1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Commit Graph

116638 Commits

Author SHA1 Message Date
Michael Niedermayer
66ee75d76c
avformat/mpeg: Check an avio_read() for failure
Fixes: use-of-uninitialized-value
Fixes: 70849/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGPS_fuzzer-4684401009557504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:21:00 +02:00
Michael Niedermayer
8ca072a373
avcodec/apac: Clean padding space
Fixes: use-of-uninitialized-value
Fixes: 70842/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APAC_fuzzer-5758325067677696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:21:00 +02:00
Michael Niedermayer
cba4e2e40d
avcodec/mvha: Clear remaining space after inflate()
Fixes: use-of-uninitialized-value
Fixes: 70838/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-4878509466517504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:21:00 +02:00
Michael Niedermayer
a0f22218f7
bsf/media100_to_mjpegb: Clear output buffer padding
Fixes: use-of-uninitialized-value
Fixes: 70855/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MEDIA100_fuzzer-5537446610141184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:59 +02:00
Michael Niedermayer
d7f83fc2f4
avformat/iamfdec: Check nb_layers before dereferencing layer
Fixes: dereferencing pointers near NULL
Fixes: 70432/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5255672845893632
Fixes: 70877/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5348547432611840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:59 +02:00
Michael Niedermayer
6996e1238e
avformat/av1dec: Check bits left before get_leb128()
Fixes: use of uninitialized value
Fixes: 70872/clusterfuzz-testcase-minimized-ffmpeg_dem_OBU_fuzzer-6005782487826432

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:58 +02:00
Michael Niedermayer
4dc7dfe65a
avformat/segafilm: Set keyframe
Fixes: use of uninitialized value
Fixes: 70871/clusterfuzz-testcase-minimized-ffmpeg_dem_SEGAFILM_fuzzer-5883617752973312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:58 +02:00
Michael Niedermayer
0f4524f07a
avcodec/sga: av_assert1 check init_get_bits8()
Related: CID1473562 Unchecked return value
Related: CID1473592 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:58 +02:00
Michael Niedermayer
e40b23c52a
tools/target_dec_fuzzer: Check that FFv1 doesnt leave uninitialized memory in its buffers
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-14 18:20:57 +02:00
Jan Garcia via ffmpeg-devel
598f541ba4 fftools/ffmpeg: show video stats in progress output without filters
Since ffmpeg 6.1 video stats are accidentally hidden from streamcopy progress output.
This patch re-enables video stats (like frames=) in the progress output.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
2024-08-14 15:17:58 +02:00
Josh Allmann
374824cbc7 avcodec/h264_mp4toannexb: Prepend SPS/PPS to buffering period SEI
Encoders may emit a buffering period SEI without a corresponding
SPS/PPS if the SPS/PPS is carried out-of-band, eg with avcc.

During Annex B conversion, this may result in the SPS/PPS being
inserted *after* the buffering period SEI but before the IDR NAL.

Since the buffering period SEI references the SPS, the SPS/PPS
needs to come first.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
2024-08-14 13:20:56 +02:00
Ross Burton
654bd47716 libavcodec/arm/mlpdsp_armv5te: fix label format to work with binutils 2.43
binutils 2.43 has stricter validation for labels[1] and results in errors
when building ffmpeg for armv5:

src/libavcodec/arm/mlpdsp_armv5te.S:232: Error: junk at end of line, first unrecognized character is `0'

Remove the leading zero in the "01" label to resolve this error.

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c607d6428d6c81e1e7e7a994b

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
2024-08-13 23:24:13 +03:00
Stephen Hutchinson
ea7375c9e9 avformat/avisynth: move avs_planes* consts into relevant function
These consts are only used in the switch(planar) case located in
avisynth_create_stream_video and nowhere else in the demuxer,
so move them into that function directly.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2024-08-13 15:09:53 -04:00
Stephen Hutchinson
48d6cd35a2 avformat/avisynth: remove library allocation from global state
As part of this, the mutexes are no longer necessary, and
avisynth_read_close needs to check that avs->avs_library.library
still exists before it attempts to call avisynth_context_destroy
and dlclose.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2024-08-13 15:09:53 -04:00
Stephen Hutchinson
8f01ce2898 avformat/avisynth: remove mutex lock from avisynth_read_close
Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2024-08-13 15:09:53 -04:00
Stephen Hutchinson
c0fddbae79 avformat/avisynth: remove atexit() handler
The atexit() handler in the avisynth demuxer was added because
there was a conflict in AvxSynth that arose due to their use
of C++ global objects, particularly in relation to having
added a logging function relying on log4cpp.

This conflict was responsible for causing a segfault on exit.
It did not affect Windows with the (at the time) upstream
AviSynth 2.5 and 2.6, nor does it affect AviSynth+.

Unfortunately, none of this was actually shielded by ifdefs
indicating the fact it was only needed for AvxSynth, so four
years ago when AviSynth+ replaced AvxSynth as the handler
for AviSynth scripts on Unix-like OSes, the fact that the
atexit handler was no longer necessary was overlooked.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2024-08-13 15:09:53 -04:00
James Almer
66592e8b10 swscale/output: don't leave the alpha channel undefined in vuyx and xv36le
It's non-determistic, as shown by poisoning avfilter buffers instead of zeroing them.

