1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

101017 Commits

Author SHA1 Message Date
Michael Niedermayer
0af0a80cef avformat/wavdec: Check block_align vs. channels before combining them
Fixes: signed integer overflow: 65535 * 65312 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-6606935226974208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Michael Niedermayer
fd61b42b4c avformat/tta: Use 64bit intermediate for index
Fixes: signed integer overflow: 42032 * 51092 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_TTA_fuzzer-6679539648430080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Michael Niedermayer
b0588b73da avformat/soxdec: Check channels to be positive
Fixes: signed integer overflow: 32 * -1795162112 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_SOX_fuzzer-6724151473340416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Michael Niedermayer
f54aab94a3 avformat/smacker: Check for too small pts_inc
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_SMACKER_fuzzer-6705429132476416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Michael Niedermayer
92b1949191 avformat/sccdec: Use larger intermediate for ts/next_ts computation
Fixes: signed integer overflow: 92237203 * 33 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_SCC_fuzzer-6603769487949824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Michael Niedermayer
2a0d17c4d1 avcodec/cri: Use ff_set_dimensions()
Fixes: out of memory
Fixes: 29985/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CRI_fuzzer-6424425392111616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02 13:12:12 +01:00
Andreas Rheinhardt
e742bf3421 avcodec/aacps_fixed_tablegen: Don't include config.h
It is only valid for the target, not the host and therefore it must not
be included when building the tables when hardcoded tables are enabled.

Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-02-02 01:47:01 +01:00
Tomas Härdin
ff0618b5c4 avformat/mxf: Establish register of local tags
Tags can be marked "not used" upfront, saving some space in the primer.
av_asserts0() is used to enforce that only tags that are in the primer can actually be written.
Sharing of MasteringDisplay ULs is now done via macros.
2021-02-01 23:52:55 +01:00
Michael Niedermayer
5441699f83 avformat/sbgdec: Use av_sat_add64() in str_to_time()
Fixes: signed integer overflow: 7279992792120000000 + 4611686018427387904 cannot be represented in type 'long long'
Fixes: 29744/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6434060249464832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-01 19:03:53 +01:00
Piotr Uracz
7ceceee8b6 avcodec/aac_ac3_parser: fix channel information parsing in case decoder is disabled
Fixes #7372
2021-02-01 18:02:11 +01:00
Andreas Rheinhardt
ad2cc0e2f4 avformat/rtpdec: Avoid allocations of small dynamic buffers
Besides avoiding allocations this also fixes a design defect of
ff_rtp_send_punch_packets: It did not return an error in case of
these allocations failed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-31 21:26:44 +01:00
Paul B Mahol
459c6e8ab3 avfilter/vf_vibrance: add packed formats support 2021-01-31 20:55:23 +01:00
Paul B Mahol
98b0c0e44f avfilter/vf_colortemperature: add packed formats support 2021-01-31 20:55:23 +01:00
Paul B Mahol
aa8cf8fdee avfilter/vf_colortemperature: use macro for identical code 2021-01-31 20:55:23 +01:00
Michael Niedermayer
6de039823c avcodec/cscd: Check output len in zlib as in lzo
Fixes: Timeout (>10sec -> 134ms)
Fixes: 27245/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CSCD_fuzzer-575318210772992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-31 14:37:07 +01:00
Michael Niedermayer
869fe41d10 avcodec/vp3: Check input amount in theora_decode_header()
Fixes: Timeout
Fixes: 29226/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THEORA_fuzzer-6195092572471296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-31 14:37:07 +01:00
Michael Niedermayer
d7594ee751 avformat/wavdec: Check avio_get_str16le() for failure
Fixes: out of array access
Fixes: 29195/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5037853281222656

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-31 14:37:07 +01:00
Paul B Mahol
47be08640c avcodec/pnm: disable check for PFM as it is not needed 2021-01-31 14:06:07 +01:00
Gyan Doshi
d16b0a4bf0 ffmpeg: remove dead code for -vol
It is applied via configure_input_audio_filter()
2021-01-31 17:21:32 +05:30
Gyan Doshi
6c92557756 doc/ffmpeg: document apad option 2021-01-31 10:02:18 +05:30
Paul B Mahol
54de7dc372 avfilter/af_acrusher: add commands support 2021-01-30 23:53:38 +01:00
Paul B Mahol
633e344d96 avfilter/vf_lagfun: add support for commands 2021-01-30 17:28:26 +01:00
Paul B Mahol
f0dd5c00cb avfilter/vf_weave: add slice threading support 2021-01-30 17:00:35 +01:00
Paul B Mahol
0959f95a8e avfilter/vf_blackdetect: add slice threading support 2021-01-30 16:08:26 +01:00
Andreas Rheinhardt
44e27d937d avcodec/dolby_e: Avoid duplicating sample rate table
Set the sample rate when parsing the header instead and only copy the
value in the decoder and the parser.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-30 05:14:45 +01:00
Andreas Rheinhardt
7c27513d04 avcodec/dolby_e: Avoid code duplication when converting input
convert_input, a nontrivial auxiliary function used by both the general
parsing code as well as the decoder itself, has been duplicated in
c7016e35a624a75bb5b82bee932ddfe28d013b3f; this commit removes said
duplication.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-30 05:14:45 +01:00
Andreas Rheinhardt
8cbff41583 avcodec/dolby_e_parse: Merge ff_dolby_e_parse_init/header
These two functions are always called after another; after all, what
ff_dolby_e_parse_init does is obviously part of parsing the frame header.

