1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-12 19:18:44 +02:00
Commit Graph

96161 Commits

Author SHA1 Message Date
Paul B Mahol
d4d6b7b035 avfilter/vf_datascope: fix heap buffer overflow
Fixes #8309
2019-10-19 09:50:53 +02:00
Gyan Doshi
ed78ca4123 doc/utils: add hexadecagonal channel layout 2019-10-19 13:00:36 +05:30
Steven Liu
9f023017ab avformat/sapdec: check av_strdup() return value and fix memleak
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:56:52 +02:00
Steven Liu
b1071b405d avformat/mvdec: check av_strdup() return value
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:56:02 +02:00
Steven Liu
53928e0b49 avformat/mtv: check av_strdup() return value
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:54:53 +02:00
Steven Liu
f5263172de avformat/mpeg: check av_strdup() return value
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:54:12 +02:00
Steven Liu
1f7b527194 avformat/libsrt: check av_strdup() return value and fix memleak
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:49:46 +02:00
Steven Liu
17d96c15d2 avformat/hlsenc: check av_strdup() return value
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:48:49 +02:00
Steven Liu
25f5d67a31 avformat/cinedec: check av_strdup() return value
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2019-10-19 06:47:10 +02:00
James Almer
0700e7247b avformat/mpegenc: check for stream private data during deinit
Prevents pointer dereferences when streams were not fully initialized.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-10-18 23:14:40 -03:00
James Almer
1d479300cb avformat/nutenc: don't allocate a dynamic AVIOContext if no index is going to be written
Fixes ticket #8295

Signed-off-by: James Almer <jamrial@gmail.com>
2019-10-18 20:53:10 -03:00
Paul B Mahol
0528adbd85 avfilter/vf_shuffleplanes: add mising query_formats()
Fixes #8298
2019-10-18 23:24:06 +02:00
Paul B Mahol
3b580f9dfe avfilter/vf_maskfun: fix memleak
Fixes #8305
2019-10-18 21:57:20 +02:00
Paul B Mahol
8e30514c4c avfilter/buffersink: cosmetics 2019-10-18 10:54:05 +02:00
Paul B Mahol
fddef964e8 avfilter/vf_colorspace: fix memmory leaks
Fixes #8303
2019-10-18 10:48:22 +02:00
Paul B Mahol
daf2bef98d avfilter/af_acrossover: fix memory leak
Fixes #8304
2019-10-18 10:33:54 +02:00
Jun Zhao
feaec3bc31 lavf/hlsenc: fix memory leak
fix memory leak

Reviewed-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-10-18 09:58:50 +08:00
Jun Zhao
ed3c317dea fftools/ffmpeg_opt: add error handle if av_asprintf return null
add error handle if av_asprintf return null.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-10-18 09:56:51 +08:00
Jun Zhao
85e2b222e9 lavfi/avf_showspectrum: add error handle if av_asprintf return null
add error handle if av_asprintf return null.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-10-18 09:56:27 +08:00
Paul B Mahol
0ae6fb276b avfilter/x86/vf_atadenoise: add SIMD for serial too 2019-10-17 21:05:50 +02:00
Paul B Mahol
71e33c6e01 avfilter/vf_atadenoise: add option to use additional algorithm 2019-10-17 20:28:31 +02:00
Paul B Mahol
295d99b439 avfilter/vf_adadenoise: add x86 SIMD 2019-10-17 19:44:11 +02:00
Andreas Rheinhardt
eb17bf6fd3 mpeg4_unpack_bframes: Avoid allocations and copies of packet structures
1. Since bd90a2ec, mpeg4_unpack_bframes caches whole packets instead of
just the pointer to the buffer and the buffer's size in order to be able
to make use of refcounting to avoid copying of data; this unfortunately
introduced copies of packet structures and side data (if existing),
although the only fields that are needed are the buffer-related ones
(data, size and buf). This can be changed without compromising the
advantages of refcounting by storing a reference to the buffer.

2. This change also makes it easy to use only one packet throughout
so that an allocation and free of an AVPacket structure per filtered
packet can be saved by switching to ff_bsf_get_packet_ref.

3. Furthermore, this commit also fixes a memleak introduced in bd90a2ec:
If a stored b_frame with side data was used for a later frame, the side
data would leak when the input frame's properties were copied into the
output frame.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-17 18:04:37 +02:00
Michael Niedermayer
2fca09bce4 avcodec/binkaudio: Check sample rate
Fixes: signed integer overflow: 1092624416 * 2 cannot be represented in type 'int'
Fixes: 18045/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_RDFT_fuzzer-5718519492116480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-17 18:04:37 +02:00
Andreas Rheinhardt
b288a7eb3d avformat/mpegenc: Fix memleaks and return values
If there is an error in mpeg_mux_init() (the write_header function of
the various MPEG-PS muxers), two things might happen:

1. Several fifos might leak. Instead of freeing them, the goto fail part
of the functions freed the private data of the AVStreams instead,
although this will be freed later in free_stream() anyway.
2. And if the function is exited via goto fail, it automatically
returned AVERROR(ENOMEM), although this is also used when the error is
not a memory allocation failure.