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-13 14:49:41 -03:00
James Almer
ed618b288f avcodec/rpzaenc: don't use buffer data beyond the end of a row
Fixes use of uninitized data (masked by the default zeroing of image buffers).

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-13 14:49:41 -03:00
James Almer
2b349f2d73 avcodec/adpcm: adpcm_dtk is stereo only
Fixes ticket #11133

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-13 14:49:41 -03:00
Lynne
d138d7a595
vulkan: make sure descriptor buffers are always DEVICE_LOCAL
Implementations are required to list memory heaps in the most optimal
order. But its better to be explicit for this particular allocation.
2024-08-13 19:05:20 +02:00
Anton Khirnov
9e3b5b8a26 fftools/ffmpeg: switch -map parsing to new stream specifier API
Makes optional map handling less hacky, fixes combining optional maps
with metadata matching on tags/values containing the '?' character/

Forward errors from stream specifier parsing, previously the code would
ignore them.
2024-08-13 10:28:54 +02:00
Anton Khirnov
d1bdd89c2f fftools/ffmpeg: use new stream specifier API in opt_match_per_stream*()
Removes a lot of error checking code, as matching cannot fail.
2024-08-13 10:28:54 +02:00
Anton Khirnov
46cbe4ab5c fftools/cmdutils: split stream specifier parsing and matching
This approach has the major advantage that only parsing can fail (due to
a malformed specifier or memory allocation failure). Since parsing is
done generically, while matching is per-option, this will allow to
remove substantial amounts of error checking code in following commits.

The new code also explicitly allows stream specifiers to be followed by
additional characters, which should allow cleaner handling of optional
maps, i.e. -map <stream_specifier>?, which is currently implemented in a
hacky way that breaks when the stream specifier itself contains the '?'
character (this can happen when matching metadata). It will also allow
further extending the syntax, which will be useful in following commits.

This introduces some minor behaviour changes:
* Matching metadata tags now requires the ':' character in keys or
  values to be escaped. Previously it could not be present in keys, and
  would be used verbatim in values. The change is required in order to
  know where the value terminates.
* Multiple stream types in a single specifier are now rejected - such a
  specifier makes no sense.
* Non-existent stream group ID or index is now ignored with a warning
  rather than causing a failure. This is consistent with program
  handling and is required to make matching fail-free.
2024-08-13 10:28:54 +02:00
Anton Khirnov
e1b38680b7 fftools/cmdutils: put stream specifier handling back into cmdutils
Stream specifiers were originally designed exclusively for CLI use and
were not intended to be public API. Handling them in avformat places
major restrictions on how they are used. E.g. if ffmpeg CLI wishes to
override some stream parameters, it has to change the demuxer fields
(since avformat_match_stream_specifier() does not have access to
anything else). However, such fields are supposed to be read-only for
the caller.

Furthermore having this code in avformat restricts extending the
specifier syntax. An example of such an extension will be added in
following commits.
2024-08-13 10:28:54 +02:00
Anton Khirnov
93227a68f1 fftools/ffmpeg: replace remaining uses of MATCH_PER_STREAM_OPT() 2024-08-13 10:28:54 +02:00
Anton Khirnov
e218bde9f9 fftools/ffmpeg: replace MATCH_PER_STREAM_OPT(.., str, ..) with a function
This has multiple advantages:
* The macro has multiple parameters that often have similar or identical
  values, yet very different meanings (one is the name of the
  OptionsContext member where the parsed options are stored, the other
  the name of the variable into which the result is written); this
  change makes each of these explicit.

* The macro returns on failure, which may cause leaks - this was the
  reason for adding MATCH_PER_STREAM_OPT_CLEAN(), also ost_add()
  currently leaks encoder_opts. The new function returns failure to its
  caller, which decides how to deal with it. While that adds a lot of
  error checks/forwards for now, those will be reduced in following
  commits.

* new code is type- and const- correct

Invocations of MATCH_PER_STREAM_OPT() with other types will be converted
in following commits.
2024-08-13 10:28:54 +02:00
James Almer
82085a3e0a avcodec/avcodec_internal: fix type definition for the new functions
Fixes make checkheaders.

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-12 23:10:48 -03:00
James Almer
472fbee812 avformat/movenc: don't look at previous track_id as it may not be set
Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-12 11:41:38 -03:00
James Almer
41307ff3e9 avfilter/video: don't zero allocated buffers if memory poisoning is used
Same as in avcodec/get_buffer.c
Should help in debugging use of uninitialized memory.

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-12 11:41:38 -03:00
James Almer
8d700eab85 tests/iamf: match stream group by id in some tests
Increases specifier parsing code coverage a little bit.

