1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Commit Graph

85 Commits

Author SHA1 Message Date
Michael Niedermayer
3ab1311aba avcodec/golomb: Consume invalid data in get_ur_golomb_jpegls()
Fixes slow loops on fuzzed data
Fixes: 245/fuzz-3-ffmpeg_AUDIO_AV_CODEC_ID_FLAC_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2016-12-08 02:47:47 +01:00
Hendrik Leppkes
b20fe650ef Merge commit '4024b566d664a4b161d677554be52f32e7ad4236'
* commit '4024b566d664a4b161d677554be52f32e7ad4236':
  golomb: Give svq3_get_se_golomb()/svq3_get_ue_golomb() better names

Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
2016-06-26 15:12:48 +02:00
Hendrik Leppkes
e2836397f1 Merge commit '52567e8198669a1e7493c75771613f87a90466c3'
* commit '52567e8198669a1e7493c75771613f87a90466c3':
  get_bits: Drop some TRACE-level debug code

Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
2016-06-26 14:19:48 +02:00
Diego Biurrun
4024b566d6 golomb: Give svq3_get_se_golomb()/svq3_get_ue_golomb() better names 2016-05-25 16:37:43 +02:00
Diego Biurrun
52567e8198 get_bits: Drop some TRACE-level debug code
It will not be provided by the new bit reader anyway.
2016-05-22 20:22:43 +02:00
Mark Harris
c51c08e0e7 avcodec: Use get_ue_golomb_long() when needed
get_ue_golomb() cannot decode values larger than 8190 (the maximum
value that can be golomb encoded in 25 bits) and produces the error
"Invalid UE golomb code" if a larger value is encountered.  Use
get_ue_golomb_long() instead (which supports 63 bits, up to 4294967294)
when valid h264/hevc values can exceed 8190.

This updates decoding of the following values:   (maximum)
  first_mb_in_slice                                36863* for level 5.2
  abs_diff_pic_num_minus1                         131071
  difference_of_pic_nums_minus1                   131071
  idr_pic_id                                       65535
  recovery_frame_cnt                               65535
  frame_packing_arrangement_id                4294967294
  frame_packing_arrangement_repetition_period      16384
  display_orientation_repetition_period            16384

An alternative would be to modify get_ue_golomb() to handle encoded
values of up to 49 bits as was done for get_se_golomb() in a92816c.
In that case get_ue_golomb() could continue to be used for all of
these except frame_packing_arrangement_id.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-12-29 13:11:51 +01:00
Andreas Cadhalpun
22e960ad47 golomb: always check for invalid UE golomb codes in get_ue_golomb
Also correct the check to reject log < 7, because UPDATE_CACHE only
guarantees 25 meaningful bits.

This fixes undefined behavior:
runtime error: shift exponent is negative

Testing with START/STOP timers in get_ue_golomb, one for the first
branch (A) and one for the second (B), shows that there is practically no
slowdown, e.g. for the cavs decoder:

With the check in the B branch:
    629 decicycles in get_ue_golomb B, 4194260 runs,     44 skips
    433 decicycles in get_ue_golomb A,268434102 runs,   1354 skips

Without the check:
    624 decicycles in get_ue_golomb B, 4194273 runs,     31 skips
    433 decicycles in get_ue_golomb A,268434203 runs,   1253 skips

Since the B branch is executed far less often than the A branch, this
change is negligible, even more so for the h264 decoder, where the ratio
B/A is a lot smaller.

Fixes: mozilla bug 1230239
Fixes: fbeb8b2c7c996e9b91c6b1af319d7ebc/asan_heap-oob_195450f_2743_e8856ece4579ea486670be2b236099a0.bit

Found-by: Tyson Smith
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
2015-12-14 20:51:39 +01:00
Michael Niedermayer
d0ac2f59aa avcodec/golomb: Remove disabled and broken code
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-19 03:25:53 +02:00
Michael Niedermayer
14c4b25158 avcodec/golomb: fix reading huge signed rice golomb values
No testcase is known, nor any case where such huge values would occur

