1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-07 11:13:41 +02:00
Commit Graph

100067 Commits

Author SHA1 Message Date
Michael Niedermayer
b33233bd53 avformat/icodec: Check for zero streams and stream creation failure
Fixes: NULL pointer dereference
Fixes: 26814/clusterfuzz-testcase-minimized-ffmpeg_dem_ICO_fuzzer-5758487797432320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-13 17:46:47 +01:00
Michael Niedermayer
27ee67c00f avformat/icodec: Factor failure code out in read_header()
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-13 17:46:47 +01:00
James Almer
f9eec62983 avcodec/nvdec_av1: fix setting film grain parameters for frames with update_grain == 0
The spec in section 6.8.20 states the parameters should be loaded from a
reference frame indexed by film_grain_params_ref_idx.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-13 10:38:18 -03:00
James Almer
5d4a6bbd4b avcodec/av1dec: remove order_hint from AV1Frame
We now have access to the raw frame header, so use that

Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-13 10:38:18 -03:00
James Almer
f5517be32a avcodec/av1dec: add a reference to the raw frame header to AV1Frames
Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-13 10:38:18 -03:00
Hendrik Leppkes
8f4aec719e avcodec/dxva2: add AV1 decode support
Signed-off-by: Hendrik Leppkes <h.leppkes@gmail.com>
2020-11-12 15:55:16 +01:00
Martin Storsjö
3fcfde2cea aviobuf: Increase the default SHORT_SEEK_THRESHOLD to 32 KB
The previous threshold, 4 KB, maybe was reasonable when it was set
(in 2010), but in today's settings and with typical network speeds
and data sizes, it's pretty small. 32 KB probably is a more reasonable
default now, regardless of input.

This changes the test references for two seek tests.

When using the normal seek function, which boils down to the lseek(2)
function, a seek to an out of bounds position doesn't return an error,
but that condition is only reported when doing the subsequent read
(which returns EOF). When doing more seeks by fast forwarding, the
fact that the seeked to destination is out of bounds is noticed and
reported sooner in these cases.

Signed-off-by: Martin Storsjö <martin@martin.st>
2020-11-12 14:05:43 +02:00
Andreas Rheinhardt
454bee5be0 avcodec/adpcmenc: Fix leak of trellis buffer with ADPCM_IMA_AMV
Fixes Coverity ID 1469181.

Reviewed-by: Zane van Iperen <zane@zanevaniperen.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-12 07:23:06 +01:00
Timo Rothenpieler
ac5b45abab avcodec/nvdec: add av1 hwaccel
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Co-authored-by: James Almer <jamrial@gmail.com>
2020-11-11 18:36:09 +01:00
Timo Rothenpieler
72982f8cb5 avcodec/nvdec: add support for separate reference frame
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
2020-11-11 18:36:09 +01:00
Timo Rothenpieler
5868f1c66b avcodec/av1dec: expose coded_lossless
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Co-authored-by: James Almer <jamrial@gmail.com>
2020-11-11 18:36:09 +01:00
Timo Rothenpieler
e1efff8906 avcodec/av1dec: expose skip mode frame index
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Co-authored-by: James Almer <jamrial@gmail.com>
2020-11-11 18:36:09 +01:00
Michael Niedermayer
f6dc285fb5 avformat/bintext: Check width
Fixes: division by 0
Fixes: 26780/clusterfuzz-testcase-minimized-ffmpeg_dem_ADF_fuzzer-5117945027756032
Fixes: 26998/clusterfuzz-testcase-minimized-ffmpeg_dem_ADF_fuzzer-5119352359354368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-11 17:05:24 +01:00
Michael Niedermayer
9ef60a66f1 avformat/sbgdec: Check that end is not before start
Fixes: signed integer overflow: -9223372036854775808 + -5279949906739200 cannot be represented in type 'long'
Fixes: 26908/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6329610851319808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-11 17:05:24 +01:00
James Almer
a876bc9c17 avcodec/cbs_av1: add a range check to tg_end
Section 6.10.1 of the AV1 spec states:

It is a requirement of bitstream conformance that the value of tg_start is
equal to the value of TileNum at the point that tile_group_obu is invoked.
It is a requirement of bitstream conformance that the value of tg_end is
greater than or equal to tg_start.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-11 10:23:01 -03:00
James Almer
ddb0e4fecd avcodec/cbs_av1: infer ref_order_hint when not coded in the bitstream
Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-11 10:17:24 -03:00
Limin Wang
89429cf2f2 avformat/rtspdec: return proper error code
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Limin Wang
aa1fab6934 avformat/rtsp: check return value of ffurl_read_complete
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Limin Wang
001ccbc5cc avformat/rtsp: prefer to use variable instead of type
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Limin Wang
9e2872bc67 avformat/rtspdec: use SDP_MAX_SIZE for sdp array
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Limin Wang
33f6bb7828 avformat/rtsp: move SDP_MAX_SIZE macro definition to header file
move comments for the size of SDP_MAX_SIZE here:
Some SDP lines, particularly for Realmedia or ASF RTSP streams,
contain long SDP lines containing complete ASF Headers (several
kB) or arrays of MDPR (RM stream descriptor) headers plus
"rulebooks" describing their properties. Therefore, the SDP line
buffer is large.
The Vorbis FMTP line can be up to 16KB - see xiph_parse_sdp_line
in rtpdec_xiph.c.

Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Limin Wang
5439460016 avformat/rtsp: 16384 -> SDP_MAX_SIZE
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-11 18:32:56 +08:00
Michael Niedermayer
b1d99ab14f avformat/lvfdec: Check stream_index before use
Fixes: assertion failure
Fixes: 26905/clusterfuzz-testcase-minimized-ffmpeg_dem_LVF_fuzzer-5724267599364096.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-10 16:37:37 +01:00
Michael Niedermayer
d16974c3dd avformat/au: cleanup on EOF return in au_read_annotation()
Fixes: memleak
Fixes: 26841/clusterfuzz-testcase-minimized-ffmpeg_dem_AU_fuzzer-5174166309044224
Regression since: e680d50eb4
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-10 16:37:37 +01:00
Thierry Foucu
1c57b8ae3b libavformat/avidec: Extract more metadata from the header
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-10 16:37:37 +01:00
Paul B Mahol
ee4a046540 avfilter/af_asoftclip: add oversampling support 2020-11-10 15:25:18 +01:00
Andreas Rheinhardt
7e8306dd2d avcodec/gdv: Remove dead check
At the end of its decode function, the decoder sets *got_frame to 1 and
then checks whether ret is < 0; if so, it is returned, otherwise
avpkt->size is. But it is impossible for ret to be < 0 here and if it
were, it would be nonsense to set *got_frame to 1 before this. Therefore
just return avpkt->size unconditionally.

Fixes Coverity issue #1439730.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-10 02:14:29 +01:00
James Almer
d2dcb113f8 avcodec/utils: clear the packet props queue on flushing
This ensures no queued timestamps or side data are kept and used after
seeking, preventing potential desyncs.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-11-09 15:57:56 -03:00
Zane van Iperen
5c7823ff1c
Changelog: add amv muxer & encoder
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 15:16:03 +10:00
Zane van Iperen
a2fea0f469
avformat: add amv muxer
AMV is a hard-coded (and broken) subset of AVI. It's not worth sullying
the existing AVI muxer with its filth.

Fixes ticket #747.

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 14:58:38 +10:00
Zane van Iperen
555f5c1fc5
avcodec: add adpcm_ima_amv encoder
Fixes ticket #747.

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 14:58:38 +10:00
Zane van Iperen
8903cb3c15
avcodec/adpcm_ima_amv: document header format
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 14:58:37 +10:00
Zane van Iperen
50d3a751aa
avcodec/adpcm_ima_amv: use coded sample count
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 14:58:37 +10:00
Zane van Iperen
d6912294d3
avcodec/adpcm_ima_amv: restrict to 1 channel
The format doesn't allow for anything else.

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-09 14:58:30 +10:00
OvchinnikovDmitrii
2fb764e1f3 lavc/amfenc: Add hardware config metadata
Without this metadata section the ffmpeg utility thinks that the AMF encoder
does not support input from D3D11 and DXVA2 hardware surfaces, causing
hardware pipelines to fail.

