1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-08 13:22:53 +02:00
Commit Graph

116704 Commits

Author SHA1 Message Date
Michael Niedermayer
2f7aaa33e7
avcodec/aac/aacdec_lpd: Check kv indec
Fixes: index 9 out of bounds for type 'uint32_t [8][8]'
Fixes: 70363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-6723855293415424.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:15 +02:00
Michael Niedermayer
ae20be8b5d
avcodec/aac/aacdec_usac: Dont leave invalid max_sfb in the context
Fixes: out of array read
Fixes: 70363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-6723855293415424.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:15 +02:00
Michael Niedermayer
d52fabaec0
avcodec/hevc/hevcdec: avoid signed shifts with lt_idx_sps
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 70122/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5172200613675008

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:14 +02:00
Michael Niedermayer
419eee6356
avcodec/proresdec: Consider negative bits left
Fixes: 70036/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_fuzzer-6298797647396864
Fixes: shift exponent 40 is too large for 32-bit type 'uint32_t' (aka 'unsigned int')

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:14 +02:00
Michael Niedermayer
6194cb87cb
avcodec/alsdec: Clear shift_value
(the exact issue is unreproducable but the use of uninitialized data is reproducable)

Should fix: signed integer overflow: -2147483648 - 127 cannot be represented in type 'int'
Should fix: 69881/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-4751301204836352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:14 +02:00
Michael Niedermayer
5d9544cfb0
avcodec/hevc/hevcdec: Do not allow slices to depend on failed slices
An alternative would be to leave the context unchanged on failure of hls_slice_header()

Fixes: out of array access
Fixes: NULL pointer dereference
Fixes: 69584/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5931086299856896
Fixes: 69724/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5104066422702080
Fixes: 70422/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5908731129298944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:13 +02:00
Michael Niedermayer
586f6fda1d
avformat/mov: add an EOF check in IPRP
Fixes: Timeout
Fixes: 69230/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-6540512101203968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-23 23:21:13 +02:00
Michael Niedermayer
55af81b5a4
Revert "avformat/udp: Fix temporary buffer race"
This is not needed

This reverts commit 7b2f67ea77.
2024-07-23 23:21:13 +02:00
Martin Storsjö
4acb9b7d10 aarch64: vvc: Fix unnecessary extra spaces
Signed-off-by: Martin Storsjö <martin@martin.st>
2024-07-23 16:04:28 +03:00
Martin Storsjö
99598629e8 aarch64: vvc: Consistently use # for immediate constants
Signed-off-by: Martin Storsjö <martin@martin.st>
2024-07-23 15:24:37 +03:00
Martin Storsjö
400843151d aarch64: vvc: Fix compilation of alf.S with MSVC 2022 17.7 and older
Use the "ldur" instruction explicitly, instead of having the
assembler implicitly convert "ldr" instructions to "ldur".

This fixes build errors like these:

libavcodec\aarch64\vvc\alf.o.asm(1023) : error A2518: operand 2: Memory offset must be aligned
        ldr             q22, [x3, #24]
libavcodec\aarch64\vvc\alf.o.asm(1024) : error A2518: operand 2: Memory offset must be aligned
        ldr             q24, [x2, #24]
libavcodec\aarch64\vvc\alf.o.asm(1393) : error A2518: operand 2: Memory offset must be aligned
        ldr             q22, [x3, #24]
libavcodec\aarch64\vvc\alf.o.asm(1394) : error A2518: operand 2: Memory offset must be aligned
        ldr             q24, [x2, #24]

Signed-off-by: Martin Storsjö <martin@martin.st>
2024-07-23 15:24:33 +03:00
aaron
53d0f9afb4 avcodec/electronicarts: decode framerate
Reviewed-by: Peter Ross <pross@xvid.org>
2024-07-23 06:40:30 +10:00
aaron
f44353cfb6 avcodec/adpcm: Mono ADPCM for EA WVE Files
Reviewed-by: Peter Ross <pross@xvid.org>
2024-07-23 06:40:30 +10:00
Rémi Denis-Courmont
0e32192548 lavu/riscv: do not fallback to AT_HWCAP auxillary vector
If __riscv_hwprobe() fails, then the kernel version is presumably too
old. There is not much point falling back to the auxillary vector.

- The Linux kernel requires I, so the flag is always set on Linux, and
  run-time detection is unnecessary. Our RISC-V assembler does anyway not
  support targets without I.

