Refcount all of the context information. This also fixes a potential
segmentation fault when accessing freed memory (buffer returned after
the codec has been closed).
Tested-by: Jorge Ramirez-Ortiz <jorge.ramirez.ortiz@gmail.com>
Fixes: runtime error: signed integer overflow: -1094995529 * 2 cannot be represented in type 'int'
Fixes: 4828/clusterfuzz-testcase-minimized-5100849937252352
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* commit 'cbe28bc069dde1d53d937ee10700bb123279c7c8':
qsv: better to use alignment by 16 and HEVC 10b requires alignment by 32
Merged-by: Mark Thompson <sw@jkqxz.net>
* commit '34c113335b53d83ed343de49741f0823aa1f8cc6':
Add support for H.264 and HEVC hardware encoding for AMD GPUs based on AMF SDK
Most of this was already present from 9ea6607d294526688ab1b1342cb36ee159683e88,
this just applies some minor fixups and adds the general documentation.
Merged-by: Mark Thompson <sw@jkqxz.net>
add missing struct MpegEncContext, use make checkheaders
found this warning.
Signed-off-by: Jun Zhao <jun.zhao@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 2146276249 + 1487583 cannot be represented in type 'int'
Fixes: 4823/clusterfuzz-testcase-minimized-4551896611160064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 2147483520 + 128 cannot be represented in type 'int'
Fixes: 4800/clusterfuzz-testcase-minimized-6110372403609600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Functionally identical to the old code, with less lines wasted.
Partially fixes the complete disregard for the 80 col/line guide.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
The encoder didn't clean up if a malloc failed during init.
It also doesn't need any external tables to be initialized on init.
Finally, it didn't need to check for whether avctx->priv_data exists during
uninit.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
The twoloop coder sounds decent at low bitrates, however at higher bitrates
it sounds worse than the fast coder (which used to be the old twoloop coder
before October 2015) and needs quite a lot more CPU.
Change the default to fast. It has been well tested and has had little changes
over the years so its been confirmed to be quite stable.
Also change its description (not valid for more than a year) and the
documentation.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Resulting bitstream was tested with a conformance checker
using the last draft of FFV1 specifications.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Also the files are already in the wild, and decoder support is
thus needed. And with decoders widely supporting it, there is no
advantage in not allowing it in the encoder.
The exact bitstream format may change in future versions of the
spec, if improvments are found.
AVX-512 support has been introduced, and even if no functions currently
use zmm registers (able to load as much as 64 bytes of consecutive data
per instruction), they will be added eventually.
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
Fixes: signed integer overflow: 512 + 2147483491 cannot be represented in type 'int'
Fixes: 4780/clusterfuzz-testcase-minimized-4709066174627840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 4830/clusterfuzz-testcase-minimized-5255392054476800
Fixes: signed integer overflow: 2147483646 - -7 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2 + 2147483646 cannot be represented in type 'int'
Fixes: 4792/clusterfuzz-testcase-minimized-6322450775146496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 46802 * -71230 cannot be represented in type 'int'
Fixes: 4756/clusterfuzz-testcase-minimized-4812495563784192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: null pointer dereference
Fixes: 4698/clusterfuzz-testcase-minimized-5096956322906112
This testcase does not reproduce the issue before 03b82b3ab9883cef017e513c7d0b3b986b3b3e7b
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Using the new API gives the decoder the ability to produce
N frames per input packet. This is particularly useful with
mpeg2 decoders on some android devices, which automatically
deinterlace video and produce one frame per field.
Signed-off-by: Aman Gupta <aman@tmm1.net>
Signed-off-by: Matthieu Bouron <matthieu.bouron@gmail.com>
This patch is taking care of https://trac.ffmpeg.org/ticket/6834.
It seems that one of the control operations that was available to get
the free decoders input slots was removed.
There is another control operation to retrieve the used slots. Given
that the input slot count is hardcoded to 4 in mpp at this point,
replacing the old control operation by the other one.
This was tested on Rockchip ROCK64.
Signed-off-by: wm4 <nfxjfg@googlemail.com>
Fixes: signed integer overflow: 1024 + 2147483640 cannot be represented in type 'int'
Fixes: 4671/clusterfuzz-testcase-minimized-6027464343027712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Requires AMF headers for at least version 1.4.4.1.
Signed-off-by: Mikhail Mironov <mikhail.mironov@amd.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
This fixes#6940
Although undocumented, AudioToolbox seems to require the data supplied
by the callback (i.e. ffat_encode_callback) being unchanged until the
next time the callback is called. In the old implementation, the
AVBuffer backing the frame is recycled after the frame is freed, and
somebody else (maybe the decoder) will write into the AVBuffer and
change the data. AudioToolbox then encodes some wrong data and noise
is produced. Retaining a frame reference solves this problem.
Signed-off-by: James Almer <jamrial@gmail.com>
Fixes: Out of heap array read
Fixes: 4683/clusterfuzz-testcase-minimized-6152313673613312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2 * 1629495328 cannot be represented in type 'int'
Fixes: 4716/clusterfuzz-testcase-minimized-5835915940331520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of negative value -1
Fixes: 4690/clusterfuzz-testcase-minimized-6117482428366848
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: shift exponent 32 is too large for 32-bit type 'unsigned int'
Fixes: 4688/clusterfuzz-testcase-minimized-6572210748653568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
