1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-28 20:53:54 +02:00
Commit Graph

94 Commits

Author SHA1 Message Date
Michael Niedermayer
8ef25d1182 avformat/mpc8: Check for position overflow in mpc8_handle_chunk()
Fixes: signed integer overflow: 15 + 9223372036854775796 cannot be represented in type 'long'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6723520756318208
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6739833034768384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-06-18 18:58:25 +02:00
James Almer
c768233293 avformat/utils: make ff_update_cur_dts() shared
libavdevice needs it.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-06-09 13:55:25 -03:00
Andreas Rheinhardt
bc70684e74 avformat: Constify all muxer/demuxers
This is possible now that the next-API is gone.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2021-04-27 11:48:06 -03:00
Michael Niedermayer
6cc65d3d67 avformat/mpc8: check for size overflow in mpc8_get_chunk_header()
Fixes: signed integer overflow: -9223372036854775760 - 50 cannot be represented in type 'long'
Fixes: 31673/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-580134751869337

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-31 23:09:35 +02:00
Michael Niedermayer
78d6d8ddb5 avformat/mpc8: Check size before implicitly converting to int
Fixes: Timeout
Fixes: 28551/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6229183210586112

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-28 21:06:48 +01:00
Michael Niedermayer
4f66dd13d0 avformat/mpc8: Check remaining space in mpc8_parse_seektable()
Fixes: Fixes infinite loop
Fixes: 26704/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6327056939614208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-12-05 00:08:33 +01:00
Michael Niedermayer
0897402ac8 avformat/mpc8: correct integer overflow in mpc8_parse_seektable()
Fixes: signed integer overflow: -4683718486770919638 * 2 cannot be represented in type 'long'
Fixes: 26704/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6327056939614208
Fixes: 27550/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6259212652642304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-27 00:25:42 +01:00
Michael Niedermayer
ad3e495657 avformat/mpc8: correct 32bit timestamp truncation
Fixes: left shift of 65536 by 15 places cannot be represented in type 'int'
Fixes: 26801/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-5164313092030464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-27 00:25:42 +01:00
Anton Khirnov
cea7c19cda lavf: move AVStream.*index_entries* to AVStreamInternal
Those are private fields, no reason to have them exposed in a public
header. Since there are some (semi-)public fields located after these,
even though this section is supposed to be private, keep some dummy
padding there until the next major bump to preserve ABI compatibility.
2020-10-28 14:59:28 +01:00
Andreas Rheinhardt
c1e439d7e9 avformat: Forward errors where possible
It is not uncommon to find code where the caller thinks to know better
what the return value should be than the callee. E.g. something like
"if (av_new_packet(pkt, size) < 0) return AVERROR(ENOMEM);". This commit
changes several instances of this to instead forward the actual error.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-12 19:25:33 +01:00
Steven Liu
7a20008964 avformat/mpc8: fix memleak when seek table too big
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-28 14:26:10 +08:00
Carl Eugen Hoyos
4d8875ec23 lavf: Constify the probe function argument.
Reviewed-by: Lauri Kasanen
Reviewed-by: Tomas Härdin
2019-03-21 11:42:17 +01:00
Paul B Mahol
a8a751ce9a avformat/mpc8: do not return error on stream end
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2018-03-29 20:46:36 +02:00
Clément Bœsch
e3287077ec Merge commit '67deba8a416d818f3d95aef0aa916589090396e2'
* commit '67deba8a416d818f3d95aef0aa916589090396e2':
  Use avpriv_report_missing_feature() where appropriate

Merged-by: Clément Bœsch <cboesch@gopro.com>
2017-03-31 10:40:34 +02:00
James Almer
4de591e6fb Merge commit '83548fe894cdb455cc127f754d09905b6d23c173'
* commit '83548fe894cdb455cc127f754d09905b6d23c173':
  lavf: fix usage of AVIOContext.seekable

