1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-12 19:18:44 +02:00
Commit Graph

114581 Commits

Author SHA1 Message Date
Eugene Zemtsov
8a23a145d8 avformat/mov: Check if a key is longer than the atom containing it
Stop reading keys and return AVERROR_INVALIDDATA if key_size
is larger than the amount of space left in the atom.

Bug: https://crbug.com/41496983
Signed-off-by: Eugene Zemtsov <eugene@chromium.org>
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-02 00:13:12 -03:00
Andreas Rheinhardt
9d219ff149 avformat/mov: Don't add attached pic if one is already present
Fixes: memleak
Fixes: 67714/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5671570999476224

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 04:13:44 +02:00
James Almer
f492f1ac23 avformat/mov: ensure all items id referenced by a grid are valid
Fixes: null pointer dereference
Fixes: 67494/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6528714521247744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-01 21:13:04 -03:00
Andreas Rheinhardt
a8e518e3a7 avcodec/vlc: Use union of uint8_t and uint16_t in VLC_MULTI_ELEM
It is more natural and simplifies writing these arrays.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
4ab82d2fb6 avcodec/vlc, bitstream: Fix multi VLC with uint8_t syms on BE
VLC_MULTI_ELEM contains an uint8_t array that is supposed
to be treated as an array of uint16_t when the used symbols
have a size of two; otherwise it should be treated as just
an array of uint8_t, but it was not always treated that way:

vlc_multi_gen() initialized the first entry of the array
by writing the symbol via AV_WN16; on big endian systems,
the intended value was instead written into the second entry
of the array (where it would likely be overwritten lateron
during initialization).

read_vlc_multi() also treated this case incorrectly: In case
the code is so long that it needs a classical multi-stage lookup,
the symbol has been written to the destination as if via AV_WN16.
On little endian systems, this sets the correct first symbol and
clobbers (zeroes) the next one, but the next one will be overwritten
lateron anyway, so it won't be recognized. But on big-endian systems,
the first symbol will be set to zero and the actually read symbol
will be put into the slot for the next one (where it will be overwritten
lateron).

This commit fixes this; this fixes the magicyuv and utvideo FATE-tests
on big endian arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
098f5e2634 fate/fits: Fix tests on BE
The fits decoder decodes to native pixel formats; so
the fitsdec-gbrap16be fate test failed on BE despite
its name because the reference file is LE.
This patch fixes this by forcing a pixel format;
the forced pixel format is BE, causing a change
in the reference file.
The fitsdec-gbrp16be test was not affected, because
its source file (lena-rgb48.png from tne FATE suite)
is actually biendian (as if someone had multiplied
8bit content by 257...).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
579868f810 fate/filter-video: Insert scale, format filters in filter-yadif,bwdif10
The format and the first scale filter ensures that the filter
processing actually happens in high bit depth; the second
scale filter is only necessary for big endian arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
1b684a1527 fate/filter-video: Always use little endian pixel format
Fixes filter-metadata-signalstats-yuv420p10 on BE arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
d5897f70d4 fate/video: Only use bitexact IDCT in avid meridian
Precludes the usage of the altivec IDCT which fixes
the avid-meridian FATE test on ppc64be here.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
8ecd383122 avcodec/huffyuvencdsp: Fix load of misaligned values
Affected many ffvhuff FATE tests.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
3ed23dab98 avfilter/vf_spp: Fix left-shift of negative value
Affected the vf-spp FATE-test (on x86 only when MMX
is disabled).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
9e4e8ae1e6 avcodec/pngdsp: Fix unaligned accesses, effective type violations
Affected the lscr fate-test (only visible on x86 if
the SSE2 is disabled).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
356610a2ac avcodec/ppc/hpeldsp_altivec: Fix left-shift of negative number
It is UB and affected e.g. the vp5 and vp61 FATE tests:
https://fate.ffmpeg.org/report.cgi?time=20240327083327&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
David Rosca
3f863f089c lavc/vaapi_encode_av1: Set roi_quant_range 2024-04-01 20:08:11 +01:00
Michael Niedermayer
84ce5ced31
avcodec/vvc/vvcdec: Do not submit frames without VVCFrameThread
Such frames will crash when pthread functions are called on the NULL pointer

Fixes: member access within null pointer of type 'VVCFrameThread' (aka 'struct VVCFrameThread')
Fixes: 65160/clusterfuzz-testcase-minimized-ffmpeg_BSF_VVC_METADATA_fuzzer-4665241535119360 (partly)
Fixes: 65636/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-5394745824182272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:05:31 +02:00
Michael Niedermayer
cb9752d897
avformat/mpegts: Reset local nb_prg on add_program() failure
add_program() will deallocate the whole array on failure so
we must clear nb_prgs

Fixes: null pointer dereference
Fixes: crash-35a3b39ddcc5babeeb005b7399a3a1217c8781bc

Found-by: Catena cyber
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:03:06 +02:00
Michael Niedermayer
c0532f5579
avcodec/iff: dont add into unused pointers
Fixes: overflowing pointers
Fixes: 66444/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-4812862400823296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:00:30 +02:00
Michael Niedermayer
23b29f72ee
avformat/aiffdec: Check for previously set channels
Fixes: out of array access (av_channel_layout_copy())
Fixes: 67087/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-4920720268263424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:59:07 +02:00
Michael Niedermayer
f30fe5e8d0
avformat/mxfdec: Make edit_unit_byte_count unsigned
Suggested-by: Marton Balint <cus@passwd.hu>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:52:38 +02:00
Michael Niedermayer
d88c284c18
avformat/movenc: Check that cts fits in 32bit
Fixes: Assertion av_rescale_rnd(start_dts, mov->movie_timescale, track->timescale, AV_ROUND_DOWN) <= 0 failed at libavformat/movenc.c:3694
Fixes: poc2

Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:51:59 +02:00
James Almer
0a693bce62
avformat/iamf_parse: keep count_label consistent on language_label allocation failure
Fixes: null pointer dereference
Fixes: 67023/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-6011025237278720

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
f26ee6e066
avformat/iamf_reader: Check len before summing
Fixes: integer overflow
Fixes: 67275/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5438920751906816
Fixes: 67688/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5970342318243840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
d6ed6f6e8d
avformat/mxfdec: Check first case of offset_temp computation for overflow
This is kind of ugly
Fixes: signed integer overflow: 255 * 1157565362826411919 cannot be represented in type 'long'
Fixes: 67313/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6250434245230592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
7b7eea8e63
avcodec/jpeg2000htdec: warn about non zero roi shift
Suggested-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:27 +02:00
Michael Niedermayer
19ad05e9e0
avcodec/jpeg2000htdec: Check magp before using it in a shift
Fixes: shift exponent -1 is negative
Fixes: 65378/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5457678193197056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:27 +02:00
Anton Khirnov
63f56c9943 doc/community: update conflict of interest rule according to GA vote 2024-04-01 15:38:28 +02:00
Zhao Zhili
7bf85d2d3a avcodec/h264_parse: Fix error code in decode_extradata
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
2024-04-01 17:05:21 +08:00
Timo Rothenpieler
271a0a55bc avcodec/nvenc: provide nvenc with monotonic frame index 2024-04-01 00:46:12 +02:00
Timo Rothenpieler
c06e9e289f avcodec/nvenc: update minimum driver version list 2024-03-31 21:43:38 +02:00
Timo Rothenpieler
21b4708969 avcodec/nvenc: add support for unidirectional b-frames 2024-03-31 21:32:55 +02:00
Timo Rothenpieler
a270966118 avcodec/nvenc: add support for uhq tune 2024-03-31 21:17:11 +02:00
Timo Rothenpieler
77d23bcb1b avcodec/nvenc: add support for lookahead_level 2024-03-31 20:58:27 +02:00
Timo Rothenpieler
64e3fc9069 avcodec/nvenc: add support for HEVC temporal filtering 2024-03-31 20:47:59 +02:00
Timo Rothenpieler
06c2a2c425 avcodec/nvenc: support SDK 12.2 bit depth API 2024-03-31 19:10:49 +02:00
Timo Rothenpieler
43b417d516 avcodec/nvenc: stop using long deprecated format specifiers 2024-03-31 19:10:49 +02:00
Andreas Rheinhardt
199c479b9a avcodec/arm/vp8: Don't discard const
Forgotten in 25e1986e68.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
0e5f71230a avutil/internal: Move avpriv_set_systematic_pal2 decl to imgutils_internal.h
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
888e2c0a85 avutil/hwcontext_vulkan: Include hwcontext.h
struct Foo * declares a new type (namely struct Foo)
if there is no declaration of struct Foo already visible
in the current scope; otherwise it is just a pointer to
an element of the already declared type "struct Foo".
There is a gotcha with the first case:
struct Foo is only declared in its scope; a later declaration
of struct Foo in an enclosing scope declares a different type.

This happens in hwcontext_vulkan.h if it is included before
hwcontext.h, because some declarations of struct AVHWDeviceContext
and struct AVHWFramesContext have function prototype scope.

Compilers warn about this (during checkheaders):
‘struct AVHWDeviceContext’ declared inside parameter list will not
be visible outside of this definition or declaration

Fix this by including hwcontext.h.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
0f78b26e9c avutil/internal: Move FF_MEMORY_POISON to its only user
Namely mem.c.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
8041a91a32 avutil/internal: Move libm inclusion to the beginning
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
e4e6377afc avcodec/arm/mpegvideo_arm: Use static_assert to check offsets
Also move AV_CHECK_OFFSET to its only user, namely
lavc/arm/mpegvideo_arm.c and rename it to CHECK_OFFSET.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
790f793844 avutil/common: Don't auto-include mem.h
There are lots of files that don't need it: The number of object
files that actually need it went down from 2011 to 884 here.

Keep it for external users in order to not cause breakages.

Also improve the other headers a bit while just at it.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
b616be1649 lib*/version: Use static_assert for static asserts
Also update the checks that guard against inserting
a new enum entry in the middle of a range.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
2d38141ea6 swscale/swscale_internal: Don't export internal function
sws_alloc_set_opts() can actually be made internal to utils.c.
This commit does so.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
ad1cef04a9 swscale/swscale_internal: Hoist branch out of loop
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
c8549d480f avcodec/msmpeg4: Don't include x86-specific header unconditionally
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
a265e8ca92 avcodec, avfilter: Don't use "" for system headers
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
b49e621c83 swscale/ppc/swscale_altivec: Simplify macro
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
72f4f1dafb swscale/ppc/swscale_altivec: Fix build with -O0
In this case GCC does not treat a const variable initialized
to the compile-time constant "3" as a compile-time constant
and errors out because the argument is not a literal value.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00
Andreas Rheinhardt
347a70f101 avcodec/pcm-bluray/dvd: Use correct pointer types on BE
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00