1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

96022 Commits

Author SHA1 Message Date
Andreas Rheinhardt
86e9747c63 avformat/iff: Use ff_alloc_extradata
Besides improved readability it also zeroes the padding which has been
forgotten here.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-11 16:24:16 +01:00
Andreas Rheinhardt
a6d292b954 avformat/flvenc: Don't reimplement ff_alloc_extradata
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-11 16:24:16 +01:00
Andreas Rheinhardt
91f775e0c5 avformat/apc: Remove unnecessary resetting of flags
The packet a demuxer receives is freshly initialized, hence it is
unnecessary to reset any flags on them (as none are set), yet apc did
this.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-11 16:24:16 +01:00
Gyan Doshi
78676ee8f8 avfilter/scale_eval: remove redundant mathematical constants
Even though removed from vf_scale in 3b316f9f22, they were reintroduced
when scale.c, now scale_eval.c, was split off in 037bb4021c
2019-12-11 16:08:53 +05:30
Steven Liu
4110029e56 avformat/cache: rename the class name fro Cache to cache
liuqideMacBook-Pro:build liuqi$ ffmpeg --help full | grep cache
cannot find cache protocol options.

after patch:
bogon:dash liuqi$ ./ffmpeg --help full | grep cache
cache AVOptions:
can find the cache AVOptions after patch.

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-12-11 15:22:24 +08:00
Steven Liu
ed89763336 avformat/hlsenc: remove duplicate code block
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-12-11 15:19:19 +08:00
Jun Zhao
4eae85a82f lavf/tls_openssl: support both pre-1.1.0 and post-1.1.0 init
supporting both pre-1.1.0 and post-1.1.0 version of the OpenSSL
library as the link:
https://wiki.openssl.org/index.php/Library_Initialization

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-12-11 14:48:18 +08:00
macweng
e3c732bb0c configure: add OPENSSL_init_ssl check if pkg-config fail
fix when pkg-config fail and openssl > 1.1.0 --enable-openssl fail,
the root cause is check_lib can't found the SSL_library_init().

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: macweng <macweng@tencent.com>
2019-12-11 14:46:53 +08:00
Jun Zhao
952fd0c768 lavf/libsrt: enable other encryption parameters
Enable the SRTO_ENFORCEDENCRYPTION/SRTO_KMREFRESHRATE/
SRTO_KMPREANNOUNCE for srt encryption control.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-12-11 14:23:26 +08:00
Jun Zhao
8d823e6005 lavf/libsrt: add linger parameter to libsrt
add linger parameter to libsrt, it's setting the number of seconds
that the socket waits for unsent data when closing.

Reviewed-by: Andriy Gelman <andriy.gelman@gmail.com>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-12-11 14:23:26 +08:00
Fei Wang
1ea44178f5 avcodec/cbs_av1: avoid reading trailing bits when obu type is OBU_TILE_LIST
Signed-off-by: Fei Wang <fei.w.wang@intel.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-10 23:39:16 -03:00
Michael Niedermayer
7e665e4a81 avformat/rmdec: Initialize and sanity check offset in ivr_read_header()
Fixes: signed integer overflow: -9223372036854775808 - 17 cannot be represented in type 'long'
Fixes: 18768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5674385247830016