Merged-by: James Almer <jamrial@gmail.com>
2017-03-21 17:02:30 -03:00
Diego Biurrun
67deba8a41 Use avpriv_report_missing_feature() where appropriate 2016-11-08 17:54:34 +01:00
Anton Khirnov
83548fe894 lavf: fix usage of AVIOContext.seekable
It is supposed to be a flag. The only currently defined value is
AVIO_SEEKABLE_NORMAL, but other ones may be added in the future.
However all the current lavf code treats this field as a bool (mainly
for historical reasons).
Change all those cases to properly check for AVIO_SEEKABLE_NORMAL.
2016-09-30 16:54:33 +02:00
Paul B Mahol
323b8c95e4 avformat: add AVFormatContext to ff_get_extradata()
Needed for av_log() inside that function.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2016-04-14 18:21:08 +02:00
Derek Buitenhuis
6f69f7a8bf Merge commit '9200514ad8717c63f82101dc394f4378854325bf'
* commit '9200514ad8717c63f82101dc394f4378854325bf':
  lavf: replace AVStream.codec with AVStream.codecpar

This has been a HUGE effort from:
    - Derek Buitenhuis <derek.buitenhuis@gmail.com>
    - Hendrik Leppkes <h.leppkes@gmail.com>
    - wm4 <nfxjfg@googlemail.com>
    - Clément Bœsch <clement@stupeflix.com>
    - James Almer <jamrial@gmail.com>
    - Michael Niedermayer <michael@niedermayer.cc>
    - Rostislav Pehlivanov <atomnuker@gmail.com>

Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2016-04-10 20:59:55 +01:00
Anton Khirnov
9200514ad8 lavf: replace AVStream.codec with AVStream.codecpar
Currently, AVStream contains an embedded AVCodecContext instance, which
is used by demuxers to export stream parameters to the caller and by
muxers to receive stream parameters from the caller. It is also used
internally as the codec context that is passed to parsers.

In addition, it is also widely used by the callers as the decoding (when
demuxer) or encoding (when muxing) context, though this has been
officially discouraged since Libav 11.

There are multiple important problems with this approach:
    - the fields in AVCodecContext are in general one of
        * stream parameters
        * codec options
        * codec state
      However, it's not clear which ones are which. It is consequently
      unclear which fields are a demuxer allowed to set or a muxer allowed to
      read. This leads to erratic behaviour depending on whether decoding or
      encoding is being performed or not (and whether it uses the AVStream
      embedded codec context).
    - various synchronization issues arising from the fact that the same
      context is used by several different APIs (muxers/demuxers,
      parsers, bitstream filters and encoders/decoders) simultaneously, with
      there being no clear rules for who can modify what and the different
      processes being typically delayed with respect to each other.
    - avformat_find_stream_info() making it necessary to support opening
      and closing a single codec context multiple times, thus
      complicating the semantics of freeing various allocated objects in the
      codec context.

Those problems are resolved by replacing the AVStream embedded codec
context with a newly added AVCodecParameters instance, which stores only
the stream parameters exported by the demuxers or read by the muxers.
2016-02-23 17:01:58 +01:00
Michael Niedermayer
29d147c94d Merge commit '059a934806d61f7af9ab3fd9f74994b838ea5eba'
* commit '059a934806d61f7af9ab3fd9f74994b838ea5eba':
  lavc: Consistently prefix input buffer defines