- Linux can compile with or without F and D, but it cannot perform
  run-time detection for them (a kernel with F support will not boot a
  processor without F). The run-time detection is thus useless in that
  case. Besides F and D extensions are used throughout the C code, so
  their run-time detection would not be practical.

- Support for V was added in a later kernel version than riscv_hwprobe(),
  so the system call will always be available if the kernel supports V.
  The only exception would be vendor kernel forks, but those are known to
  haphasardly pretend to support V on systems without actual V support, or
  with only pre-ratification binary-incompatible version. Furthermore, a
  large chunk of our optimisations require Zba and/or Zbb which cannot be
  detected with HWCAP in those kernels.

For what it is worth, OpenJDK already took a similar action. Note that this
keeps AT_HWCAP usage for platforms with neither C run-time <sys/hwprobe.h>
nor kernel <asm/hwprobe.h>, notably kernels other than Linux.
2024-07-22 19:43:51 +03:00
Zhao Zhili
2d4ef304c9 avcodec/vvc: Add aarch64 neon optimization for ALF
vvc_alf_filter_chroma_4x4_8_c: 3.0
vvc_alf_filter_chroma_4x4_8_neon: 1.0
vvc_alf_filter_chroma_4x4_10_c: 2.7
vvc_alf_filter_chroma_4x4_10_neon: 1.0
vvc_alf_filter_chroma_4x4_12_c: 2.7
vvc_alf_filter_chroma_4x4_12_neon: 1.0
vvc_alf_filter_chroma_8x8_8_c: 10.2
vvc_alf_filter_chroma_8x8_8_neon: 3.0
vvc_alf_filter_chroma_8x8_10_c: 10.0
vvc_alf_filter_chroma_8x8_10_neon: 2.5
vvc_alf_filter_chroma_8x8_12_c: 10.0
vvc_alf_filter_chroma_8x8_12_neon: 2.5
vvc_alf_filter_chroma_16x16_8_c: 41.7
vvc_alf_filter_chroma_16x16_8_neon: 11.2
vvc_alf_filter_chroma_16x16_10_c: 39.0
vvc_alf_filter_chroma_16x16_10_neon: 10.0
vvc_alf_filter_chroma_16x16_12_c: 40.2
vvc_alf_filter_chroma_16x16_12_neon: 10.2
vvc_alf_filter_chroma_32x32_8_c: 162.0
vvc_alf_filter_chroma_32x32_8_neon: 45.0
vvc_alf_filter_chroma_32x32_10_c: 155.5
vvc_alf_filter_chroma_32x32_10_neon: 39.5
vvc_alf_filter_chroma_32x32_12_c: 155.5
vvc_alf_filter_chroma_32x32_12_neon: 40.0
vvc_alf_filter_chroma_64x64_8_c: 646.0
vvc_alf_filter_chroma_64x64_8_neon: 175.5
vvc_alf_filter_chroma_64x64_10_c: 708.2
vvc_alf_filter_chroma_64x64_10_neon: 166.7
vvc_alf_filter_chroma_64x64_12_c: 619.2
vvc_alf_filter_chroma_64x64_12_neon: 157.2
vvc_alf_filter_chroma_128x128_8_c: 2611.5
vvc_alf_filter_chroma_128x128_8_neon: 698.2
vvc_alf_filter_chroma_128x128_10_c: 2470.0
vvc_alf_filter_chroma_128x128_10_neon: 616.0
vvc_alf_filter_chroma_128x128_12_c: 2531.5
vvc_alf_filter_chroma_128x128_12_neon: 620.2
vvc_alf_filter_luma_8x8_8_c: 25.2
vvc_alf_filter_luma_8x8_8_neon: 4.2
vvc_alf_filter_luma_8x8_10_c: 18.5
vvc_alf_filter_luma_8x8_10_neon: 4.0
vvc_alf_filter_luma_8x8_12_c: 19.0
vvc_alf_filter_luma_8x8_12_neon: 4.0
vvc_alf_filter_luma_16x16_8_c: 106.5
vvc_alf_filter_luma_16x16_8_neon: 16.2
vvc_alf_filter_luma_16x16_10_c: 75.2
vvc_alf_filter_luma_16x16_10_neon: 14.7
vvc_alf_filter_luma_16x16_12_c: 79.7
vvc_alf_filter_luma_16x16_12_neon: 14.7
vvc_alf_filter_luma_32x32_8_c: 400.5
vvc_alf_filter_luma_32x32_8_neon: 63.2
vvc_alf_filter_luma_32x32_10_c: 299.2
vvc_alf_filter_luma_32x32_10_neon: 57.7
vvc_alf_filter_luma_32x32_12_c: 299.2
vvc_alf_filter_luma_32x32_12_neon: 57.7
vvc_alf_filter_luma_64x64_8_c: 1602.5
vvc_alf_filter_luma_64x64_8_neon: 251.7
vvc_alf_filter_luma_64x64_10_c: 1197.0
vvc_alf_filter_luma_64x64_10_neon: 235.5
vvc_alf_filter_luma_64x64_12_c: 1220.2
vvc_alf_filter_luma_64x64_12_neon: 235.7
vvc_alf_filter_luma_128x128_8_c: 6570.2
vvc_alf_filter_luma_128x128_8_neon: 1007.7
vvc_alf_filter_luma_128x128_10_c: 4822.7
vvc_alf_filter_luma_128x128_10_neon: 936.2
vvc_alf_filter_luma_128x128_12_c: 4791.2
vvc_alf_filter_luma_128x128_12_neon: 938.5

Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
2024-07-22 21:09:56 +08:00
ha7sh17
172da370e7 doc/filters: fix outpad labels in libvmaf_cuda example 2024-07-22 13:00:04 +05:30
Rémi Denis-Courmont
9135dffd17 lavc/h264dsp: reduce spills in R-V V idct_add16 2024-07-21 22:39:45 +03:00
Rémi Denis-Courmont
245f76ad74 lavc/h264dsp: reuse the R-V V IDCT DC add functions
This reuses the DC bypass functions from the multiple IDCT functions, to
leverage vector code.

As an added bonus, the caller functions can now rely on the callee functions
to preserve their parameters, thus cutting down on stack spills.
2024-07-21 22:39:45 +03:00
Rémi Denis-Courmont
0a5b5bae89 lavc/h264dsp: correct VL and LMUL in idct_dc_add
T-Head C908 (cycles):
h264_idct4_dc_add_8bpp_c:        94.7
h264_idct4_dc_add_8bpp_rvv_i32:  55.0 (before)
h264_idct4_dc_add_8bpp_rvv_i32:  34.5 (after)
h264_idct4_dc_add_9bpp_c:        94.7
h264_idct4_dc_add_9bpp_rvv_i32:  43.5 (before)
h264_idct4_dc_add_9bpp_rvv_i32:  38.2 (after)
h264_idct4_dc_add_10bpp_c:       94.7
h264_idct4_dc_add_10bpp_rvv_i32: 43.5 (before)
h264_idct4_dc_add_10bpp_rvv_i32: 38.2 (after)
h264_idct4_dc_add_12bpp_c:       94.7
h264_idct4_dc_add_12bpp_rvv_i32: 43.7 (before)
h264_idct4_dc_add_12bpp_rvv_i32: 38.5 (after)
h264_idct4_dc_add_14bpp_c:       94.7
h264_idct4_dc_add_14bpp_rvv_i32: 43.7 (before)
h264_idct4_dc_add_14bpp_rvv_i32: 38.5 (after)
2024-07-21 22:39:45 +03:00
J. Dekker
c9dc2ad09b lavc/h264dsp: move R-V V idct_dc_add
No functional changes. This just moves the assembler so that it can be
referenced by other functions in h264idct_rvv.S with local jumps.

Edited-by: Rémi Denis-Courmont <remi@remlab.net>
2024-07-21 22:39:45 +03:00
Rémi Denis-Courmont
d15169c51f lavc/h264dsp: factor some mostly identical R-V V code 2024-07-21 22:39:45 +03:00
Rémi Denis-Courmont
c4c811b3d9 checkasm/h264dsp: test TX bypass 2024-07-21 22:36:48 +03:00
Michael Niedermayer
73ca4e75eb
avfilter/vf_xfade: Check ff_inlink_consume_frame() for failure
Fixes: CID1458043 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:14 +02:00
Michael Niedermayer
23851c9ee0
avutil/slicethread: Check pthread_*_init() for failure
Fixes: CID1604383 Unchecked return value
Fixes: CID1604439 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:13 +02:00
Michael Niedermayer
15540b3d28
avutil/frame: Check log2_crop_align
Fixes: CID1604586 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:13 +02:00
Michael Niedermayer
82f5b20ff5
avutil/buffer: Check ff_mutex_init() for failure
Fixes: CID1604487 Unchecked return value
Fixes: CID1604494 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:13 +02:00
Michael Niedermayer
064bcda142
avutil/avsscanf: Remove dead code
Fixes: CID1604498 Structurally dead code

