1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

133 Commits

Author SHA1 Message Date
Michael Niedermayer
5ccf296e74 avcodec/h264_direct: Fix overflow in POC comparission
Fixes: runtime error: signed integer overflow: 2147421862 - -33624063 cannot be represented in type 'int'
Fixes: 12885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5733516975800320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-02-20 23:11:41 +01:00
James Almer
bc987cf91d Merge commit '45c4bf3df03ef53ae61fa1473424d4ae024f22e4'
* commit '45c4bf3df03ef53ae61fa1473424d4ae024f22e4':
  h264dec: track the last seen value of x264_build

Merged-by: James Almer <jamrial@gmail.com>
2017-11-08 14:23:48 -03:00
Anton Khirnov
45c4bf3df0 h264dec: track the last seen value of x264_build
Do not use the one in the SEI directly as that is reset at certain
points.

Inspired by patches from Michael Niedermayer <michaelni@gmx.at> and
Anton Mitrofanov <BugMaster@narod.ru>.

CC: libav-stable@libav.org
2017-07-26 23:23:13 +02:00
Ronald S. Bultje
1ddc37051f h264: only assign H264Picture::mbaff for first slice.
The value must be identical between slices, since mbaff depends on
picture_structure and sps, both of which are checked to be identical
to the first slice before this point.

In practice, this silences some tsan warnings in fate-h264.
2017-03-31 08:26:24 -04:00
Michael Niedermayer
a84d610b37 avcodec/h264_direct: Fix runtime error: signed integer overflow: -9 - 2147483647 cannot be represented in type 'int'
Fixes: 864/clusterfuzz-testcase-4774385942528000

See: [FFmpeg-devel] [PATCH 1/2] avcodec/h264_direct: Fix runtime error: signed integer overflow: 2147483647 - -14133 cannot be represented in type 'int'
See: [FFmpeg-devel] [PATCH 2/2] avcodec/h264_direct: Fix runtime error: signed integer overflow: -9 - 2147483647 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-20 01:33:08 +01:00
Michael Niedermayer
a557ae8d52 avcodec/h264_direct: Fix runtime error: signed integer overflow: 2147483647 - -14133 cannot be represented in type 'int'
Fixes: 755/clusterfuzz-testcase-5369072516595712

See: [FFmpeg-devel] [PATCH 1/2] avcodec/h264_direct: Fix runtime error: signed integer overflow: 2147483647 - -14133 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-14 02:23:50 +01:00
Michael Niedermayer
4bd3f1ce3e avcodec/h264_direct: Fix runtime error: left shift of negative value -14
Fixes: 682/clusterfuzz-testcase-4799120021651456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-03-01 14:07:33 +01:00
Anton Khirnov
04763c6f87 h264_direct: use the reference mask from the actual reference
Not from the underlying frame. Fixes races with frame threading in
field-coded files, where decoding would wait for the wrong field (e.g.
random failures in mixed-nal-coding).

Bug-Id: 954
2016-08-11 10:52:54 +02:00
James Almer
8c7932884d Merge commit 'f638b67e5790735f34620bf82025c9b9d6fc7216'
* commit 'f638b67e5790735f34620bf82025c9b9d6fc7216':
  h264: move the parameter set definitions to a new header file

Conflicts:
libavcodec/h264_parse.h
libavcodec/h264_ps.c
libavcodec/h264dec.h

Merged-by: James Almer <jamrial@gmail.com>
2016-08-01 12:58:09 -03:00
Clément Bœsch
15b26e88cb Merge commit '9df889a5f116c1ee78c2f239e0ba599c492431aa'
* commit '9df889a5f116c1ee78c2f239e0ba599c492431aa':
  h264: rename h264.[ch] to h264dec.[ch]

Merged-by: Clément Bœsch <u@pkh.me>
2016-07-29 11:01:36 +02:00
Clément Bœsch
8ef57a0d61 Merge commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb'
* commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb':
  cosmetics: Fix spelling mistakes

Merged-by: Clément Bœsch <u@pkh.me>
2016-06-21 21:55:34 +02:00
Anton Khirnov
f638b67e57 h264: move the parameter set definitions to a new header file
The PS parsing code is independent from the decoder, so it makes more
sense for it to have its own separate header.
2016-06-21 11:13:29 +02:00
Anton Khirnov
9df889a5f1 h264: rename h264.[ch] to h264dec.[ch]
This is more consistent with the naming of other decoders.
2016-06-21 11:11:26 +02:00
Clément Bœsch
5584f019b5 Merge commit '728d90a0c1973661a9e73da697bf4f90c9d19577'
* commit '728d90a0c1973661a9e73da697bf4f90c9d19577':
  h264: decouple h264_sei from the h264 decoder

Main changes:

- SEI decoding doesn't have access to the debug flag in the codec context so a
  few logging are dropped.

