1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-28 20:53:54 +02:00
Commit Graph

34 Commits

Author SHA1 Message Date
Michael Niedermayer
741565a1e6 avcodec/cbs_h264_syntax_template: fix off by 1 error with slice_group_change_cycle
Fixes: assertion failure
Fixes: 20390/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-5683400772157440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-04-05 23:18:55 +02:00
Andriy Gelman
c07a772473 lavc/cbs_h2645_syntax_template: Fix memleak
payload_count is used to track the number of SEI payloads. It is also
used to free the SEIs in cbs_h264_free_sei()/cbs_h265_free_sei().

Currently, payload_count is set after for loop is completed. Hence if
there is an error and the function exits, the payload remains zero
causing a memleak.

This commit keeps track of payload_count inside the for loop to fix the
issue. Note that that the contents of current are initialized with
av_mallocz() so there is no need to zero initialize payload_count.

Found-by: libFuzzer
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
2019-12-16 12:04:45 -03:00
Mark Thompson
f9b8503639 cbs_h264: Fix missing inferred colour description fields
With video_signal_type_present_flag set but colour_description_present_flag
unset the colour fields would not have had their correct values inferred.
2019-07-29 19:57:06 +01:00
Andreas Rheinhardt
a1a8815220 libavcodec: Reduce the size of some arrays
This commit uses smaller types for some static const arrays to reduce
their size in case the entries can be represented in the smaller type.
The biggest savings came from inv_map_table in vp9.c.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-06-20 14:47:46 -03:00
James Almer
ff2a638c83 avcodec/cbs_h264: add support for Alternative Transfer Characteristics SEI message
Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-06-03 19:21:38 -03:00
James Almer
45048ece81 avcodec/cbs_h2645: use the fixed() macro for forbidden_zero_bit
This follows the spec definition, and removes a field from the relevant
structs.

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-04-28 20:29:40 -03:00
James Almer
16c50abb50 avcodec/cbs_h2645: add macros to read and write fields with no custom range of values
Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-04-28 20:28:42 -03:00
James Almer
9bf520d04d avcodec/cbs_h264: fix storage type for time_offset in Pic Timing SEI
The spec defines it as a signed value.

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-04-16 20:32:43 -03:00
Andreas Rheinhardt
8d1cf2d894 cbs_h264: Fix handling of auxiliary pictures
The earlier code used the most recent non-auxiliary slice to determine
whether an auxiliary slice has the syntax of an IDR slice, even when
the most recent slice was from a slice of a redundant frame. Now only
slices of the primary coded picture are used, as the specifications
mandate.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@googlemail.com>
2018-11-08 21:19:35 +00:00
Mark Thompson
30fcc10937 cbs_h264: Include SEI type names in trace output 2018-10-31 21:38:33 +00:00
Mark Thompson
da6db843b8 cbs_h2645: Allocate all internal buffers with padding
Any of these buffers (for both H.264 and H.265) might reasonably be
parsed using the bitstream reader, so include padding on all of them.
2018-10-22 23:01:32 +01:00
Mark Thompson
e5fda1ff28 cbs_h264: Fix SPS used for pic_timing timestamp
It should be the same as the one used for the rest of the pic_timing
structure.
2018-10-22 23:01:30 +01:00
Mark Thompson
3143fe34f6 cbs_h264: Actually decompose end-of-sequence NAL units
64c50c0e97 declared support for decomposing
them but omitted to implement it; this adds an implementation.

Also do the same for end-of-stream NAL units, since they are equivalent.
2018-10-22 23:01:29 +01:00
Aman Gupta
41ed2c3849 avcodec/cbs: ensure user_data is padded for GBC parsing
Fixes crash noticed in the cbs_userdata patchset.

====ERROR: AddressSanitizer: heap-buffer-overflow on address 0x609000026c89 at pc 0x00010725d37b bp 0x7ffeea04e750 sp 0x7ffeea04e748
READ of size 4 at 0x609000026c89 thread T0
    #0 0x10725d37a in ff_cbs_read_unsigned get_bits.h:274
    #1 0x1072d2767 in ff_cbs_read_a53_user_data cbs_misc_syntax_template.c:119
    #2 0x1078251a7 in h264_metadata_filter h264_metadata_bsf.c:595
    #3 0x105c1321d in output_packet ffmpeg.c:853

0x609000026c89 is located 1 bytes to the right of 8-byte region [0x609000026c80,0x609000026c88)
allocated by thread T0 here:
    #0 0x10aef08d7 in wrap_posix_memalign (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x578d7)
    #1 0x10aca95e6 in av_malloc mem.c:87
    #2 0x10ac545fe in av_buffer_allocz buffer.c:72
    #3 0x107263b27 in cbs_h264_read_nal_unit cbs_h264_syntax_template.c:722
    #4 0x10725b688 in cbs_read_fragment_content cbs.c:155