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:12 +02:00
Michael Niedermayer
696685df0c
avformat/xmv: Check this_packet_size
Fixes: CID1604489 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:12 +02:00
Michael Niedermayer
7734c583f7
avformat/webpenc: Check filesize in trailer
not sure this is possible

Fixes: CID1604446 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:12 +02:00
Michael Niedermayer
be30913538
avformat/ty: rec_size seems to only need 32bit
May help CID1604560 Overflowed integer argument

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:11 +02:00
Michael Niedermayer
41745e550a
avformat/tty: Check avio_size()
Fixes: CID1220824 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:11 +02:00
Michael Niedermayer
124a97dd8b
avformat/siff: Basic pkt_size check
Fixes: half of CID1258461 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:11 +02:00
Michael Niedermayer
759aae590c
avformat/sauce: Check avio_size() for failure
Fixes: CID1604592 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:02:10 +02:00
Michael Niedermayer
3e305a0e70
avformat/sapdec: Check ffurl_get_file_handle() for error
Fixes: CID1604506 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:51 +02:00
Michael Niedermayer
e83e246504
avformat/nsvdec: Check asize for PCM
Fixes: CID1604527 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:43 +02:00
Michael Niedermayer
cea4dbc903
avformat/mp3dec: Check header_filesize
Fixes: CID1608714 Division or modulo by float zero

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:41 +02:00
Michael Niedermayer
bb936a1a72
avformat/mp3dec; Check for avio_size() failure
Fixes: CID1608710 Improper use of negative value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:37 +02:00
Michael Niedermayer
046d069552
avformat/mov: Use 64bit for str_size
We assign a 64bit variable to it before checking

Fixes: CID1604544 Overflowed integer argument

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:35 +02:00
Michael Niedermayer
139bf41246
avformat/mm: Check length
Fixes: CID1220824 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:32 +02:00
Michael Niedermayer
291356f58b
avformat/hnm: Check *chunk_size
Fixes: CID1604419 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:23 +02:00
Michael Niedermayer
7e577165c1
avformat/hlsenc: Check ret
Fixes: CID1609624 Unused value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:41:11 +02:00
Michael Niedermayer
bf61f811e7
avformat/bintext: Check avio_size() return
Fixes: CID1604503 Overflowed constant
Fixes: CID1604566 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:40:49 +02:00
Michael Niedermayer
891bc070f0
avformat/asfdec_o: Check size of index object
We subtract 24 so it must be at least 24

Fixes: CID1604482 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:40:48 +02:00
Michael Niedermayer
2a8fb3c2cc
avfilter/vf_scale: Check ff_scale_adjust_dimensions() for failure
Helps: CID1513722 Operands don't affect result

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:31 +02:00
Michael Niedermayer
ad9df8bcfe
avfilter/scale_eval: Use 64bit, check values in ff_scale_adjust_dimensions()
Found by reviewing CID1513722 Operands don't affect result

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:30 +02:00
Michael Niedermayer
6db4e326c2
avfilter/vf_neighbor_opencl: Use AV_PIX_MAX_PLANES
Fix/Robustness/whatever: CID1439575 Out-of-bounds read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:29 +02:00
Michael Niedermayer
ace2e25720
avfilter/vf_lut3d: Check av_scanf()
Fixes: CID1604398 Unchecked return value
Fixes: CID1604542 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:28 +02:00
Michael Niedermayer
64aa233a88
avfilter/vf_fftfilt: Remove dead depth code
Fixes: CID1509373 Logically dead code

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:27 +02:00
Michael Niedermayer
2af95b9214
avfilter/vf_elbg: Use unsigned for shifting into the top bit
Fixes: part of CID1355110 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 16:34:25 +02:00
Michael Niedermayer
05e21b8902
avfilter/vf_premultiply: Use AV_PIX_MAX_PLANES
Helps: CID1435164 Out-of-bounds read
Helps: CID1435165 Out-of-bounds read
Helps: CID1435167 Out-of-bounds read
Helps: CID1435169 Out-of-bounds read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 15:57:43 +02:00