1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00

112593 Commits

Author SHA1 Message Date
Michael Niedermayer
cedb4736f5
avformat/asfdec_f: Saturate presentation time in marker
Fixes: signed integer overflow: -9223372036315799520 - 3873890816 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5009302746431488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:08 +02:00
Michael Niedermayer
fe6ce28d11
avformat/xwma: sanity check bits_per_coded_sample
Fixes: signed integer overflow: 65312 * 524296 cannot be represented in type 'int'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_XWMA_fuzzer-6595971445555200

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:07 +02:00
Michael Niedermayer
2d6df3719d
avformat/matroskadec: Check prebuffered_ns for overflow
Fixes: signed integer overflow: 9223372036630775808 + 1000000000 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-5406131992526848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:06 +02:00
Michael Niedermayer
929ddef3f4
avformat/wavdec: Check left avio_tell for overflow
Fixes: signed integer overflow: 155 + 9223372036854775655 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5364032278495232

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:05 +02:00
Michael Niedermayer
5f0d00464a
avformat/tta: Better totalframes check
Fixes: signed integer overflow: 4 * 740491135 cannot be represented in type 'int'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_TTA_fuzzer-6298893367508992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:04 +02:00
Michael Niedermayer
b3c973acbe
avformat/rpl: Check for number_of_chunks overflow
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int32_t' (aka 'int')
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-6086131095830528

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:02 +02:00
Michael Niedermayer
3508b496e1
avformat/mov: compute absolute dts difference without overflow in mov_find_next_sample()
Fixes: signed integer overflow: -9223372036854775808 - 9222726413022000000 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5959420033761280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:01 +02:00
Michael Niedermayer
51f0ab8b12
avformat/jacosubdec: Check timeres
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:36:00 +02:00
Michael Niedermayer
32447b149f
avformat/jacosubdec: avoid signed integer overflows in get_shift()
Fixes: signed integer overflow: 22014562800 * 934633746 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-5189603246866432

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:35:59 +02:00
Michael Niedermayer
6490b9aed6
avformat/jacosubdec: Factorize code in get_shift() a bit
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 21:34:55 +02:00
Vignesh Venkatasubramanian via ffmpeg-devel
9132a0fbe2
avformat/mov: Disallow more than one meta box for AVIF
This is not allowed per the spec.

Signed-off-by: Vignesh Venkatasubramanian <vigneshv@google.com>
Reviewed-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 18:56:34 +02:00
Michael Niedermayer
9b00b5734d
avformat/sbgdec: Check for negative duration or un-representable end pts
Fixes: signed integer overflow: 9230955872951340 - -9223372036854775808 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6330481893572608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2023-10-08 18:56:27 +02:00
Andreas Rheinhardt
c7fb4d0eb6 avcodec/nvdec: Use RefStruct API for decoder_ref
Avoids allocations and error checks as well as the boilerplate
code for creating an AVBuffer with a custom free callback.
Also increases type safety.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Tested-by: Timo Rothenpieler <timo@rothenpieler.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:36:21 +02:00
Andreas Rheinhardt
2ec62b1ca6 avcodec/pthread_frame: Use RefStruct API for ThreadFrame.progress
Avoids allocations and error checks and allows to remove
cleanup code for earlier allocations. Also avoids casts
and indirections.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:36:04 +02:00
Andreas Rheinhardt
452089ee23 avcodec/hevcdec: Use RefStruct API for RefPicListTab buffer
Given that the RefStruct API relies on the user to know
the size of the objects and does not provide a way to get it,
we need to store the number of elements allocated ourselves;
but this is actually better than deriving it from the size
in bytes.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:35:56 +02:00
Andreas Rheinhardt
6695c0af0e avcodec/vulkan_decode: Use RefStruct API for shared_ref
Avoids allocations, error checks and indirections.
Also increases type-safety.

Reviewed-by: Lynne <dev@lynne.ee>
Tested-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:35:50 +02:00
Andreas Rheinhardt
f8252d6ce3 avcodec/decode: Use RefStruct API for hwaccel_picture_private
Avoids allocations and therefore error checks: Syncing
hwaccel_picture_private across threads can't fail any more.
Also gets rid of an unnecessary pointer in structures and
in the parameter list of ff_hwaccel_frame_priv_alloc().