Signed-off-by: James Almer <jamrial@gmail.com>
2024-08-12 11:41:38 -03:00
Anton Khirnov
deee00e2eb lavc/decode: reindent after previous commit 2024-08-12 14:42:20 +02:00
Anton Khirnov
5acbdd2264 lavc: convert frame threading to the receive_frame() pattern
Reorganize the code such that the frame threading code does not call the
decoders directly, but instead calls back into the generic decoding
code. This avoids duplicating the logic that wraps the decoder
invocation and allows receive_frame()-based decoders to use frame
threading.

Further work by Timo Rothenpieler <timo@rothenpieler.org>.
2024-08-12 14:42:20 +02:00
Anton Khirnov
4d209dada7 lavc/decode: reindent 2024-08-12 14:42:20 +02:00
Anton Khirnov
048e978e8e lavc/decode: wrap AV_FRAME_FLAG_DISCARD handling in a loop
Makes sure discarded frames do not cause EAGAIN to be returned during
flushing, which is forbidden.
2024-08-12 14:42:20 +02:00
Anton Khirnov
64743b45b5 lavc/internal: document the precise meaning of AVCodecInternal.draining
Also, set draining=1 in case a bitstream filter returns an
internally-triggered EOF. While no bitstream filters currently inserted
by decoders will do that, that may change in the future and it is better
to cover this case.
2024-08-12 14:42:20 +02:00
Anton Khirnov
d94cfd4900 lavc/thread: move generic-layer API to avcodec_internal.h
thread.h currently contains both API for decoder use and functions
internal to lavc generic layer. Move the latter to avcodec_internal.h,
which is a more appropriate place for them.
2024-08-12 14:42:20 +02:00
Anton Khirnov
8d5efc2182 lavc/ffv1dec: fix races in accessing FFV1SliceContext.slice_damaged
That variable is shared between frame threads in the same defective way
described in the previous commit. Fix it by adding a RefStruct-managed
arrays of flags that is propagated across frame threads in the standard
manner.

Remove now-unused FFV1Context.fsrc
2024-08-12 14:42:20 +02:00
Anton Khirnov
15bdca054f lavc/ffv1dec: drop code handling AV_PIX_FMT_FLAG_PAL
No paletted pixel formats are supported by the decoder.
2024-08-12 14:42:20 +02:00
Michael Niedermayer
43cde54fc1
avdevice/dshow: Initialize 2 pointers
Coverity claims these are used uninitilaized in CID1598561 Uninitialized pointer write and CID1598565 Uninitialized pointer write

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:16 +02:00
Michael Niedermayer
189bc840b0
avcodec/dxva2_*: Initialize dxva_data_ptr
Related: CID1591888 Uninitialized scalar variable
Related: CID1591925 Uninitialized pointer read
Related: CID1591933 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:15 +02:00
Michael Niedermayer
1d6a2aebae
avcodec/dxva2: initialize hr in ff_dxva2_common_end_frame()
Related: CID1591924 Uninitialized scalar variable
Related: CID1591938 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:15 +02:00
Michael Niedermayer
2232c4cc8c
avcodec/dxva2: initialize validate
Related: CID1591915 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:15 +02:00
Michael Niedermayer
489c05b9c3
avcodec/dxva2: Initialize ConfigBitstreamRaw
Related: CID1591894 Uninitialized scalar variable
Related: CID1591906 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:14 +02:00
Michael Niedermayer
c8c59e9929
avcodec/dxva2: Initialize dxva_size and check it
Related: CID1591878 Uninitialized scalar variable
Related: CID1591928 Uninitialized pointer read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:14 +02:00
Michael Niedermayer
b98125e5a5
avfilter/vf_xfade: Compute w2, h2 with float
Fixes: CID1458148 Result is not floating-point
Fixes: CID1458149 Result is not floating-point
Fixes: CID1458150 Result is not floating-point
Fixes: CID1458151 Result is not floating-point
Fixes: CID1458152 Result is not floating-point
Fixes: CID1458154 Result is not floating-point
Fixes: CID1458155 Result is not floating-point
Fixes: CID1458156 Result is not floating-point

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:14 +02:00
Michael Niedermayer
f802d65de0
avfilter/vf_v360: Assert that vf was initialized
Maybe helps: CID1504571 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:13 +02:00
Michael Niedermayer
9229587c2d
avfilter/vf_unsharp_opencl: Use AV_VIDEO_MAX_PLANES
Related: CID1423281 Out-of-bounds read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:13 +02:00
Michael Niedermayer
e5c0f56ca0
avfilter/vf_tonemap_opencl: Dereference after NULL check
Fixes: CID1437472 Dereference before null check

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:13 +02:00
Michael Niedermayer
22ee55a1da
avfilter/af_surround: Check output format
Fixes: CID1516994 Out-of-bounds access
Fixes: CID1516996 Out-of-bounds access
Fixes: CID1516999 Out-of-bounds access

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:12 +02:00
Michael Niedermayer
43b62b7e0c
avfilter/vf_xfade_opencl: Check ff_inlink_consume_frame() for failure
Fixes: CID1458127 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-08-11 13:21:12 +02:00