Signed-off-by: Aman Gupta <aman@tmm1.net>
2018-10-15 11:52:54 -07:00
Aman Gupta
b6c3a02740 avcodec/cbs: fix crash in sei_pic_timestamp
Signed-off-by: Aman Gupta <aman@tmm1.net>
2018-10-15 11:52:49 -07:00
Mark Thompson
1156b507f7 cbs_h264: Infer default VUI values if VUI parameters are not present 2018-09-23 14:42:34 +01:00
Mark Thompson
574dafe7b8 cbs_h264: Fix profile typo 2018-09-23 14:42:34 +01:00
Mark Thompson
4b2e3de8c0 cbs_h264: Fix default value for max mv lengths
A recent version of the standard changed the max and default to 15, from
16 in older versions.  This updates the default to 15 to match, but the
max stays as 16 so that we don't reject older streams.
2018-09-23 14:42:34 +01:00
Mark Thompson
ac687add84 cbs_h264: Add support for mastering display SEI messages 2018-05-10 23:54:01 +01:00
Mark Thompson
d94dda742c cbs_h264: Add support for pan-scan rectangle SEI messages 2018-05-10 23:54:01 +01:00
Mark Thompson
4c9741a1dd cbs_h264: Fix handling of unknown SEI
The user should only interact directly with the data length, not the
payload size.
2018-05-10 22:05:44 +01:00
Haihao Xiang
65be65da37 cbs_h264: Need [] in the name when subscript is required
Otherwise it will hit an assert in the function
ff_cbs_trace_syntax_element() in cbs.c, line 400.

Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
2018-05-07 21:32:41 +01:00
Mark Thompson
300ef25314 cbs: Add support for array subscripts in trace output
This makes the trace output for arrays significantly nicer.
2018-05-02 01:20:45 +01:00
Mark Thompson
315cc8c098 cbs_h2645: Simplify representation of fixed values 2018-05-01 23:31:41 +01:00
Mark Thompson
0e782661d6 cbs_h264: Fix overflow in shifts
The type of the result of a shift operation is unaffected by the type of
the right operand, so some existing code overflows with undefined behaviour
when the element length is 32.  Add a helper macro to calculate the maximum
value correctly and then use it everywhere this pattern appears.

Found-by: Andreas Rheinhardt <andreas.rheinhardt@googlemail.com>
2018-03-18 17:54:55 +00:00
Mark Thompson
fbeac5356c Merge commit 'eccc03c8fbc603a0a3257df66f0705f74fe2581a'
* commit 'eccc03c8fbc603a0a3257df66f0705f74fe2581a':
  cbs_h264: Add support for filler NAL units

Some bitstream -> get_bits.

Merged-by: Mark Thompson <sw@jkqxz.net>
2018-02-21 22:51:46 +00:00
Mark Thompson
ab6edb173b Merge commit '7157d959264f3729da463725c6faa580d9394d19'
* commit '7157d959264f3729da463725c6faa580d9394d19':
  cbs_h264: Move slice_group_id array out of PPS structure

Merged-by: Mark Thompson <sw@jkqxz.net>
2018-02-21 22:41:00 +00:00
Mark Thompson
b656fa710a Merge commit '13ca5d34ba5c473211daaae0a101123bcaada3e6'
* commit '13ca5d34ba5c473211daaae0a101123bcaada3e6':
  cbs_h264: Add hack for pic_timing with no active SPS

Partially fixes #6896 - the sample stream from that ticket now works, but
more obscure cases can still fail.

Merged-by: Mark Thompson <sw@jkqxz.net>
2018-02-21 22:05:15 +00:00
Mark Thompson
eccc03c8fb cbs_h264: Add support for filler NAL units 2018-02-20 22:04:12 +00:00
Mark Thompson
7157d95926 cbs_h264: Move slice_group_id array out of PPS structure
It's very large, and is only used in some FMO streams.
2018-02-20 22:04:12 +00:00
Mark Thompson
13ca5d34ba cbs_h264: Add hack for pic_timing with no active SPS
If there is exactly one possible SPS but it is not yet active then just
assume that it should be the active one.
2018-02-20 22:04:12 +00:00
Mark Thompson
59b00ffea3 cbs_h264: Fix format specifier 2017-10-24 23:07:58 +01:00
Mark Thompson
b4c915f4b3 lavc: Add coded bitstream read/write support for H.264
(cherry picked from commit acf06f4544)
(cherry picked from commit 768eb9182e)
(cherry picked from commit e7f64191b2)
2017-10-17 20:56:29 +01:00
Mark Thompson
acf06f4544 lavc: Add coded bitstream read/write support for H.264 2017-08-12 22:17:20 +01:00