Both of these issues happened in ticket #8284 and have been fixed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-17 18:04:37 +02:00
James Almer
39d5acbd09 avcodec/libdav1d: set AVFrame reordered_opaque
Fixes ticket #8300

Signed-off-by: James Almer <jamrial@gmail.com>
2019-10-17 12:35:28 -03:00
Andreas Rheinhardt
ba191c0ce0 vp9_superframe: Avoid allocations and copies of packet structures
Up until now, the vp9_superframe bsf used distinct packets for input and
output. But at no point in the bsf are the input and output packets used
at the same time (except during a call to av_packet_move_ref()), so that
one can avoid using two packets if one switches to ff_bsf_get_packet_ref
at the same time. This also saves one malloc+free of an AVPacket
structure per filtered packet.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-10-17 12:35:23 -03:00
Michael Niedermayer
0279e727e9 avcodec/cavsdec: Set ret on errors in decode_pic()
Fixes regression and fate failure on some machienes

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-17 13:17:18 +02:00
Andreas Rheinhardt
097c917c14 avcodec/ac3enc: Fix memleak
Fixes ticket #8294.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2019-10-17 12:33:50 +02:00
Andreas Rheinhardt
6aae322120 avfilter/af_arnndn: Remove superfluous qualifier
remove_doubling() returned a const float, but returning qualified types
is pointless anyway. This is all the more important given that  GCC 4.2.1
(and maybe other compilers, too) seems to treat this as an error as several
FATE units that don't compile any more show.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2019-10-17 12:30:24 +02:00
Gyan Doshi
9c820ebe90 doc/filters: fixes for scale filter
Adjusted formatting and prose for option force_divisible_by in scale filter
2019-10-17 15:46:35 +05:30
Paul B Mahol
8f63c4e72a avfilter/vf_dedot: fix crash
Fixes #8299
2019-10-17 11:51:22 +02:00
Paul B Mahol
ce40188bc0 avfilter/vf_amplify: cosmetics 2019-10-17 11:32:27 +02:00
Paul B Mahol
3488e0977c avfilter/vf_random: fix memory leaks
Fixes #8296
2019-10-17 11:31:53 +02:00
Paul B Mahol
fb7b222b91 avfilter/af_arnndn: make sure that vad_output nb_neurons is always 1 2019-10-17 11:02:02 +02:00
Paul B Mahol
1e35519fe0 avfilter/vf_gblur: fix undefined behaviour
Fixes #8292
2019-10-16 19:29:56 +02:00
Michael Niedermayer
c70d547751 avcodec/sbcdec: Fix integer overflows in sbc_synthesize_eight()
Fixes: signed integer overflow: 518484152 + 1868182638 cannot be represented in type 'int'
Fixes: 17732/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SBC_fuzzer-5663738132168704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
2f66e8436d avcodec/adpcm: Check initial predictor for ADPCM_IMA_EA_EACS
Fixes: signed integer overflow: -2147483360 - 631 cannot be represented in type 'int'
Fixes: 17701/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer-5711517319692288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
07732f12a4 avcodec/g723_1dec: Fix overflow in shift
Fixes: shift exponent 1008 is too large for 32-bit type 'int'
Fixes: 17700/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G723_1_fuzzer-5707633436131328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
5c072c9ed7 avcodec/apedec: Fix integer overflow in predictor_update_3930()
Fixes: signed integer overflow: -69555262 * 31 cannot be represented in type 'int'
Fixes: 17698/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5728970447781888

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
0c61661a2c avcodec/g729postfilter: Fix undefined intermediate pointers
Fixes: index -49 out of bounds for type 'int16_t [192]'
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
6a4fdbf112 avcodec/g729postfilter: Fix undefined shifts
Fixes: left shift of negative value -12
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
2b93f52cd6 avcodec/lsp: Fix undefined shifts in lsp2poly()
Fixes: left shift of negative value -30635
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
ca3d8b471f avcodec/aacdec_template: Check decode_extension_payload() for failure
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
8695fbec57 avcodec/adpcm: Fix left shifts in AV_CODEC_ID_ADPCM_EA
Fixes: left shift of negative value -1
Fixes: 17683/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_EA_R2_fuzzer-5111690013704192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
5ce3c9eadc avcodec/smacker: cleanup on errors in smka_decode_frame()
Fixes: multiple memleaks
Fixes: 17660/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer-5689769928949760
Fixes: 18064/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer-5631086809317376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
1d3f7e6a72 tools/target_dec_fuzzer: Adjust threshold for EATGV
Fixes: Timeout (26sec -> 9sec)
Fixes: 17645/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EATGV_fuzzer-5717065922510848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
9e32c47102 tools/target_dec_fuzzer: Adjust threshold for SCPR
Fixes: Timeout (46sec -> 7sec)
Fixes: 17644/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5715704283660288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
e7113704b2 avcodec/cavsdec: Check remaining bitstream in the main loop in decode_pic()
Fixes: Timeout (149sec ->1sec)
Fixes: 17311/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CAVS_fuzzer-5679368642232320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00
Michael Niedermayer
ea770eb559 avformat/shortendec: Check k in probe
Fixes: Assertion failure
Fixes: 17640/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5708767475269632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-16 19:17:57 +02:00