1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

103177 Commits

Author SHA1 Message Date
Michael Niedermayer
7971f62120 avfilter/vf_yadif: Fix handing of tiny images
Fixes: out of array access
Fixes: Ticket8240
Fixes: CVE-2020-22021

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Michael Niedermayer
82ad1b7675 avfilter/vf_vmafmotion: Check dimensions
Fixes: out of array access
Fixes: Ticket8241
Fixes: Ticket8246
Fixes: CVE-2020-22019
Fixes: CVE-2020-22033

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Michael Niedermayer
4c1afa2925 avformat/movenc: Check pal_size before use
Fixes: assertion failure
Fixes: out of array read
Fixes: Ticket8190
Fixes: CVE-2020-22015

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Michael Niedermayer
38d18fb578 avcodec/lpc: Avoid floating point division by 0
Fixes: Ticket7996
Fixes: CVE-2020-20445

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Michael Niedermayer
223b5e8ac9 avcodec/aacpsy: Avoid floating point division by 0 of norm_fac
Fixes: Ticket7995
Fixes: CVE-2020-20446

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Michael Niedermayer
a7a7f32c8a avcodec/aacenc: Avoid 0 lambda
Fixes: Ticket8003
Fixes: CVE-2020-20453

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-29 20:14:24 +02:00
Oneric
3300625c6f avfilter/vf_subtitles: allow using embedded fonts
ASS subtitles can have encoded fonts embedded into the subtitle file
itself. Allow libass to load those, to render subs as intended.
2021-05-29 11:32:23 +05:30
Jin Bo
ebedd26eef libavcodec/mips: Fix specification of instruction name
1.'xor,or,and' to 'pxor,por,pand'. In the case of operating FPR,
  gcc supports both of them, clang only supports the second type.
2.'dsrl,srl' to 'ssrld,ssrlw'. In the case of operating FPR, gcc
  supports both of them, clang only supports the second type.

Signed-off-by: Jin Bo <jinbo@loongson.cn>
Reviewed-by: yinshiyou-hf@loongson.cn
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-28 17:31:21 +02:00
Shubhanshu Saxena
e41255cddb lavfi/dnn_backend_openvino.c: Correct Pointer Type while Freeing
This commit corrects the type of pointer of elements from the
inference queue in ff_dnn_free_model_ov.

Signed-off-by: Shubhanshu Saxena <shubhanshu.e01@gmail.com>
2021-05-28 08:40:07 +08:00
Tom Boshoven
8205f32663 avfilter/yadif: Fix time base for large denominators
This fixes an issue where the yadif filter could cause the timebase denominator to overflow.

Signed-off-by: Tom Boshoven <tom@jwplayer.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:43:40 +02:00
Michael Niedermayer
26d3c81bc5 avcodec/exr: More strictly check dc_count
Fixes: out of array access
Fixes: exr/deneme

Found-by: Burak Çarıkçı <burakcarikci@crypttech.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:43:40 +02:00
Michael Niedermayer
48342aa075 avcodec/exr: x/ymax cannot be INT_MAX
The code uses x/ymax + 1 so the maximum is INT_MAX-1

Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 33158/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5545462457303040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:43:40 +02:00
Michael Niedermayer
b752d195cc avcodec/error_resilience: cleanup mpeg2 handling
After this, the loop for the mpeg2 case is only executed when needed

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:41:36 +02:00
Michael Niedermayer
f8611ae1ef avformat/avio: Check av_opt_copy() for failure
Fixes: CID1477416 Unchecked return value

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:41:36 +02:00
Michael Niedermayer
36a3a5050a avformat/moflex: Remove unneeded format variable
Fixes: CID1477423 Uninitialized scalar variable

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-05-27 17:41:04 +02:00
James Almer
918fc9a0ed avutil/mem: check for max_alloc_size in av_fast_malloc()
This puts av_fast_malloc*() in line with av_fast_realloc().

Signed-off-by: James Almer <jamrial@gmail.com>
2021-05-27 10:29:59 -03:00
James Almer
786be70e28 avutil/mem: make ff_fast_malloc() internal to mem.c
Signed-off-by: James Almer <jamrial@gmail.com>
2021-05-27 10:29:52 -03:00
James Almer
e44cb7363f avcodec/utils: don't use ff_fast_mallocz() in av_fast_padded_malloc()
It will be removed in the next commit.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-05-27 10:28:32 -03:00
Ting Fu
7a879cce37 libavfilter: vf_drawtext filter support draw text with detection bounding boxes in side_data
This feature can be used with dnn detection by setting vf_drawtext's option
text_source=side_data_detection_bboxes, for example:
./ffmpeg -i face.jpeg -vf dnn_detect=dnn_backend=openvino:model=face-detection-adas-0001.xml:\
input=data:output=detection_out:labels=face-detection-adas-0001.label,drawbox=box_source=
side_data_detection_bboxes,drawtext=text_source=side_data_detection_bboxes:fontcolor=green:\
fontsize=40, -y face_detect.jpeg
Please note, the default fontsize of vf_drawtext is 12, which may be too
small to be seen clearly.