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Limin Wang
8558c231fb swscale/swscale_unscaled: add AV_PIX_FMT_GBRAP10 for LE and BE conversion wrapper
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
7a1b30c871 avcodec/agm: Do not allow MVs out of the picture area as no edge is allocated
Fixes: out of array access
Fixes: 18499/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5749038406434816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
a2d6b2042e avcodec/wmalosslessdec: Set FF_CODEC_CAP_INIT_CLEANUP
Fixes: memleaks
Fixes: 18429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-6210814364614656
Fixes: 18722/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5680535690543104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
6e15ba2d1f avcodec/apedec: Fix 2 integer overflows
Fixes: signed integer overflow: 2119056926 - -134217728 cannot be represented in type 'int'
Fixes: 18728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5747539563511808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
a9cbd25d89 avcodec/wmaprodec: Set packet_loss when we error out on a sanity check
Fixes: left shift of negative value -34
Fixes: 18719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5642658173419520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
5473c7825e avcodec/wmaprodec: Check offset
Fixes: index 33280 out of bounds for type 'float [32768]'
Fixes: 18718/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA2_fuzzer-5635373899710464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
93d52a181e avcodec/truemotion2: Fix 2 integer overflows in tm2_low_res_block()
Fixes: signed integer overflow: 1778647621 + 574372924 cannot be represented in type 'int'
Fixes: 18692/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-6248679635943424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
090ac57997 avcodec/wmaprodec: Check if the channel sum of all internal contexts match the external
Fixes: NULL pointer dereference
Fixes: 18689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA1_fuzzer-5715114640015360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
8bcb5fbab5 avcodec/truespeech: Fix an integer overflow in truespeech_synth()
Fixes: signed integer overflow: 2147483188 + 2048 cannot be represented in type 'int'
Fixes: 18741/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUESPEECH_fuzzer-5748950460268544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Michael Niedermayer
a0ae4b7df9 Remove redundant ;
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Andreas Rheinhardt
67d4940a77 avformat/id3v2: Fix double-free on error
ff_id3v2_parse_priv_dict() uses av_dict_set() with the flags
AV_DICT_DONT_STRDUP_KEY and AV_DICT_DONT_STRDUP_VAL. In this case both
key and value are freed on error (and owned by the destination
dictionary on success), so that freeing them again on error is a
double-free and therefore forbidden. But it nevertheless happened.

Fixes CID 1452489 and 1452421.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-10 16:09:14 +01:00
Gyan Doshi
e73688eff4 avfilter: rename scale.c,h to scale_eval
scale.c is too generic; scale_eval is more representative
2019-12-10 12:55:48 +05:30
Andreas Rheinhardt
9f7b2b37e3 fate/matroska: Add a test for propagating flac channel layouts
contained in Vorbis comments in the CodecPrivate of flac tracks.
Moreover, it also tests header removal compression.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-08 18:20:53 -03:00
Michael Niedermayer
e3dddf2142 tools/target_dec_fuzzer: Also fuzz request_channel_layout
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-08 13:08:23 +01:00
Gyan Doshi
1b4f473d18 avfilter/scale.c: factorize ff_scale_eval_dimensions
Adjustment of evaluated values shifted to ff_adjust_scale_dimensions
Shifted code for force_original_aspect_ratio and force_divisble_by from
vf_scale so it is now available for scale_cuda, scale_npp and
scale_vaapi as well.
2019-12-08 16:12:31 +05:30
Andreas Rheinhardt
ff2b75d94c avformat/matroskadec: Add a fate test for CodecPrivate compression
This test contains a track with zlib compressed CodecPrivate in addition
to compressed frames; the former was unchecked before.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-07 23:11:55 -03:00
Michael Niedermayer
e1d836d237 avcodec/atrac9dec: Check q_unit_cnt more completely before using it to access at9_tab_band_ext_group
Fixes: index 8 out of bounds for type 'const uint8_t [8][3]'
Fixes: 19127/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5709394985091072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-07 19:34:57 +01:00
hwrenx
b7583230ae MAINTAINERS: add myself as libxavs2 maintainer
Signed-off-by: hwrenx <hwrenx@126.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-07 19:34:57 +01:00
James Almer
ade7f4c60c fate/matroska: fix dependencies for fate-matroska-prores-zlib test
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-07 13:30:18 -03:00
James Almer
70efa31ba1 fate/matroska: add a demux test for ProRes using zlib compression
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-07 12:36:21 -03:00
Andreas Rheinhardt
af50f0a515 avformat/matroskadec: Fix use-after-free when demuxing ProRes
ProRes in Matroska is supposed to not contain the first atom header
(containing a size field and the tag "icpf") and therefore the Matroska
demuxer has to recreate it; this involves an allocation and copy, of
course. Whether the old buffer (containing the data without the atom
header) needs to be freed or not depends upon whether it is what was
directly read (in which case it is owned by an AVBuffer) or whether it
has been allocated when reversing the track's content compression (e.g.
zlib compression) that Matroska supports.

So there are three pointers involved: The one pointing to the directly
read data (owned by the AVBuffer), the one pointing to the currently
valid data (which coincides with the former if no content compression
needed to be reverted) and the one pointing to the new data with the
first atom header. The check for whether to free the second of these is
simply whether the first two are different.