- naming of quincunx_sampling_flag and frame_packing_arrangement_type are kept
  as they are in FFmpeg instead of respectively quincunx_subsampling and
  arrangement_type used in Libav because the former match the specifications.

- don't reset the x264 build info once read in order to fix
  fate-h264-lossless (change by Hendrik)

- H264Context.has_recovery_point and deprecated
  AVCodecContext.dtg_active_format are set after ff_h264_sei_decode()
  based on the SEI state since ff_h264_sei_decode() doesn't have access
  to H264Context anymore.

- frame_packing_arrangement_type is not checked against <= 0 in
  decode_postinit() since it is always read as a positive value with
  get_bits(). This fixes a -Wtype-limits warning by GCC spotted by
  Michael.

Side Notes:

- tested that ffprobe on the file from ticket #3652 still returns 4
  keyframes
- tested that playback from ticket #3063 still works

Merged-by: Clément Bœsch <clement@stupeflix.com>
Signed-off-by: Hendrik Leppkes <h.leppkes@gmail.com>
2016-06-18 14:04:55 +02:00
Clément Bœsch
1534ef87c7 Merge commit '3176217c60ca7828712985092d9102d331ea4f3d'
* commit '3176217c60ca7828712985092d9102d331ea4f3d':
  h264: decouple h264_ps from the h264 decoder

Main changes:

- a local GetBitContext is created for the various
  ff_h264_decode_seq_parameter_set() attempts

- just like the old code, remove_sps() is adjusted so it doesn't remove
  the pps.

  Fixes decode with Ticket #631
  http://ffmpeg.org/pipermail/ffmpeg-user/attachments/20111108/dae58f17/attachment.mp4
  but see next point as well.

- ff_h264_update_thread_context() is updated to work even when SPS
  isn't set as it breaks current skip_frame code. This makes sure we
  can still decode the sample from ticket #631 without the need for
  -flags2 +chunks. (Thanks to Michael)

- keep {sps,pps}_ref pointers that stay alive even when the active
  pps/sps get removed from the available lists (patch by michaelni with
  additionnal frees in ff_h264_free_context() from mateo)

- added a check on sps in avpriv_h264_has_num_reorder_frames() to fix
  crashes with mpegts_with_dvbsubs.ts from Ticket #4074
  http://samples.ffmpeg.org/ffmpeg-bugs/trac/ticket4074/mpegts_with_dvbsubs.ts

- in h264_parser.c:h264_parse(), after the ff_h264_decode_extradata() is
  called, the pps and sps from the local parser context are updated with
  the pps and sps from the used h264context. This fixes fate-flv-demux.

- in h264_slice.c, "PPS changed between slices" error is not triggered
  anymore in one condition as it makes fate-h264-xavc-4389 fails with
  THREADS=N (Thanks to Michael)

Merged-by: Clément Bœsch <clement@stupeflix.com>
Merged-by: Michael Niedermayer <michael@niedermayer.cc>
Merged-by: Matthieu Bouron <matthieu.bouron@stupeflix.com>
2016-06-12 13:26:52 +02:00
Vittorio Giovara
41ed7ab45f cosmetics: Fix spelling mistakes
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2016-05-04 18:16:21 +02:00
Anton Khirnov
728d90a0c1 h264: decouple h264_sei from the h264 decoder
Make the SEI parsing independent of the H264Context, to allow
decoupling the parser from the decoder.
2016-04-24 10:06:24 +02:00
Anton Khirnov
3176217c60 h264: decouple h264_ps from the h264 decoder
Make the SPS/PPS parsing independent of the H264Context, to allow
decoupling the parser from the decoder. The change is modelled after the
one done earlier for HEVC.