Conflicts:
	doc/examples/decoding_encoding.c
	libavcodec/4xm.c
	libavcodec/aac_adtstoasc_bsf.c
	libavcodec/aacdec.c
	libavcodec/aacenc.c
	libavcodec/ac3dec.h
	libavcodec/asvenc.c
	libavcodec/avcodec.h
	libavcodec/avpacket.c
	libavcodec/dvdec.c
	libavcodec/ffv1enc.c
	libavcodec/g2meet.c
	libavcodec/gif.c
	libavcodec/h264.c
	libavcodec/h264_mp4toannexb_bsf.c
	libavcodec/huffyuvdec.c
	libavcodec/huffyuvenc.c
	libavcodec/jpeglsenc.c
	libavcodec/libxvid.c
	libavcodec/mdec.c
	libavcodec/motionpixels.c
	libavcodec/mpeg4videodec.c
	libavcodec/mpegvideo.c
	libavcodec/noise_bsf.c
	libavcodec/nuv.c
	libavcodec/nvenc.c
	libavcodec/options.c
	libavcodec/parser.c
	libavcodec/pngenc.c
	libavcodec/proresenc_kostya.c
	libavcodec/qsvdec.c
	libavcodec/svq1enc.c
	libavcodec/tiffenc.c
	libavcodec/truemotion2.c
	libavcodec/utils.c
	libavcodec/utvideoenc.c
	libavcodec/vc1dec.c
	libavcodec/wmalosslessdec.c
	libavformat/adxdec.c
	libavformat/aiffdec.c
	libavformat/apc.c
	libavformat/apetag.c
	libavformat/avidec.c
	libavformat/bink.c
	libavformat/cafdec.c
	libavformat/flvdec.c
	libavformat/id3v2.c
	libavformat/isom.c
	libavformat/matroskadec.c
	libavformat/mov.c
	libavformat/mpc.c
	libavformat/mpc8.c
	libavformat/mpegts.c
	libavformat/mvi.c
	libavformat/mxfdec.c
	libavformat/mxg.c
	libavformat/nutdec.c
	libavformat/oggdec.c
	libavformat/oggparsecelt.c
	libavformat/oggparseflac.c
	libavformat/oggparseopus.c
	libavformat/oggparsespeex.c
	libavformat/omadec.c
	libavformat/rawdec.c
	libavformat/riffdec.c
	libavformat/rl2.c
	libavformat/rmdec.c
	libavformat/rtpdec_latm.c
	libavformat/rtpdec_mpeg4.c
	libavformat/rtpdec_qdm2.c
	libavformat/rtpdec_svq3.c
	libavformat/sierravmd.c
	libavformat/smacker.c
	libavformat/smush.c
	libavformat/spdifenc.c
	libavformat/takdec.c
	libavformat/tta.c
	libavformat/utils.c
	libavformat/vqf.c
	libavformat/westwood_vqa.c
	libavformat/xmv.c
	libavformat/xwma.c
	libavformat/yop.c

Merged-by: Michael Niedermayer <michael@niedermayer.cc>
2015-07-27 23:15:19 +02:00
Vittorio Giovara
059a934806 lavc: Consistently prefix input buffer defines
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2015-07-27 15:24:59 +01:00
Michael Niedermayer
0b638b83c6 avformat/mpc8: Add () to protect MKMPCTAG()s arguments
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-16 23:14:27 +01:00
Michael Niedermayer
a0fe1a25fa Merge commit 'daf8cf358a098a903d59adb6c0d0cc3262a8c93e'
* commit 'daf8cf358a098a903d59adb6c0d0cc3262a8c93e':
  avformat: Don't anonymously typedef structs

Conflicts:
	libavformat/adtsenc.c
	libavformat/aiffenc.c
	libavformat/avidec.c
	libavformat/gif.c
	libavformat/iff.c
	libavformat/img2dec.c
	libavformat/jvdec.c
	libavformat/matroskadec.c
	libavformat/udp.c
	libavformat/wtvdec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-14 21:07:40 +01:00
Diego Biurrun
daf8cf358a avformat: Don't anonymously typedef structs 2015-02-14 10:13:47 -08:00
Michael Niedermayer
05e1619529 avformat/mpc8: Use uint64_t in *_get_v() to avoid undefined behavior
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-04 14:55:42 +01:00
wm4
b737a2c528 avformat/mpc8: fix broken pointer math
This could overflow and crash at least on 32 bit systems.

Reviewed-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-04 00:55:47 +01:00
wm4
56cc024220 avformat/mpc8: fix hang with fuzzed file
This can lead to an endless loop by seeking back a few bytes after each
attempted chunk read. Assuming negative sizes are always invalid, this
is easy to fix. Other code in this demuxer treats negative sizes as
invalid as well.