Also move the DolbyEHeaderInfo into DBEContext so that parsing the frame
header only needs one struct (both users used a DBEContext immediately
followed by a separate DolbyEHeaderInfo).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-30 05:14:45 +01:00
Andreas Rheinhardt
fa3ab43fec avcodec/dolby_e_parser: Remove unused ParseContext
Parsers are not forced to use a ParseContext and the other stuff from
parser.h which is just designed to help parsers recombining frames. But
this parser does not do this at all, i.e. the ParseContext is unused.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-30 05:14:45 +01:00
Paul B Mahol
d43a27ab6f avfilter/vf_pseudocolor: allow more advanced presets 2021-01-29 23:42:24 +01:00
Paul B Mahol
50dd020f04 avfilter/vf_lut3d: add prism interpolation 2021-01-29 23:41:07 +01:00
Paul B Mahol
26a53519dc avfilter/vf_lut3d: add pyramid interpolation 2021-01-29 23:41:07 +01:00
Michael Niedermayer
9725d07a17 avformat/flvdec: Check for EOF in amf_skip_tag()
Fixes: Timeout
Fixes: 29070/clusterfuzz-testcase-minimized-ffmpeg_dem_KUX_fuzzer-5650106766458880

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
06e5c79194 avformat/asfdec_o: Check lang_idx
Fixes: index 26981 out of bounds for type 'ASFStreamData [128]'
Fixes: 27334/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-6197611002068992

Alternatively the array could be increased in size or the cases not fitting be ignored

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
8af299acde avformat/aiffdec: Check size before subtraction in get_aiff_header()
Fixes: Infinite loop
Fixes: 27235/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-5761398380167168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
c6edbf0090 avformat/utils: Use av_sat_sub64() in max_analyze_duration check
Fixes: signed integer overflow: 9223372036854710272 - -541165944832 cannot be represented in type 'long'
Fixes: 27000/clusterfuzz-testcase-minimized-ffmpeg_dem_IVF_fuzzer-5643670608674816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
d03f0ec9a1 avformat/electronicarts: More chunk_size checks
Fixes: Timeout
Fixes: 26909/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-6489496553783296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
386faeda5f avcodec/cfhd: check peak.offset
Fixes: signed integer overflow: -2147483648 - 4 cannot be represented in type 'int'
Fixes: 26907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5746202330267648

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Michael Niedermayer
b0f8586ca9 avformat/tedcaptionsdec: Check for overflow in parse_int()
Fixes: signed integer overflow: 1111111111111111111 * 10 cannot be represented in type 'long'
Fixes: 26892/clusterfuzz-testcase-minimized-ffmpeg_dem_TEDCAPTIONS_fuzzer-5756045055754240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-29 19:36:46 +01:00
Andreas Rheinhardt
bfdf03207b avcodec/vorbis_data: Move encoder-related table to its only user
Said table was unused in case libvorbis was disabled.

Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-29 15:49:54 +01:00
Andreas Rheinhardt
b91b04473a avcodec/fft_template: Avoid useless function
ff_init_ff_cos_tabs is only used for the floating point FFT and only
if hardcoded tables are disabled.

Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-29 15:38:31 +01:00
Andreas Rheinhardt
124e2a79e2 avfilter/drawutils: Remove remnants of old API
ff_fill_line_with_color and ff_draw_rectangle are unused since
19c8f2271423281c9b876b984076a6467c455904; ff_copy_rectangle
is unused since 53b7a3fe08.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-29 15:20:53 +01:00
Paul B Mahol
27b793b0cf avfilter/vf_blackdetect: add support for >8 depth formats 2021-01-29 14:40:56 +01:00
Paul B Mahol
8248f7b902 avfilter/vf_blackdetect: fix bug when no final log would be displayed 2021-01-29 14:40:56 +01:00
Paul B Mahol
0bcba12a55 avfilter/vf_blackdetect: use the name 's' for the pointer to the private context
This is consistent across filters and also is less typing.
2021-01-29 14:40:56 +01:00
Andreas Rheinhardt
d8b2fae3c7 avcodec/msmpeg4: Inline number of motion vectors
Both motion vector tables have the same number of elements, hence one
can inline said number and remove the field containing the number of
elements from the structure.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-29 06:28:24 +01:00
Andreas Rheinhardt
fbb81ea2c6 avcodec/msmpeg4dec: Don't check for errors for complete VLCs
This also affected other users of VLCs from msmpeg4dec, namely vc1_block
and wmv2dec.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-01-29 06:28:24 +01:00
Michael Niedermayer
a899d6ca10 avformat: Change avpriv_new_chapter() from O(n) to (1) in the common case
Fixes: timeout (slow -> 300ms)
Fixes: 28876/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5664824587583488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-28 21:08:35 +01:00
Michael Niedermayer
fc45d924d7 avformat/nuv: Check channels
Fixes: signed integer overflow: -3468545475927866368 * 4 cannot be represented in type 'long'
Fixes: 28879/clusterfuzz-testcase-minimized-ffmpeg_dem_NUV_fuzzer-6303367307591680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-28 21:08:11 +01:00
Michael Niedermayer
f3e4ebb007 avcodec/siren: Increase noise category 5 and 6
The entry read is not used in subsequent computation, thus its
value is not important.

Fixes: out of array read
Fixes: 28578/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SIREN_fuzzer-6332019122503680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-28 21:06:56 +01:00
Michael Niedermayer
e847cabb60 avcodec/siren: Factorize category 5 and 6 noise computation
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-28 21:06:55 +01:00