Signed-off-by: Ting Fu <ting.fu@intel.com>
2021-05-26 08:58:27 +08:00
Ting Fu
f444be643e libavfilter: vf_drawbox filter support draw box with detection bounding boxes in side_data
This feature can be used with dnn detection by setting vf_drawbox's
option box_source=side_data_detection_bboxes, for example:
./ffmpeg -i face.jpeg -vf dnn_detect=dnn_backend=openvino:model=face-detection-adas-0001.xml:\
input=data:output=detection_out:labels=face-detection-adas-0001.label,\
drawbox=box_source=side_data_detection_bboxes -y face_detect.jpeg

Signed-off-by: Ting Fu <ting.fu@intel.com>
2021-05-26 08:58:27 +08:00
Ting Fu
9921ae8a5d lavfi/drawbox: refine code
Extract common code of filter_frame() and drawgrid_filter_frame() to draw_region().

Signed-off-by: Ting Fu <ting.fu@intel.com>
2021-05-26 08:58:27 +08:00
Guo, Yejun
4c705a2775 lavfi/dnn: refine code to separate processing and detection in backends 2021-05-24 09:09:34 +08:00
Guo, Yejun
cde6d0288f lavfi/dnn_filter_common.h: make filter option 'options' as deprecated
we'd use 'backend_configs' to avoid confusion.
2021-05-24 08:44:58 +08:00
James Almer
be96f4b616 avutil/mem: make max_alloc_size an atomic type
Signed-off-by: James Almer <jamrial@gmail.com>
2021-05-23 11:26:22 -03:00
Andreas Rheinhardt
3abdf0efac avcodec/libxavs2: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:17:13 +02:00
Andreas Rheinhardt
7a3613696d avcodec/sbcenc: Avoid copying packet data, allow user-supplied buffers
When the packet size is known in advance like here, one can avoid
an intermediate buffer for the packet data by using
ff_get_encode_buffer() and also set AV_CODEC_CAP_DR1 at the same time.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:16:31 +02:00
Andreas Rheinhardt
250d8661ab avcodec/pngenc: Avoid copying APNG data, allow user-supplied buffer
The APNG encoder already uses internal buffers, so that the packet size
is already known before allocating the packet; therefore one can avoid
another (implicit) intermediate buffer by switching to
ff_get_encode_buffer(), thereby also supporting user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:15:57 +02:00
Andreas Rheinhardt
aaefb84b04 avcodec/pngenc: Remove always-true check
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:14:44 +02:00
Andreas Rheinhardt
5abb5c0415 avcodec/flacenc: Avoid copying packet data, allow user-supplied buffers
The FLAC encoder calculates the size in advance, so one can avoid
an intermediate buffer for the packet data by using
ff_get_encode_buffer() and also set AV_CODEC_CAP_DR1 at the same time.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:12:57 +02:00
Andreas Rheinhardt
314c086a85 avcodec/pamenc: Avoid copying packet data, allow user-supplied buffers
When the packet size is known in advance like here, one can avoid
an intermediate buffer for the packet data by using
ff_get_encode_buffer() and also set AV_CODEC_CAP_DR1 at the same time.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:10:41 +02:00
Andreas Rheinhardt
981c4caed3 avcodec/pnmenc: Avoid intermediate buffer, allow user-supplied buffers
For all p*m encoders a very sharp upper bound for the size of the
output packets is available before the packet is allocated. This can
be used to avoid an intermediate buffer when encoding by using
ff_get_encode_buffer() instead of ff_alloc_packet2() (without min_size);
this also adds support for user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:08:30 +02:00
Andreas Rheinhardt
ea2ec1dfae avcodec/libxavs: Improve returned error codes
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:07:49 +02:00
Andreas Rheinhardt
4085cfc944 avcodec/libxavs: Avoid overallocating, copying packet data
When the packet size is known in advance like here, one can avoid
an intermediate buffer for the packet data; also, there is no reason
to add AV_INPUT_BUFFER_MIN_SIZE to the packet size any more, as the
actually needed packet size can be easily calculated: It is three bytes
more than the raw nal size per NALU.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 15:03:37 +02:00
Andreas Rheinhardt
a4b3343278 avcodec/libx265: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:59:15 +02:00
Andreas Rheinhardt
9c4f2bc3bf avcodec/libx264: Avoid copying data, allow user-supplied buffers
Here the packet size is known before allocating the packet because
the encoder provides said information (and works with internal buffers
itself), so one can use this information to avoid the implicit use of
another intermediate buffer for the packet data; and by switching to
ff_get_encode_buffer() one can also allow user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:57:43 +02:00
Andreas Rheinhardt
cfff94b7f8 avcodec/libwebpenc_animencoder: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:56:35 +02:00
Andreas Rheinhardt
ad26efbf52 avcodec/libwebpenc: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:54:18 +02:00
Andreas Rheinhardt
