Furthermore, having a default value does no longer imply that
the element may be presumed to be present (with its default value) if it
is absent; this is only true if the element is mandatory, too.

These rules are designed to allow size savings as follows: Consider the
newly added FlagOriginal: It being zero means the track is not in its
original language, it being one means it is. For backward compatibility
reasons, neither of the two values may be inferred automatically in the
absence of the element. But one can still save a byte when one wants to
write the element with a value of zero, as one can write the integer with
a length of zero: 0x55AE 80 instead of 0x55AE 81 00. In the former case,
a parser has to infer the value of the element to be zero (which is the
element's default value).

When encountering an element with length zero, our parser always infers
a value of zero (or an empty string); this is wrong for values with
a different default value. It needs to infer the default value (or zero
in its absence) and this precludes using an invalid default value for
elements like FlagOriginal. Ergo one needs to be able to record whether
an element is present or not by other means. This patch allows to use a
simple counter for this. While just at it, some invalid and unnecessary
default values have been removed (mastering metadata elements used
default values of -1.0, despite these elements only being used if they
are > 0).

Reviewed-by: Ridley Combs <rcombs@rcombs.me>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-22 03:57:16 +01:00
Michael Niedermayer
f569ac4ce0 avformat/microdvddec: use 64bit for durations
Fixes: signed integer overflow: 7 - -2147483647 cannot be represented in type 'int'
Fixes: 28036/clusterfuzz-testcase-minimized-ffmpeg_dem_MICRODVD_fuzzer-5171698751766528

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-21 22:50:52 +01:00
Paul B Mahol
51a9f487ae avformat: add Simbiosis IMX demuxer 2021-02-20 17:43:17 +01:00
Andreas Rheinhardt
d150c2038d avformat/mpegenc: Forward error code
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-19 07:45:48 +01:00
Andreas Rheinhardt
4294f64d57 avformat/mpegenc: Avoid adding invalid packet to queue
Do this by moving the check before the allocation.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-19 07:45:48 +01:00
Andreas Rheinhardt
54987a37da avformat/mpegenc: Fix leak in case trailer is never written
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-19 07:45:48 +01:00
Andreas Rheinhardt
cfce16449c avformat/mpegenc: Ensure packet queue stays valid
The MPEG-PS muxer uses a custom queue of custom packets. To keep track
of it, it has a pointer (named predecode_packet) to the head of the
queue and a pointer to where the next packet is to be added (it points
to the next-pointer of the last element of the queue); furthermore,
there is also a pointer that points into the queue (called premux_packet).

The exact behaviour was as follows: If premux_packet was NULL when a
packet is received, it is taken to mean that the old queue is empty and
a new queue is started. premux_packet will point to the head of said
queue and the next_packet-pointer points to its next pointer. If
predecode_packet is NULL, it will also made to point to the newly
allocated element.

But if premux_packet is NULL and predecode_packet is not, then there
will be two queues with head elements premux_packet and
predecode_packet. Yet only elements reachable from predecode_packet are
ever freed, so the premux_packet queue leaks.
Worse yet, when the predecode_packet queue will be eventually exhausted,
predecode_packet will be made to point into the other queue and when
predecode_packet will be freed, the next pointer of the preceding
element of the queue will still point to the element just freed. This
element might very well be still reachable from premux_packet which
leads to use-after-frees lateron. This happened in the tickets mentioned
below.

Fix this by never creating two queues in the first place by checking for
predecode_packet to know whether the queue is empty. If premux_packet is
NULL, then it is set to the newly allocated element of the queue.

