1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-18 03:19:31 +02:00
Commit Graph

114588 Commits

Author SHA1 Message Date
Frank Plowman
9c845e9087 avcodec/vvcdec: fix uninitialized last element of xxx_bd and ctb_to_xxx_bd arrays
see "6.5.1 CTB raster scanning, tile scanning, and subpicture scanning processes"

Co-authored-by: Nuo Mi <nuomi2021@gmail.com>
2024-04-02 20:24:31 +08:00
Nuo Mi
64d5cc67cd avcodec/vvcdec: misc, add specification name for pps members 2024-04-02 20:24:31 +08:00
Nuo Mi
191fbd7ddc avcodec/cbs_h266: fix sh_collocated_from_l0_flag and sh_collocated_ref_idx infer
we have to infer sh_collocated_from_l0_flag and sh_collocated_ref_idx from picture head if pps_rpl_info_in_ph_flag is true
2024-04-02 20:24:31 +08:00
Nuo Mi
cd540a333e avcodec/vvcdec: NoBackwardPredFlag, only check active pictures
see "8.3.6 Decoding process for collocated picture and no backward prediction"
2024-04-02 20:24:31 +08:00
James Almer
8e294abd9d avformat/mov: simplify the entry count overflow check in the keys atom
Suggested-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-02 09:09:35 -03:00
James Almer
5a06d3810e avformat/mov: don't read key_size bytes twice in the keys atom
We only support mdta as type, yet we were not skipping other types,
but rather reading key_size worth of bytes twice per entry.

Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-02 00:16:31 -03:00
James Almer
3d12ba77d9 avformat/mov: take into account the first eight bytes in the keys atom
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-02 00:13:12 -03:00
Eugene Zemtsov
8a23a145d8 avformat/mov: Check if a key is longer than the atom containing it
Stop reading keys and return AVERROR_INVALIDDATA if key_size
is larger than the amount of space left in the atom.

Bug: https://crbug.com/41496983
Signed-off-by: Eugene Zemtsov <eugene@chromium.org>
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-02 00:13:12 -03:00
Andreas Rheinhardt
9d219ff149 avformat/mov: Don't add attached pic if one is already present
Fixes: memleak
Fixes: 67714/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5671570999476224

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 04:13:44 +02:00
James Almer
f492f1ac23 avformat/mov: ensure all items id referenced by a grid are valid
Fixes: null pointer dereference
Fixes: 67494/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6528714521247744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2024-04-01 21:13:04 -03:00
Andreas Rheinhardt
a8e518e3a7 avcodec/vlc: Use union of uint8_t and uint16_t in VLC_MULTI_ELEM
It is more natural and simplifies writing these arrays.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
4ab82d2fb6 avcodec/vlc, bitstream: Fix multi VLC with uint8_t syms on BE
VLC_MULTI_ELEM contains an uint8_t array that is supposed
to be treated as an array of uint16_t when the used symbols
have a size of two; otherwise it should be treated as just
an array of uint8_t, but it was not always treated that way:

vlc_multi_gen() initialized the first entry of the array
by writing the symbol via AV_WN16; on big endian systems,
the intended value was instead written into the second entry
of the array (where it would likely be overwritten lateron
during initialization).

read_vlc_multi() also treated this case incorrectly: In case
the code is so long that it needs a classical multi-stage lookup,
the symbol has been written to the destination as if via AV_WN16.
On little endian systems, this sets the correct first symbol and
clobbers (zeroes) the next one, but the next one will be overwritten
lateron anyway, so it won't be recognized. But on big-endian systems,
the first symbol will be set to zero and the actually read symbol
will be put into the slot for the next one (where it will be overwritten
lateron).