Move the dequant buffers to the PPS to avoid complex checks whether they
changed and an expensive copy for frame threads.
2016-04-24 10:06:23 +02:00
Michael Niedermayer
77a644e6fa avcodec/h264_direct: Check CO-POCs before use
Fixes harmless integer overflow
Fixes mozilla bug 1230286

Found-by: Tyson Smith
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2015-12-04 01:55:11 +01:00
Michael Niedermayer
d8151a7e94 Merge commit 'a12d3188cbec15e22070e139fa5cc541da07e2c3'
* commit 'a12d3188cbec15e22070e139fa5cc541da07e2c3':
  h264: use a smaller struct for the ref lists

Conflicts:
	libavcodec/h264_direct.c
	libavcodec/h264_mb.c
	libavcodec/h264_picture.c
	libavcodec/h264_refs.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 23:05:34 +01:00
Michael Niedermayer
48d00b527b Merge commit 'd27b8248a6ee7e64c68c46c23e00d703b9caa50c'
* commit 'd27b8248a6ee7e64c68c46c23e00d703b9caa50c':
  h264_direct: constify all uses of H264Context

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 17:13:56 +01:00
Michael Niedermayer
d76559fb5f Merge commit 'd4d9068cdf8f4b2b87ae87a2ef880d243f77b977'
* commit 'd4d9068cdf8f4b2b87ae87a2ef880d243f77b977':
  h264: move mb_{x,y} into the per-slice context

Conflicts:
	libavcodec/h264.c
	libavcodec/h264_cavlc.c
	libavcodec/h264_mb.c
	libavcodec/h264_slice.c
	libavcodec/svq3.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 16:46:15 +01:00
Michael Niedermayer
668c65e7e7 Merge commit '0edbe6faa7ef80daf0e84353cbe733389bf1a522'
* commit '0edbe6faa7ef80daf0e84353cbe733389bf1a522':
  h264: move mb_xy into the per-slice context

Conflicts:
	libavcodec/h264.c
	libavcodec/h264_cabac.c
	libavcodec/svq3.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 16:18:29 +01:00
Michael Niedermayer
cc2cfdc497 Merge commit '95eb35f30513e335990ad0d5dca6ddc318477291'
* commit '95eb35f30513e335990ad0d5dca6ddc318477291':
  h264: move the ref lists variables into the per-slice context

Conflicts:
	libavcodec/h264.c
	libavcodec/h264.h
	libavcodec/h264_cabac.c
	libavcodec/h264_cavlc.c
	libavcodec/h264_direct.c
	libavcodec/h264_mb.c
	libavcodec/h264_picture.c
	libavcodec/h264_refs.c
	libavcodec/h264_slice.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 15:18:10 +01:00
Michael Niedermayer
27b3522ba3 Merge commit '7747726667c86877feed30c9e18460cb8e63f551'
* commit '7747726667c86877feed30c9e18460cb8e63f551':
  h264: move map_col_to_list0[_field] into the per-slice context

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:46:23 +01:00
Michael Niedermayer
bd76a4822f Merge commit 'ee0d774dfa94655e44707ff3e02f4a4d282c1963'
* commit 'ee0d774dfa94655e44707ff3e02f4a4d282c1963':
  h264: move dist_scale_factor[_field] into the per-slice context

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:39:49 +01:00
Michael Niedermayer
20477a4ecb Merge commit 'be69f0a800903b7573b18d9287d18b2f368b8b11'
* commit 'be69f0a800903b7573b18d9287d18b2f368b8b11':
  h264: move col_{parity,fieldoff} into the per-slice context

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:39:32 +01:00
Michael Niedermayer
a8ac4c9b06 Merge commit '066aafced4dc6c7c9e7b37082635472249f1e93e'
* commit '066aafced4dc6c7c9e7b37082635472249f1e93e':
  h264: move direct_spatial_mv_pred into the per-slice context

Conflicts:
	libavcodec/h264_mvpred.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:38:59 +01:00
Michael Niedermayer
4ffbeddd35 Merge commit 'ed451a08a46b2b07fd2dba3e55ffddd18ae6e3d6'
* commit 'ed451a08a46b2b07fd2dba3e55ffddd18ae6e3d6':
  h264: move sub_mb_type into the per-slice context