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Reviewed-by: Lynne <dev@lynne.ee>
Tested-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:35:22 +02:00
Andreas Rheinhardt
3ba4f9c21e avcodec/cbs_sei: Use RefStruct API for SEI messages
The SEI message code uses the AVBuffer API for its SEI messages
and contained buffers (like the extension buffer for HEVC
or the user data (un)registered payload buffers).

Contrary to the ordinary CBS code (where some of these
contained buffer references are actually references
to the provided AVPacket's data so that one can't replace
them with the RefStruct API), the CBS SEI code never uses
outside buffers at all and can therefore be switched entirely
to the RefStruct API. This avoids the overhead inherent
in the AVBuffer API (namely the separate allocations etc.).

Notice that the refcounting here is actually currently unused;
the refcounts are always one (or zero in case of no refcounting);
its only advantage is the flexibility provided by custom
free functions.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:35:14 +02:00
Andreas Rheinhardt
3e9b8d14e5 avcodec/cbs: Use RefStruct-API for unit content
This avoids allocations and error checks etc. as well
as duplicate pointer lists in the CodedBitstreamFooContexts.
It also avoids casting const away for use as opaque,
as the RefStruct API supports const opaques.

The fact that some of the units are not refcounted
(i.e. they are sometimes part of an encoding context
like VAAPIEncodeH264Context) meant that CodedBitstreamUnit
still contains two pointers, one to the content
and another ownership pointer, replacing the AVBufferRef* pointer.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:35:05 +02:00
Andreas Rheinhardt
56dd585146 avcodec/refstruct: Allow checking for exclusive ownership
This is the analog of av_buffer_is_writable();
it will be used in the next commit.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:57 +02:00
Andreas Rheinhardt
61bc8764d4 avcodec/dovi_rpu: Use RefStruct API for Vdr data
It avoids allocations and the corresponding error checks.
Also avoids casts and indirections.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:49 +02:00
Andreas Rheinhardt
05f557b259 avcodec/wavpack: Use RefStruct API for DSD context
It avoids allocations and the corresponding error checks.
It also avoids indirections and casts.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:43 +02:00
Andreas Rheinhardt
e1ba00ac8f avcodec/vp8: Use RefStruct API for seg_map
Avoids allocations and error checks when syncing the buffers.
Also avoids indirections.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:36 +02:00
Andreas Rheinhardt
2db94a96c8 avcodec/hevc_ps: Use RefStruct API for parameter sets
Avoids allocations and error checks for these allocations;
e.g. syncing buffers across threads can't fail any more
and needn't be checked. It also gets rid of casts and
indirections.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:28 +02:00
Andreas Rheinhardt
787351a68e avcodec/h264_ps: Use RefStruct API for SPS/PPS
Avoids allocations and error checks for these allocations;
e.g. syncing buffers across threads can't fail any more
and needn't be checked. It also avoids having to keep
H264ParamSets.pps and H264ParamSets.pps_ref and PPS.sps
and PPS.sps_ref in sync and gets rid of casts and indirections.

(The removal of these checks and the syncing code even more
than offset the additional code for RefStruct.)

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:20 +02:00
Andreas Rheinhardt
78c9ed26b6 avcodec/get_buffer: Use RefStruct API for FramePool
Avoids allocations and frees and error checks for said allocations;
also avoids a few indirections and casts.

Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:34:10 +02:00
Andreas Rheinhardt
9281dcb801 avcodec/refstruct: Add simple API for refcounted objects
For now, this API is supposed to replace all the internal uses
of reference counted objects in libavcodec; "internal" here
means that the object is created in libavcodec and is never
put directly in the hands of anyone outside of it.

It is intended to be made public eventually, but for now
I enjoy the ability to modify it freely.