Fixes ticket #4262.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-04 00:39:56 +01:00
James Almer
d34ec64a22 replace calls to url_feof() with avio_feof()
Signed-off-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-08-08 00:48:38 +02:00
Michael Niedermayer
26ce266e3d avformat/mpc8: check avio_read() return in mpc8_parse_seektable()
no sample / testcase known

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-12-26 00:11:49 +01:00
Michael Niedermayer
e33b6ccfa7 avformat/mpc8: clear buffer padding area
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7fa6a48cd1d5_8853_sv8_notags.mpc
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-12-25 23:54:27 +01:00
Michael Niedermayer
6f7daae043 avformat/mpc8: use ff_get_extradata()
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-12-25 17:38:29 +01:00
Paul B Mahol
a807c68253 avformat: use ff_alloc_extradata()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2013-10-13 20:13:38 +00:00
Michael Niedermayer
83d2b7e9a2 Merge commit '17d57848fc14e82f76a65ffb25c90f2f011dc4a0'
* commit '17d57848fc14e82f76a65ffb25c90f2f011dc4a0':
  mpc8: Make sure the first stream exists before parsing the seek table

Conflicts:
	libavformat/mpc8.c

See: 69fb605ad5
Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-09-12 14:31:07 +02:00
Michael Niedermayer
ad9a877a6d Merge commit '459f2b393a3f89ed08d10fbceb4738d1429f268e'
* commit '459f2b393a3f89ed08d10fbceb4738d1429f268e':
  mpc8: Check the seek table size parsed from the bitstream

Conflicts:
	libavformat/mpc8.c

See: b61ba262a1
Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-09-12 14:10:17 +02:00
Martin Storsjö
17d57848fc mpc8: Make sure the first stream exists before parsing the seek table
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
2013-09-12 10:54:27 +03:00
Martin Storsjö
459f2b393a mpc8: Check the seek table size parsed from the bitstream
Limit the size to INT_MAX/2 (for simplicity) to be sure that
size + FF_INPUT_BUFFER_PADDING_SIZE won't overflow.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
2013-09-12 10:54:05 +03:00
Michael Niedermayer
f083b4c338 Merge commit 'e0f8be6413b6a8d334d6052e610af32935c310af'
* commit 'e0f8be6413b6a8d334d6052e610af32935c310af':
  avformat: Add AVPROBE_SCORE_EXTENSION define and use where appropriate

Conflicts:
	libavformat/ac3dec.c
	libavformat/avformat.h
	libavformat/avs.c
	libavformat/m4vdec.c
	libavformat/mov.c
	libavformat/mp3dec.c
	libavformat/mpeg.c
	libavformat/mpegvideodec.c
	libavformat/psxstr.c
	libavformat/pva.c
	libavformat/utils.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-05-05 12:31:03 +02:00
Diego Biurrun
e0f8be6413 avformat: Add AVPROBE_SCORE_EXTENSION define and use where appropriate 2013-05-04 21:43:06 +02:00
Michael Niedermayer
69fb605ad5 mpc8: check stream count before accessing stream 1.
Fixes null pointer dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-01-24 02:51:51 +01:00
Michael Niedermayer
c8e5efb496 mpc8_probe: make buffer related pointers and function arguments const
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-12-25 01:51:59 +01:00
Michael Niedermayer
b61ba262a1 mpc8: check seektable size before attempting to use it.
Fixes null pointer dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-12-02 04:21:42 +01:00
Michael Niedermayer
7a72695c05 Merge commit '36ef5369ee9b336febc2c270f8718cec4476cb85'
* commit '36ef5369ee9b336febc2c270f8718cec4476cb85':
  Replace all CODEC_ID_* with AV_CODEC_ID_*
  lavc: add AV prefix to codec ids.