Conflicts:
	libavcodec/h264_cabac.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:37:55 +01:00
Michael Niedermayer
97c8ecaada Merge commit '56febc993b928ccc039a32158ca60b234c311875'
* commit '56febc993b928ccc039a32158ca60b234c311875':
  h264: move the slice type variables into the per-slice context

Conflicts:
	libavcodec/h264.c
	libavcodec/h264_cabac.c
	libavcodec/h264_cavlc.c
	libavcodec/h264_slice.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:30:19 +01:00
Michael Niedermayer
f1436a7f96 Merge commit 'e6287f077c3e8e4aca11e61dd4bade1351439e6b'
* commit 'e6287f077c3e8e4aca11e61dd4bade1351439e6b':
  h264: move {mv,ref}_cache into the per-slice context

Conflicts:
	libavcodec/h264_cabac.c
	libavcodec/h264_mb.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-03-21 14:06:30 +01:00
Anton Khirnov
a12d3188cb h264: use a smaller struct for the ref lists
There is no need to store a whole H264Picture, with a full AVFrame
embedded in it. This should allow getting rid of the embedded AVFrame
later.
2015-03-21 11:27:16 +01:00
Anton Khirnov
d27b8248a6 h264_direct: constify all uses of H264Context
All the variables modified by this code are either per-MB arrays or have
been moved to the per-slice context
2015-03-21 11:27:14 +01:00
Anton Khirnov
d4d9068cdf h264: move mb_{x,y} into the per-slice context 2015-03-21 11:27:14 +01:00
Anton Khirnov
0edbe6faa7 h264: move mb_xy into the per-slice context 2015-03-21 11:27:14 +01:00
Anton Khirnov
95eb35f305 h264: move the ref lists variables into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
7747726667 h264: move map_col_to_list0[_field] into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
ee0d774dfa h264: move dist_scale_factor[_field] into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
be69f0a800 h264: move col_{parity,fieldoff} into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
066aafced4 h264: move direct_spatial_mv_pred into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
ed451a08a4 h264: move sub_mb_type into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
56febc993b h264: move the slice type variables into the per-slice context 2015-03-21 11:27:13 +01:00
Anton Khirnov
e6287f077c h264: move {mv,ref}_cache into the per-slice context 2015-03-21 11:27:13 +01:00
Michael Niedermayer
66d79aa2e1 Merge commit '9abc80f1ed673141326341e26a05c3e1f78576d0'
* commit '9abc80f1ed673141326341e26a05c3e1f78576d0':
  libavcodec: Make use of av_clip functions

Conflicts:
	libavcodec/takdec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2015-02-21 11:27:24 +01:00
Peter Meerwald
9abc80f1ed libavcodec: Make use of av_clip functions
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2015-02-21 00:54:40 +01:00
Michael Niedermayer
dc021a0218 Merge commit 'c39059bea3adebcd888571d1181db215eee54495'
* commit 'c39059bea3adebcd888571d1181db215eee54495':
  h264: Fix direct temporal mvs for bottom-field-first poc order

Conflicts:
	libavcodec/h264_direct.c

See: ebd1c505d2
Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-07-21 02:16:13 +02:00
Ronald S. Bultje
c39059bea3 h264: Fix direct temporal mvs for bottom-field-first poc order
Such files can be created using the --bff x264 option.

Sample-Id: h264_direct_temporal_mvs_bff.mkv
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2014-07-20 23:32:13 +01:00
Michael Niedermayer
5fce29ef29 Merge commit '2db953f84671997e936f91140ffb5143c1537844'
* commit '2db953f84671997e936f91140ffb5143c1537844':
  h264: K&R formatting cosmetics

Conflicts:
	libavcodec/h264.c
	libavcodec/h264_direct.c
	libavcodec/h264_slice.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-07-17 14:00:01 +02:00
Michael Niedermayer
b884599f6a Merge commit 'a11ef610eec5241e226efbd1c5bb5eb45c88d2c2'
* commit 'a11ef610eec5241e226efbd1c5bb5eb45c88d2c2':
  h264: Remove some commented-out, broken cruft

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-07-17 13:50:31 +02:00
Luca Barbato
2db953f846 h264: K&R formatting cosmetics
Signed-off-by: Diego Biurrun <diego@biurrun.de>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2014-07-17 03:05:24 -07:00