Several shortcomings of the AVBuffer API motivated this API:
a) The unnecessary allocations (and ensuing error checks)
when using the API. Besides the need for runtime checks it
imposes upon the developer the burden of thinking through
what happens in case an error happens. Furthermore, these
error paths are typically not covered by FATE.
b) The AVBuffer API is designed with buffers and not with
objects in mind: The type for the actual buffers used
is uint8_t*; it pretends to be able to make buffers
writable, but this is wrong in case the buffer is not a POD.
Another instance of this thinking is the lack of a reset
callback in the AVBufferPool API.
c) The AVBuffer API incurs unnecessary indirections by
going through the AVBufferRef.data pointer. In case the user
tries to avoid this indirection and stores a pointer to
AVBuffer.data separately (which also allows to use the correct
type), the user has to keep these two pointers in sync
in case they can change (and in any case has two pointers
occupying space in the containing context). See the following
commit using this API for H.264 parameter sets for an example
of the removal of such syncing code as well as the casts
involved in the parts where only the AVBufferRef* pointer
was stored.
d) Given that the AVBuffer API allows custom allocators,
creating refcounted objects with dedicated free functions
often involves a lot of boilerplate like this:
obj = av_mallocz(sizeof(*obj));
ref = av_buffer_create((uint8_t*)obj, sizeof(*obj), free_func, opaque, 0);
if (!ref) {
    av_free(obj);
    return AVERROR(ENOMEM);
}
(There is also a corresponding av_free() at the end of free_func().)
This is now just
obj = ff_refstruct_alloc_ext(sizeof(*obj), 0, opaque, free_func);
if (!obj)
    return AVERROR(ENOMEM);
See the subsequent patch for the framepool (i.e. get_buffer.c)
for an example.

This API does things differently; it is designed to be lightweight*
as well as geared to the common case where the allocator of the
underlying object does not matter as long as it is big enough and
suitably aligned. This allows to allocate the user data together
with the API's bookkeeping data which avoids an allocation as well
as the need for separate pointers to the user data and the API's
bookkeeping data. This entails that the actual allocation of the
object is performed by RefStruct, not the user. This is responsible
for avoiding the boilerplate code mentioned in d).

As a downside, custom allocators are not supported, but it will
become apparent in subsequent commits that there are enough
usecases to make it worthwhile.

Another advantage of this API is that one only needs to include
the relevant header if one uses the API and not when one includes
the header or some other component that uses it. This is because there
is no RefStruct type analog of AVBufferRef. This brings with it
one further downside: It is not apparent from the pointer itself
whether the underlying object is managed by the RefStruct API
or whether this pointer is a reference to it (or merely a pointer
to it).

Finally, this API supports const-qualified opaque pointees;
this will allow to avoid casting const away by the CBS code.

*: Basically the only exception to the you-only-pay-for-what-you-use
rule is that it always uses atomics for the refcount.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-07 22:33:32 +02:00
Rémi Denis-Courmont
eb73d178ea lavu/fixed_dsp: R-V V scalarproduct 2023-10-07 17:45:39 +03:00
Paul B Mahol
71716406e6 avformat/wavdec: w64: do not error out for broken files if data start is found
Also attempt to fix invalid block_align value.
2023-10-07 11:19:54 +02:00
Paul B Mahol
84e0e2f43e avcodec/mlpenc: rename some variables related to thd
Remove warning message that is no longer needed.
2023-10-07 11:19:53 +02:00
Andreas Rheinhardt
4c422de1db avcodec/mpegvideo: Move allocating new_picture to the encoder
It is only used by encoders; this unfortunately necessitated
to add separate allocations to the SVQ1 encoder which uses
motion estimation without being a full member of mpegvideo.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-06 20:47:53 +02:00
James Almer
27fcc8dd9f fftools/ffplay: stop injecting stream side data in packets
This is no longer needed as the side data is available for decoders in the
AVCodecContext.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:19 -03:00
James Almer
d372c2f3d3 fftools/ffmpeg: stop injecting stream side data in packets
This is no longer needed as the side data is available for decoders in the
AVCodecContext.
The tests affected reflect the removal of useless CPB and Stereo 3D side
data in packets.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:19 -03:00
James Almer
ae22271620 avcodec/decode: propagate global side data to frames
The changed references for fate-hevc-dv-rpu fate-mov-zombie happen because,
unlike ffmpeg and ffplay, ffprobe never injected packet side data, so the
display matrix side data at the container level is now present in the output
frames.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:18 -03:00
James Almer
804be7f9e3 avcodec/hevcdec: check for DOVI configuration record in AVCodecContext side data
Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:18 -03:00
James Almer
d76b0c4a35 fftools/ffprobe: stop using AVStream.side_data
Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:18 -03:00
James Almer
235a66a143 fftools/ffplay: stop using AVStream.side_data
Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:18 -03:00
James Almer
3fd37b5268 fftools/ffmpeg: stop using AVStream.side_data
Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:11:00 -03:00
James Almer
e500eb5a95 avcodec/packet: add some documentation for AVPacketSideData
Explaining what or who may use it, and in what scenarios.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:04:02 -03:00
James Almer
5432d2aaca avformat/avformat: use the side data from AVStream.codecpar
Deprecate AVStream.side_data and its helpers in favor of the AVStream's
codecpar.coded_side_data.