e099a29f5a avcodec/libvpxenc: Avoid one level of indentation
Reviewed-by: James Almer <jamrial@gmail.com>
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:52:34 +02:00
Andreas Rheinhardt
3280c6f938 avcodec/libvpxenc: Avoid copying data, allow user-supplied buffers
Here the packet size is known before allocating the packet because
the encoder provides said information (and works with internal buffers
itself), so one can use this information to avoid the implicit use of
another intermediate buffer for the packet data; and by switching to
ff_get_encode_buffer() one can also allow user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:50:46 +02:00
Andreas Rheinhardt
d8e66ec1d7 avcodec/libvorbisenc: Avoid copying data, allow user-supplied buffers
Here the packet size is known before allocating the packet because
the encoder provides said information (and works with internal buffers
itself), so one can use this information to avoid the implicit use of
another intermediate buffer for the packet data; and by switching to
ff_get_encode_buffer() one can also allow user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:49:45 +02:00
Andreas Rheinhardt
6ba55e9652 avcodec/libtheoraenc: Avoid copying data, allow user-supplied buffers
Here the packet size is known before allocating the packet because
the encoder provides said information (and works with internal buffers
itself), so one can use this information to avoid the implicit use of
another intermediate buffer for the packet data; and by switching to
ff_get_encode_buffer() one can also allow user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:47:49 +02:00
Andreas Rheinhardt
6564ab0e01 avcodec/libshine: Avoid copying data, allow user-supplied buffer
The libshine encoder already uses an internal buffer, so that the
packet size is already known before allocating the packet; therefore
one can avoid another (implicit) intermediate buffer by switching
to ff_get_encode_buffer(), thereby also supporting user-supplied
buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:44:13 +02:00
Andreas Rheinhardt
0812a60fee avcodec/libopenh264enc: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:43:32 +02:00
Andreas Rheinhardt
c59398970b avcodec/libmp3lame: Avoid copying data, allow user-supplied buffer
The libmp3lame encoder already uses an internal buffer, so that the
packet size is already known before allocating the packet; therefore
one can avoid another (implicit) intermediate buffer by switching
to ff_get_encode_buffer(), thereby also supporting user-supplied
buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:42:54 +02:00
Andreas Rheinhardt
95c8a859d9 avcodec/libkvazaar: Allow user-supplied buffers
Here the packet size is known before allocating the packet,
so that supporting user-supplied buffers is trivial.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:42:22 +02:00
Andreas Rheinhardt
91567c28fc avcodec/libgsmenc: Avoid copying packet data, allow user-supplied buffers
When the packet size is known in advance like here, one can avoid
an intermediate buffer for the packet data by using
ff_get_encode_buffer() and also set AV_CODEC_CAP_DR1 at the same time.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:42:02 +02:00
Andreas Rheinhardt
398822a70e avcodec/libcodec2: Avoid copying packet data, allow user-supplied buffers
When the packet size is known in advance like here, one can avoid
an intermediate buffer for the packet data by using
ff_get_encode_buffer() and also set AV_CODEC_CAP_DR1 at the same time.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:41:28 +02:00
Andreas Rheinhardt
044daa7c45 avcodec/libaomenc: Avoid copying data, allow user-supplied buffers
Here the packet size is known before allocating the packet because
the encoder provides said information (and works with internal buffers
itself), so one can use this information to avoid the implicit use of
another intermediate buffer for the packet data; and by switching to
ff_get_encode_buffer() one can also allow user-supplied buffers.

Reviewed-by: James Almer <jamrial@gmail.com>
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:39:51 +02:00
Andreas Rheinhardt
c685249ff8 avcodec/audiotoolboxenc: Remove AV_CODEC_CAP_DR1
It has been added in 2016 when this flag made no sense for encoders at
all; now that it makes sense, audiotoolboxenc doesn't support it,
despite claiming to do so.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 14:38:15 +02:00
Andreas Rheinhardt
a0ab83bf93 avfilter/vf_guided: Don't needlessly copy properties, fix potential NPD
ref_frame is owned by the framesync structure and should therefore not
be modified; furthermore, these properties that are copied don't seem to
be used at all, so copying is unnecessary. Finally copying when the
destination frame is NULL gives a guaranteed segfault.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2021-05-23 13:42:16 +02:00