Conflicts:
	doc/APIchanges
	doc/examples/decoding_encoding.c
	doc/examples/muxing.c
	ffmpeg.c
	ffprobe.c
	ffserver.c
	libavcodec/8svx.c
	libavcodec/avcodec.h
	libavcodec/dnxhd_parser.c
	libavcodec/dvdsubdec.c
	libavcodec/error_resilience.c
	libavcodec/h263dec.c
	libavcodec/libvorbisenc.c
	libavcodec/mjpeg_parser.c
	libavcodec/mjpegenc.c
	libavcodec/mpeg12.c
	libavcodec/mpeg4videodec.c
	libavcodec/mpegvideo.c
	libavcodec/mpegvideo_enc.c
	libavcodec/pcm.c
	libavcodec/r210dec.c
	libavcodec/utils.c
	libavcodec/v210dec.c
	libavcodec/version.h
	libavdevice/alsa-audio-dec.c
	libavdevice/bktr.c
	libavdevice/v4l2.c
	libavformat/asfdec.c
	libavformat/asfenc.c
	libavformat/avformat.h
	libavformat/avidec.c
	libavformat/caf.c
	libavformat/electronicarts.c
	libavformat/flacdec.c
	libavformat/flvdec.c
	libavformat/flvenc.c
	libavformat/framecrcenc.c
	libavformat/img2.c
	libavformat/img2dec.c
	libavformat/img2enc.c
	libavformat/ipmovie.c
	libavformat/isom.c
	libavformat/matroska.c
	libavformat/matroskadec.c
	libavformat/matroskaenc.c
	libavformat/mov.c
	libavformat/movenc.c
	libavformat/mp3dec.c
	libavformat/mpeg.c
	libavformat/mpegts.c
	libavformat/mxf.c
	libavformat/mxfdec.c
	libavformat/mxfenc.c
	libavformat/nsvdec.c
	libavformat/nut.c
	libavformat/oggenc.c
	libavformat/pmpdec.c
	libavformat/rawdec.c
	libavformat/rawenc.c
	libavformat/riff.c
	libavformat/sdp.c
	libavformat/utils.c
	libavformat/vocenc.c
	libavformat/wtv.c
	libavformat/xmv.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-08-07 22:45:46 +02:00
Michael Niedermayer
bc773d0d42 Merge commit 'f5d2c597e99af218b0d4d1cf9737c7e68ee934e4'
* commit 'f5d2c597e99af218b0d4d1cf9737c7e68ee934e4':
  build: fix library installation on cygwin
  mpc8: add a flush function
  mpc8: set packet duration and stream start time instead of tracking frames

Conflicts:
	libavformat/mpc8.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-08-07 21:49:00 +02:00
Anton Khirnov
36ef5369ee Replace all CODEC_ID_* with AV_CODEC_ID_* 2012-08-07 16:00:24 +02:00
Justin Ruggles
2fa57c9daf mpc8: set packet duration and stream start time instead of tracking frames
Fixes mpc8 timestamps.
2012-08-06 14:39:21 -04:00
Michael Niedermayer
7bf16ec300 mpc8: fix pts
Fixes Ticket1254

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-08-06 02:51:11 +02:00
Michael Niedermayer
d1dad7c824 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  mpc8: return more meaningful error codes.
  mpc: return more meaningful error codes.
  wv,mpc8: don't return apetag data in packets.
  rtmp: do not warn about receiving metadata packets
  x86: h264dsp: Adjust YASM #ifdefs
  x86: yadif: Mark mmxext optimizations as such
  h264: convert loop filter strength dsp function to yasm.
  Improve descriptiveness of a number of codec and container long names

Conflicts:
	libavcodec/flvdec.c
	libavcodec/libopenjpegdec.c
	libavformat/apetag.c
	libavformat/mp3dec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-07-31 22:41:00 +02:00
Anton Khirnov
f2ed006c90 mpc8: return more meaningful error codes. 2012-07-31 20:54:22 +02:00
Anton Khirnov
782e64fbe1 wv,mpc8: don't return apetag data in packets. 2012-07-31 20:53:54 +02:00