This will considerably simplify the propagation of global side data to decoders
and from encoders. Instead of having to do it inside packets, it will be
available during init().
Global and frame specific side data will therefore be distinct.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 10:03:57 -03:00
James Almer
21d7cc6fa9 avcodec/codec_par: add side data to AVCodecParameters
This will simplify the propagation of side data to decoders and from encoders.
Global side data will now reside in the AVCodecContext, thus be available
during init(), removing the need to propagate it inside packets.

Global and frame specific side data will therefore be distinct.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 09:56:41 -03:00
James Almer
74279227dd avcodec/packet: add generic side data helpers
Handling AVPacketSideData directly, which can used on structs other than
AVPacket.
This will be useful in the following commits.

Signed-off-by: James Almer <jamrial@gmail.com>
2023-10-06 09:53:22 -03:00
Andreas Rheinhardt
f62c441e7a avfilter/vulkan_filter: Remove unused label
Unused since 81cc0e13455baa5e6547df40dc5961d415d6fcd2.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2023-10-06 12:28:45 +02:00
Paul B Mahol
d58e0af55c avcodec/mlpdec: set extended_substream_info from header
To be used later.
2023-10-06 11:31:03 +02:00
Stefano Sabatini
00eb4966aa doc/encoders/libopus: clarify lowdelay and cutoff options
Extend descriptions for the application=lowdelay and cutoff options.
Based on notes by Mingye Wang.

Address issues:
http://trac.ffmpeg.org/ticket/10330
http://trac.ffmpeg.org/ticket/10343
2023-10-06 09:49:47 +02:00
Stefano Sabatini
7449a00d2d doc/encoders/libxvid: fix references for me_quality option
Drop reference to constants removed in 94eed68ace9f2416af8.

In particular, rename me_method to me_quality and add description for
supported values.

Address trac issue:
http://trac.ffmpeg.org/ticket/10003
2023-10-06 09:49:47 +02:00
Stefano Sabatini
d0f071dfe7 doc/encoders/libx264: clarify meaning of level option
In particular, clarify that it can either be set as a field of
AVCodecContext or as an x264 option, using a different specification.

Should address trac issue:
http://trac.ffmpeg.org/ticket/3947
2023-10-06 09:49:47 +02:00
Stefano Sabatini
6f421d9d4e lavc: clarify meaning of avctx.level option 2023-10-06 09:49:47 +02:00
Leo Izen
f7ac3512f5
avcodec/jpegxl_parser: fix various memory issues
The spec caps the prefix alphabet size to 32768 (i.e. 1 << 15) so we
should check for that and reject alphabets that are too large, in order
to prevent over-allocating.

Additionally, there's no need to allocate buffers that are as large as
the maximum alphabet size as these aren't stack-allocated, they're heap
allocated and thus can be variable size.

Added an overflow check as well, which fixes leaking the buffer, and
capping the alphabet size fixes two potential overruns as well.

Fixes: out of array access
Fixes: 62089/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-
    5437089094959104.fuzz

Found-by: continuous fuzzing process
    https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Found-by: Hardik Shah of Vehere (Dawn Treaders team)
Co-authored-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Leo Izen <leo.izen@gmail.com>
2023-10-05 19:28:55 -04:00
Leo Izen
ec74553205
avcodec/jpegxl_parser: add some icc profile checks
This patch will cause the parser to abort if it detects an icc profile
with an invalid size. This is particularly important if the icc profile
is entropy-encoded with zero bits per symbol, as it can prevent a
seemingly infinite loop during parsing.

Fixes: infinite loop
Fixes: 62374/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer
    -5551878085410816

Found-by: continuous fuzzing process
    https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reported-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Leo Izen <leo.izen@gmail.com>
2023-10-05 19:28:50 -04:00