Fixes tickets #6887, #8188 and #8266.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-19 07:45:48 +01:00
Paul B Mahol
67c8c863c7 avcodec: add initial exr image encoder 2021-02-18 13:00:40 +01:00
Paul B Mahol
8331eb058d avformat/ircamdec: use lrintf() for rounding 2021-02-16 23:45:01 +01:00
Andreas Rheinhardt
c38ab8f30f avformat/mxfenc: Discard audio until valid video has been received
Normally, video packets are muxed before audio packets for mxf (there is
a dedicated interleave function for this); furthermore the first (video)
packet triggers writing the actual header. Yet when the first video packet
fails the checks performed on it, it will be an audio packet that leads
to writing the header and codec_ul (a value set based upon
properties of the bitstream which necessitates actually inspecting
packets) may be wrong. Therefore this commit discards audio packets until
a valid video packet has been received.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-16 22:51:11 +01:00
Andreas Rheinhardt
815515445a avformat/mxfenc: Fix typo
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-16 22:49:13 +01:00
Andreas Rheinhardt
58020bbed1 avformat/mxfenc: Use user-specified version even when bitexact
Doing so is still bitexact.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-16 22:49:02 +01:00
Andreas Rheinhardt
5400e4a50c avformat/mxfenc: Never set codec_ul UID to NULL
mxf distinguishes codec profiles by different UIDs and therefore needs
to check that the input is actually compatible with mxf (i.e. if there
is a defined UID for it). If not, then sometimes the UID would be set to
NULL and writing the (video) packet would fail. Yet the following audio
packet would trigger writing the header (which has been postponed because
the UID is not known at the start) and if the UID is NULL, this can lead
to segfaults. This commit therefore stops setting the UID to NULL if the
input is incompatible with mxf (it has initially been set to a generic
value in mxf_write_header()).

Fixes #7993.

Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-16 22:48:45 +01:00
Michael Niedermayer
d558c9f237 avformat/rmdec: Check codec_length without overflow
Fixes: signed integer overflow: 2147483647 + 64 cannot be represented in type 'int'
Fixes: 30333/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-5175286983426048

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-16 19:02:24 +01:00
Michael Niedermayer
1d277b92fa avformat/mov: Check element count in mov_metadata_hmmt()
Fixes: Timeout
Fixes: 30325/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6048395703746560

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-16 19:02:24 +01:00
Andreas Rheinhardt
da857099e9 avformat/utils: Add av_assert1 to preclude NULL + len, len != 0
Such a scenario is undefined behaviour and would also indicate a bug
in our code.

Suggested-by: James Almer <jamrial@gmail.com>
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-15 16:50:55 +01:00
Carl Eugen Hoyos
c0d0b1c4f6 lavf/img2dec: Autodetect pfm images. 2021-02-15 00:34:01 +01:00
Andreas Rheinhardt
9c0b3eddf4 avformat/utils: Fix undefined NULL + 0
This is undefined behaviour in C, so use data = len ? data + len : data
instead of data += len. GCC optimizes the branch away in this case;
Clang unfortunately doesn't.

Fixes ticket #8592.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-14 22:47:08 +01:00
Andreas Rheinhardt
4f49ca7bbc avdevice/avdevice: Deprecate AVDevice Capabilities API
It has been added in 6db42a2b6b,
yet since then none of the necessary create/free_device_capabilities
functions has been implemented, making this API completely useless.

Because of this one can already simplify
avdevice_capabilities_free/create and can already remove the function
pointers at the next major bump; given that the documentation explicitly
states that av_device_capabilities is not to be used by a user, it's
options can already be removed (save for the sentinel).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-14 21:07:57 +01:00
Michael Niedermayer
c425198558 avformat/nutdec: Check timebase count against main header length
Fixes: Timeout (long -> 3ms)
Fixes: 28514/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6078669009321984
Fixes: 30095/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-5074433016463360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-14 19:55:02 +01:00
Michael Niedermayer
cb90e1c4d0 avformat/mov: sanity check STSD entries
The choosen value is arbitrary. I am not sure if this is a good idea
but i dont immedeately see an alternative better way, it seems either
an arbitrary limit or OOM

Fixes: OOM
Fixes: 27492/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6194970578649088

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-14 19:55:02 +01:00
James Almer
d5d6751a55 avformat/mux: return a pointer to the packet in ff_interleaved_peek()
And make it const, so the caller doesn't attempt to change it.
ff_get_muxer_ts_offset() should be used to get the muxer timestamp offset.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-02-13 13:05:26 -03:00
James Almer
93e2fa933f avformat/mux: add ff_get_muxer_ts_offset()
Will be useful in the next patch

Signed-off-by: James Almer <jamrial@gmail.com>
2021-02-13 13:01:48 -03:00
James Almer
a80fbbdab5 avformat/utils: force lowres to 0 in avformat_find_stream_info()
Instead of applying it and then restoring the original codecpar dimensions.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-02-13 13:01:48 -03:00
Michael Niedermayer
59bb9dc2a6 avformat/electronicarts: Clear partial_packet on error
Fixes: Infinite loop
Fixes: 30165/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-6224642371092480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-12 23:42:16 +01:00