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-17 19:36:38 +02:00
Michael Niedermayer
c720b9ce98 avcodec/golomb: get_ur_golomb_jpegls: Fix reading huge k values
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-05-17 19:36:32 +02:00
James Almer
ba625dd8a1 avcodec: use av_mod_uintp2() where useful
Reviewed-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: James Almer <jamrial@gmail.com>
2015-04-21 22:41:20 -03:00
Michael Niedermayer
8617bc6ffa avcodec/golomb: Fix undefined shifts in unsigned rice decoding code
Found-by: Clang -fsanitize=shift
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-11 16:47:13 +01:00
Zeng Zhaoxiu
02fc168c93 avcodec/golomb: cleanup
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-07 20:18:32 +01:00
zhaoxiu.zeng
b11a187575 avcodec/golomb: simplify sign conversion
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-14 00:41:45 +01:00
Michael Niedermayer
b0ae362a21 avcodec/golomb: use NULL for pointers instead of 0
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-12-05 20:27:04 +01:00
Michael Niedermayer
9e59a7be1c Merge commit '91d305790ea0f6fe0f54b48236da42181c39c18b'
* commit '91d305790ea0f6fe0f54b48236da42181c39c18b':
  get_bits: Rename HAVE_BITS_REMAINING --> BITS_AVAILABLE

Conflicts:
	libavcodec/golomb.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-09-02 22:18:12 +02:00
Diego Biurrun
91d305790e get_bits: Rename HAVE_BITS_REMAINING --> BITS_AVAILABLE
The HAVE_ prefix is reserved for macros set by configure.
2014-09-02 13:10:38 +02:00
Michael Niedermayer
30e159366e Merge remote-tracking branch 'qatar/master'
* qatar/master:
  golomb: Fix the implementation of get_se_golomb_long

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-03-30 03:03:28 +02:00
Martin Storsjö
508a84e672 golomb: Fix the implementation of get_se_golomb_long
This was only used in hevc muxing code so far.

This makes the return values match what get_se_golomb returns for
the same bitstream reader instances.

The logic for producing a signed golomb code out of an unsigned one
was based on the corresponding code in get_se_golomb, which operated
directly on the bitstream reader buffer - not on the equivalent
return value from get_ue_golomb.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
2014-03-30 00:28:27 +02:00
Michael Niedermayer
d79d5aed6d Merge commit '5eacbb53289570834f9a1acb15fd406ea224eef6'
* commit '5eacbb53289570834f9a1acb15fd406ea224eef6':
  golomb: Add a get_se_golomb_long

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-03-10 22:33:32 +01:00
Luca Barbato
5eacbb5328 golomb: Add a get_se_golomb_long
Useful in libavformat mostly.
2014-03-10 10:58:37 +01:00
Michael Niedermayer
caac12bd49 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  golomb: reduce scope of a few variables

Conflicts:
	libavcodec/golomb.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-10-24 10:44:42 +02:00
Vittorio Giovara
fb13fe8342 golomb: reduce scope of a few variables
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2013-10-24 02:04:34 +02:00
Michael Niedermayer
02a31f6a74 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  golomb: K&R formatting cosmetics

Conflicts:
	libavcodec/golomb.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-10-23 19:45:07 +02:00
Vittorio Giovara
2c993e8b5e golomb: K&R formatting cosmetics
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2013-10-23 13:17:23 +02:00
Michael Niedermayer
a92816c4eb get_se_golomb: fix decoding of very large values
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-02-09 01:17:41 +01:00
Michael Niedermayer
fd165ace7b golomb: check log validity before shifting
Fixes invalid right shift in fate-cavs

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-01-18 15:41:32 +01:00
Michael Niedermayer
5c076205a6 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  golomb: use unsigned arithmetics in svq3_get_ue_golomb()
  x86: float_dsp: fix loading of the len parameter on x86-32
  takdec: fix initialisation of LOCAL_ALIGNED array
  takdec: fix initialisation of LOCAL_ALIGNED array

Conflicts:
	libavcodec/rv30.c
	libavcodec/svq3.c
	libavcodec/takdec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-12-08 16:36:47 +01:00
Janne Grunau
9a2e79116d golomb: use unsigned arithmetics in svq3_get_ue_golomb()
This prevents undefined behaviour of signed left shift if the coded
value is larger than 2^31. Large values are most likely invalid and
caused errors or by feeding random.