This works mostly, but there is a complication: Some muxers don't strip
the first atom header away and in this case, it is also not reinserted
and no new buffer is allocated; instead, the second and the third
pointers agree. In this case, one must never free the second buffer.
Yet it is currently done if the track is e.g. zlib compressed.
This commit fixes this.

This is a regression since b8e75a2a.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-07 12:36:21 -03:00
Jun Zhao
70e292becf lavf/rtmpproto: Don't unref uninitialized buffers
This happens if ffurl_open_whitelist fails and stream is unset.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-12-07 14:09:12 +08:00
Jun Zhao
46d2a67f80 lavfi/avf_showspectrum: Fix the memory leak in error handle path
Fix the memory leak in error handle path.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-12-07 14:08:08 +08:00
Andriy Gelman
02a83e26de lavc/cbs_h2645: Fix incorrect max size of nalu unit
In the worst case the startcode prefix has 4 bytes.

This fixes a trigerred assertion:
Assertion dp <= max_size failed at libavcodec/cbs_h2645.c:1451

Found-by:libFuzzer
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
2019-12-06 15:05:56 -03:00
Limin Wang
79d907774d avformat/libsrt: change tlpktdrop, nakreport, messageapi options to boolean type
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:27:25 +01:00
Michael Niedermayer
e7011a0ca6 avcodec/mvha: Check remaining space when reading VLC table probabilities
Fixes: Infinite loop
Fixes: 19183/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-5666216765292544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
Limin Wang
5ee4c12ec2 avfilter/vsrc_life: Fix for random_seed type
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
Limin Wang
1d757b111a avfilter/vsrc_cellauto: Fix for random_seed type
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
leozhang
0c7f9f714d avfilter/vf_yaepblur: add yaepblur filter
Signed-off-by: leozhang <leozhang@qiyi.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
Ting Fu
039a0ebe6f libswscale/swscale_unscaled.c: remove redundant code
Signed-off-by: Ting Fu <ting.fu@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
Limin Wang
f9d6addd60 avformat/libsrt: fix for the memory leak if passphrase has been configured by option
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-06 11:25:29 +01:00
Marton Balint
648b8cca6c avdevice/xcbgrab: wrap non-shm image replies in a buffer ref
This avoids a memcpy improving performance if SHM is not used.

Signed-off-by: Marton Balint <cus@passwd.hu>
2019-12-06 10:09:49 +01:00
Gyan Doshi
b66a800877 avfilter/crop: avoid premature eval error
Width and height expressions can refer to each other. Width is
evaluated twice to allow for reference to output height. So we
should not error out upon failure of first evaluation of width.
2019-12-06 10:19:47 +05:30
Zhao Zhili
71fd72070c avutil/buffer: use appropriate atomic operations
No functional changes. ref/unref vs add/sub is symmetrical.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-05 20:53:52 -03:00
James Almer
964eb754b4 tools: add a fuzzer tool for bitstream filters
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-12-05 20:49:15 -03:00
Michael Niedermayer
37f31f4e50 avcodec/fitsdec: Use lrint()
Fixes: fate-fitsdec-bitpix-64

Possibly Fixes: -nan is outside the range of representable values of type 'unsigned short'
Possibly Fixes: 17769/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FITS_fuzzer-5678314672357376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-05 20:20:05 +01:00
Andreas Rheinhardt
4825d8a98d avformat/mpeg: Fix leaks of AVFormatContext and subtitle packets
If an error happens in vobsub_read_header() after allocating the
AVFormatContext intended to read the sub-file, both the AVFormatContext
as well as the data in the subtitles queues leaks. This has been fixed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-05 17:22:40 +01:00
Andreas Rheinhardt
bc3cf2bbd3 avformat/mpeg: Don't copy or leak string in AVBPrint
vobsub_read_header() uses an AVBPrint to write a string and up until
now, it collected the string stored in the AVBPrint via
av_bprint_finalize(), which might involve an allocation and copy of the
string. But this is unnecessary, as the lifetime of the returned string
does not exceed the lifetime of the AVBPrint. So use the string in the
AVBPrint directly.

This also makes it possible to easily fix a memleak: In certain error
situations, the string stored in the AVBPrint would not be freed (if it
was dynamically allocated). This has been fixed, too.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-12-05 17:22:40 +01:00