Fixes #8953.
2020-11-08 19:05:17 +00:00
Mark Thompson
cd322794ee lavc: Mark hw_config pointer arrays as const
They are read-only just like the HWConfig structures they point to.
2020-11-08 18:54:42 +00:00
Michael Niedermayer
8fbcc546b8 tools/target_dem_fuzzer: Consider it an EIO when reading position wraps around 64bit
Fixes: signed integer overflow: 9223372036854775807 + 564 cannot be represented in type 'long'
Fixes: 26494/clusterfuzz-testcase-minimized-ffmpeg_dem_VOC_fuzzer-576754158849228
Fixes: 26549/clusterfuzz-testcase-minimized-ffmpeg_dem_AVS_fuzzer-4844306424397824
FIxes: 26875/clusterfuzz-testcase-minimized-ffmpeg_dem_C93_fuzzer-5996226782429184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-07 20:50:33 +01:00
Michael Niedermayer
79cf7c7191 avformat/mpegts: Limit copied data to space
Fixes: out of array access
Fixes: 26816/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTSRAW_fuzzer-6282861159907328.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Marton Balint <cus@passwd.hu>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-11-07 20:10:51 +01:00
Zane van Iperen
406879f49c
avcodec/adpcm_ima_swf: fix frame size to 4096
SWF File Format Specification, Version 19 says this is 1 raw
sample + 4095 nibbles.

https://www.adobe.com/content/dam/acom/en/devnet/pdf/swf-file-format-spec.pdf

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-07 23:43:26 +10:00
Zane van Iperen
45d45c8ec5
Revert "avcodec/adpcm_swf: support decoding multiple fixed-sized blocks at once"
Is incorrect behaviour. Was covering for an encoder bug where it produced frames
of the wrong size.

This reverts commit e9dd73d30d.

Fixes: out of array write
Fixes: 26821/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_SWF_fuzzer-5764465137811456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg

Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
2020-11-07 23:43:02 +10:00
Omar Emara
04b37b5d7f avdevice/xcbgrab: Add select_region option
This patch adds a select_region option to the xcbgrab input device.
If set to 1, the user will be prompted to select the grabbing area
graphically by clicking and dragging. A rectangle will be drawn to
mark the grabbing area. A single click with no dragging will select
the whole screen. The option overwrites the video_size, grab_x, and
grab_y options if set by the user.

For testing, just set the select_region option as follows:

ffmpeg -f x11grab -select_region 1 -i :0.0 output.mp4

The drawing happens directly on the root window using standard rubber
banding techniques, so it is very efficient and doesn't depend on any
X extensions or compositors.

Reviewed-by: Andriy Gelman <andriy.gelman@gmail.com>
Signed-off-by: Omar Emara <mail@OmarEmara.dev>
2020-11-06 23:25:13 -05:00
Limin Wang
c8101aabee avformat/rtsp: support infinite initial_timeout for rtsp option
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-07 10:13:29 +08:00
Limin Wang
06aab9790d fate/filter-video: add 10bit test for unsharp filter
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-07 10:09:59 +08:00
Limin Wang
a51767c9b3 avfilter/vf_unsharp: add more pixel format support
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-07 10:09:59 +08:00
Limin Wang
ee792ebe08 avfilter/vf_unsharp: add 10bit support
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-11-07 10:09:59 +08:00
Andreas Rheinhardt
0302728c9e avcodec/truemotion2: Allocate buffers together
Reduces the number of allocations and frees.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-06 13:57:49 +01:00
Andreas Rheinhardt
fa1d105a6c avcodec/truemotion2: Cleanup generically on init failure
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-06 13:57:49 +01:00
Andreas Rheinhardt
52cd5508cc avcodec/truemotion2: Remove redundant initializations
The codec's private context has already been zeroed generically.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-06 13:57:49 +01:00
Andreas Rheinhardt
9eb22ca804 avcodec/truemotion2: Replace av_free() by av_freep() in AVCodec.close
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-06 13:57:49 +01:00
Andreas Rheinhardt
992adc8aaf avcodec/sonic: Don't allocate a temporary buffer for every frame
Instead allocate it together with the buffer that it mirrors.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-11-06 13:57:49 +01:00