Validate every use of svq3_get_ue_golomb() and changed the place there
the return value was compared with negative numbers. dirac.c was clean,
fixed rv30 and svq3.
2012-12-08 12:55:10 +01:00
Michael Niedermayer
31ab1575e5 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  avcodec: Convert some commented-out printf/av_log instances to av_dlog
  avcodec: Drop silly and/or broken printf debug output
  avcodec: Drop some silly commented-out av_log() invocations
  avformat: Convert some commented-out printf/av_log instances to av_dlog
  avformat: Remove non-compiling and/or silly commented-out printf/av_log statements
  Remove some silly disabled code.
  ac3dec: ensure get_buffer() gets a buffer for the correct number of channels

Conflicts:
	libavcodec/dnxhddec.c
	libavcodec/ffv1.c
	libavcodec/h264.c
	libavcodec/h264_parser.c
	libavcodec/mjpegdec.c
	libavcodec/motion_est_template.c
	libavcodec/mpegaudiodec.c
	libavcodec/mpegvideo_enc.c
	libavcodec/put_bits.h
	libavcodec/ratecontrol.c
	libavcodec/wmaenc.c
	libavdevice/timefilter.c
	libavformat/asfdec.c
	libavformat/avidec.c
	libavformat/avienc.c
	libavformat/flvenc.c
	libavformat/utils.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-10-01 16:12:38 +02:00
Diego Biurrun
6f6b0311a3 avcodec: Drop some silly commented-out av_log() invocations 2012-10-01 10:24:28 +02:00
Michael Niedermayer
2acb5cd907 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  libopus: Remap channels using libopus' internal remapping.
  Opus decoder using libopus
  avcodec: document the use of AVCodecContext.delay for audio decoding
  vc1dec: add flush function for WMV9 and VC-1 decoders
  http: Increase buffer sizes to cope with longer URIs
  nutenc: const correctness for ff_put_v_trace/put_s_trace function arguments
  h264_refs: Fix debug tprintf argument types
  golomb: const correctness for get_ue()/get_se() function arguments
  get_bits: const correctness for get_bits_trace()/get_xbits_trace() arguments

Conflicts:
	Changelog
	libavcodec/Makefile
	libavcodec/version.h
	libavformat/http.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-09-28 13:54:40 +02:00
Diego Biurrun
80412997c8 golomb: const correctness for get_ue()/get_se() function arguments 2012-09-27 19:10:10 +02:00
Justin Ruggles
4795362660 golomb: check remaining bits during unary decoding in get_ur_golomb_jpegls()
Fixes infinite loop in FLAC decoding in case of a truncated bitstream due to
the safe bitstream reader returning 0's at the end.

Fixes Bug 310.

CC:libav-stable@libav.org
2012-06-12 14:33:39 -04:00
Michael Niedermayer
28e4f906fa golomb: use av_assert
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-06-06 20:13:17 +02:00
Michael Niedermayer
b008ac18bb Merge remote-tracking branch 'qatar/master'
* qatar/master:
  docs: use -bsf:[vas] instead of -[vas]bsf.
  mpegaudiodec: Prevent premature clipping of mp3 input buffer.
  lavf: move the packet keyframe setting code.
  oggenc: free comment header for all codecs
  lcl: error out if uncompressed input buffer is smaller than framesize.
  mjpeg: abort decoding if packet is too large.
  golomb: use HAVE_BITS_REMAINING() macro to prevent infloop on EOF.
  get_bits: add HAVE_BITS_REMAINING macro.
  lavf/output-example: use new audio encoding API correctly.
  lavf/output-example: more proper usage of the new API.
  tiff: Prevent overreads in the type_sizes array.
  tiff: Make the TIFF_LONG and TIFF_SHORT types unsigned.
  apetag: do not leak memory if avio_read() fails
  apetag: propagate errors.
  SBR DSP x86: implement SSE sbr_hf_g_filt
  SBR DSP x86: implement SSE sbr_sum_square_sse
  SBR DSP: use intptr_t for the ixh parameter.

Conflicts:
	doc/bitstream_filters.texi
	doc/examples/muxing.c
	doc/ffmpeg.texi
	libavcodec/golomb.h
	libavcodec/x86/Makefile
	libavformat/oggenc.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-02-25 04:00:43 +01:00
Ronald S. Bultje
46b3fbc30b golomb: use HAVE_BITS_REMAINING() macro to prevent infloop on EOF.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-24 07:28:33 -08:00
Michael Niedermayer
bbb61a1cd5 Merge remote-tracking branch 'qatar/master'
* qatar/master: (22 commits)
  als: prevent infinite loop in zero_remaining().
  cook: prevent div-by-zero if channels is zero.
  pamenc: switch to encode2().
  svq1enc: switch to encode2().
  dvenc: switch to encode2().
  dpxenc: switch to encode2().
  pngenc: switch to encode2().
  v210enc: switch to encode2().
  xwdenc: switch to encode2().
  ttadec: use branchless unsigned-to-signed unfolding
  avcodec: add a Sun Rasterfile encoder
  sunrast: Move common defines to a new header file.
  cdxl: fix video decoding for some files
  cdxl: fix audio for some samples
  apetag: add proper support for binary tags
  ttadec: remove dead code
  swscale: make access to filter data conditional on filter type.
  swscale: update context offsets after removal of AlpMmxFilter.
  prores: initialise encoder and decoder parts only when needed
  swscale: make monowhite/black RGB-independent.
  ...