This commit fixes this; this fixes the magicyuv and utvideo FATE-tests
on big endian arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
098f5e2634 fate/fits: Fix tests on BE
The fits decoder decodes to native pixel formats; so
the fitsdec-gbrap16be fate test failed on BE despite
its name because the reference file is LE.
This patch fixes this by forcing a pixel format;
the forced pixel format is BE, causing a change
in the reference file.
The fitsdec-gbrp16be test was not affected, because
its source file (lena-rgb48.png from tne FATE suite)
is actually biendian (as if someone had multiplied
8bit content by 257...).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:59 +02:00
Andreas Rheinhardt
579868f810 fate/filter-video: Insert scale, format filters in filter-yadif,bwdif10
The format and the first scale filter ensures that the filter
processing actually happens in high bit depth; the second
scale filter is only necessary for big endian arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
1b684a1527 fate/filter-video: Always use little endian pixel format
Fixes filter-metadata-signalstats-yuv420p10 on BE arches.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
d5897f70d4 fate/video: Only use bitexact IDCT in avid meridian
Precludes the usage of the altivec IDCT which fixes
the avid-meridian FATE test on ppc64be here.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
8ecd383122 avcodec/huffyuvencdsp: Fix load of misaligned values
Affected many ffvhuff FATE tests.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
3ed23dab98 avfilter/vf_spp: Fix left-shift of negative value
Affected the vf-spp FATE-test (on x86 only when MMX
is disabled).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
9e4e8ae1e6 avcodec/pngdsp: Fix unaligned accesses, effective type violations
Affected the lscr fate-test (only visible on x86 if
the SSE2 is disabled).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
Andreas Rheinhardt
356610a2ac avcodec/ppc/hpeldsp_altivec: Fix left-shift of negative number
It is UB and affected e.g. the vp5 and vp61 FATE tests:
https://fate.ffmpeg.org/report.cgi?time=20240327083327&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-04-02 00:21:58 +02:00
David Rosca
3f863f089c lavc/vaapi_encode_av1: Set roi_quant_range 2024-04-01 20:08:11 +01:00
Michael Niedermayer
84ce5ced31
avcodec/vvc/vvcdec: Do not submit frames without VVCFrameThread
Such frames will crash when pthread functions are called on the NULL pointer

Fixes: member access within null pointer of type 'VVCFrameThread' (aka 'struct VVCFrameThread')
Fixes: 65160/clusterfuzz-testcase-minimized-ffmpeg_BSF_VVC_METADATA_fuzzer-4665241535119360 (partly)
Fixes: 65636/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-5394745824182272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:05:31 +02:00
Michael Niedermayer
cb9752d897
avformat/mpegts: Reset local nb_prg on add_program() failure
add_program() will deallocate the whole array on failure so
we must clear nb_prgs

Fixes: null pointer dereference
Fixes: crash-35a3b39ddcc5babeeb005b7399a3a1217c8781bc

Found-by: Catena cyber
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:03:06 +02:00
Michael Niedermayer
c0532f5579
avcodec/iff: dont add into unused pointers
Fixes: overflowing pointers
Fixes: 66444/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-4812862400823296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 19:00:30 +02:00
Michael Niedermayer
23b29f72ee
avformat/aiffdec: Check for previously set channels
Fixes: out of array access (av_channel_layout_copy())
Fixes: 67087/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-4920720268263424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:59:07 +02:00
Michael Niedermayer
f30fe5e8d0
avformat/mxfdec: Make edit_unit_byte_count unsigned
Suggested-by: Marton Balint <cus@passwd.hu>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:52:38 +02:00
Michael Niedermayer
d88c284c18
avformat/movenc: Check that cts fits in 32bit
Fixes: Assertion av_rescale_rnd(start_dts, mov->movie_timescale, track->timescale, AV_ROUND_DOWN) <= 0 failed at libavformat/movenc.c:3694
Fixes: poc2

Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:51:59 +02:00
James Almer
0a693bce62
avformat/iamf_parse: keep count_label consistent on language_label allocation failure
Fixes: null pointer dereference
Fixes: 67023/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-6011025237278720