Conflicts:
	Changelog
	libavcodec/alsdec.c
	libavcodec/dpxenc.c
	libavcodec/golomb.h
	libavcodec/pamenc.c
	libavcodec/pngenc.c
	libavformat/img2.c
	libswscale/output.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-02-18 02:20:19 +01:00
Ronald S. Bultje
52e4018be4 flac: fix infinite loops on all-zero input or end-of-stream.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-16 17:08:29 -08:00
Ronald S. Bultje
c6643fddba golomb: avoid infinite loop on all-zero input (or end of buffer).
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-16 08:36:08 -08:00
Michael Niedermayer
964506bb97 golomb: Fix infinite loop in svq3_get_ue_golomb()
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2011-12-25 04:15:56 +01:00
Michael Niedermayer
fc739b79ad golomb: fix end of bitstream check
Fixes Ticket806
Bug found by Oana Stratulat

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2011-12-21 00:28:39 +01:00
Nir Ben David
083d9ba448 golomb: Fix overread in get_ur_golomb_jpegls()
Fixes Ticket600

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2011-11-10 23:09:44 +01:00
Michael Niedermayer
b81f8880e0 Merge remote-tracking branch 'qatar/master'
* qatar/master: (23 commits)
  fix AC3ENC_OPT_MODE_ON/OFF
  h264: fix HRD parameters parsing
  prores: implement multithreading.
  prores: idct sse2/sse4 optimizations.
  swscale: use aligned move for storage into temporary buffer.
  prores: extract idct into its own dspcontext and merge with put_pixels.
  h264: fix invalid shifts in init_cavlc_level_tab()
  intfloat_readwrite: fix signed addition overflows
  mov: do not misreport empty stts
  mov: cosmetics, fix for and if spacing
  id3v2: fix NULL pointer dereference
  mov: read album_artist atom
  mov: fix disc/track numbers and totals
  doc: fix references to obsolete presets directories for avconv/ffmpeg
  flashsv: return more meaningful error value
  flashsv: fix typo in av_log() message
  smacker: validate channels and sample format.
  smacker: check buffer size before reading output size
  smacker: validate number of channels
  smacker: Separate audio flags from sample rates in smacker demuxer.
  ...

Conflicts:
	cmdutils.h
	doc/ffmpeg.texi
	libavcodec/Makefile
	libavcodec/motion_est_template.c
	libavformat/id3v2.c
	libavformat/mov.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2011-10-12 05:40:57 +02:00
Mans Rullgard
fdba370f8a h264: fix HRD parameters parsing
The bit_rate_value_minus1 and cpb_size_value_minus1 elements
allow a wider range than get_ue_golomb() supports.  This
adds a get_ue_golomb_long() function supporting up to 31
leading zeros, which is the maximum for these syntax
elements, and uses it in decode_hrd_parameters().

Signed-off-by: Mans Rullgard <mans@mansr.com>
2011-10-11 18:24:51 +01:00
Mans Rullgard
2912e87a6c Replace FFmpeg with Libav in licence headers
Signed-off-by: Mans Rullgard <mans@mansr.com>
2011-03-19 13:33:20 +00:00
Diego Biurrun
ba87f0801d Remove explicit filename from Doxygen @file commands.
Passing an explicit filename to this command is only necessary if the
documentation in the @file block refers to a file different from the
one the block resides in.

Originally committed as revision 22921 to svn://svn.ffmpeg.org/ffmpeg/trunk
2010-04-20 14:45:34 +00:00
Lars Täuber
6fa6c481b9 Make get_ur_golomb capable of reading 16 bit values.
Patch by Lars Täuber: firstname taeuber gmx net

Originally committed as revision 19821 to svn://svn.ffmpeg.org/ffmpeg/trunk
2009-09-11 06:25:36 +00:00
Stefano Sabatini
9106a698e7 Rename bitstream.h to get_bits.h.
Originally committed as revision 18494 to svn://svn.ffmpeg.org/ffmpeg/trunk
2009-04-13 16:20:26 +00:00
Stefano Sabatini
b275500706 Split bitstream.h, put the bitstream writer stuff in the new file
put_bits.h.

Originally committed as revision 18461 to svn://svn.ffmpeg.org/ffmpeg/trunk
2009-04-12 08:35:26 +00:00