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
f26ee6e066
avformat/iamf_reader: Check len before summing
Fixes: integer overflow
Fixes: 67275/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5438920751906816
Fixes: 67688/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5970342318243840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
d6ed6f6e8d
avformat/mxfdec: Check first case of offset_temp computation for overflow
This is kind of ugly
Fixes: signed integer overflow: 255 * 1157565362826411919 cannot be represented in type 'long'
Fixes: 67313/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6250434245230592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:28 +02:00
Michael Niedermayer
7b7eea8e63
avcodec/jpeg2000htdec: warn about non zero roi shift
Suggested-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:27 +02:00
Michael Niedermayer
19ad05e9e0
avcodec/jpeg2000htdec: Check magp before using it in a shift
Fixes: shift exponent -1 is negative
Fixes: 65378/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5457678193197056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-04-01 18:17:27 +02:00
Anton Khirnov
63f56c9943 doc/community: update conflict of interest rule according to GA vote 2024-04-01 15:38:28 +02:00
Zhao Zhili
7bf85d2d3a avcodec/h264_parse: Fix error code in decode_extradata
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
2024-04-01 17:05:21 +08:00
Timo Rothenpieler
271a0a55bc avcodec/nvenc: provide nvenc with monotonic frame index 2024-04-01 00:46:12 +02:00
Timo Rothenpieler
c06e9e289f avcodec/nvenc: update minimum driver version list 2024-03-31 21:43:38 +02:00
Timo Rothenpieler
21b4708969 avcodec/nvenc: add support for unidirectional b-frames 2024-03-31 21:32:55 +02:00
Timo Rothenpieler
a270966118 avcodec/nvenc: add support for uhq tune 2024-03-31 21:17:11 +02:00
Timo Rothenpieler
77d23bcb1b avcodec/nvenc: add support for lookahead_level 2024-03-31 20:58:27 +02:00
Timo Rothenpieler
64e3fc9069 avcodec/nvenc: add support for HEVC temporal filtering 2024-03-31 20:47:59 +02:00
Timo Rothenpieler
06c2a2c425 avcodec/nvenc: support SDK 12.2 bit depth API 2024-03-31 19:10:49 +02:00
Timo Rothenpieler
43b417d516 avcodec/nvenc: stop using long deprecated format specifiers 2024-03-31 19:10:49 +02:00
Andreas Rheinhardt
199c479b9a avcodec/arm/vp8: Don't discard const
Forgotten in 25e1986e68.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
0e5f71230a avutil/internal: Move avpriv_set_systematic_pal2 decl to imgutils_internal.h
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
888e2c0a85 avutil/hwcontext_vulkan: Include hwcontext.h
struct Foo * declares a new type (namely struct Foo)
if there is no declaration of struct Foo already visible
in the current scope; otherwise it is just a pointer to
an element of the already declared type "struct Foo".
There is a gotcha with the first case:
struct Foo is only declared in its scope; a later declaration
of struct Foo in an enclosing scope declares a different type.

This happens in hwcontext_vulkan.h if it is included before
hwcontext.h, because some declarations of struct AVHWDeviceContext
and struct AVHWFramesContext have function prototype scope.

Compilers warn about this (during checkheaders):
‘struct AVHWDeviceContext’ declared inside parameter list will not
be visible outside of this definition or declaration

Fix this by including hwcontext.h.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
0f78b26e9c avutil/internal: Move FF_MEMORY_POISON to its only user
Namely mem.c.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
8041a91a32 avutil/internal: Move libm inclusion to the beginning
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
e4e6377afc avcodec/arm/mpegvideo_arm: Use static_assert to check offsets
Also move AV_CHECK_OFFSET to its only user, namely
lavc/arm/mpegvideo_arm.c and rename it to CHECK_OFFSET.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
790f793844 avutil/common: Don't auto-include mem.h
There are lots of files that don't need it: The number of object
files that actually need it went down from 2011 to 884 here.

Keep it for external users in order to not cause breakages.

Also improve the other headers a bit while just at it.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:43 +01:00
Andreas Rheinhardt
b616be1649 lib*/version: Use static_assert for static asserts
Also update the checks that guard against inserting
a new enum entry in the middle of a range.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2024-03-31 00:08:42 +01:00