1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-28 20:53:54 +02:00
Commit Graph

25046 Commits

Author SHA1 Message Date
Gavin Smith
2c2aaa5bd0 avformat/mxfdec: do not log warning of multiple ANC packets if count is 0
Some NLVEs may insert a KLV packet for EIA-608 data even though
the number of encapsulated ANC packets is zero.
2022-10-06 10:23:39 +02:00
Richard Ayres
b074424bf6 Encrypted SMPTE DC MXF - additional UL needed to unpack EKLV packet
Thanks, Pierre-Anthony. I've updated the patch to remove the unnecessary UL and it's now using mxf_match_uid() to detect the EKLV packet.

Signed-off-by: Richard Ayres <richard.ayres@bydeluxe.com>
2022-10-06 10:04:17 +02:00
Michael Niedermayer
5f44489cc5
avformat/vividas: Check packet size
Fixes: signed integer overflow: 119760682 - -2084600173 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-6745781167587328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-10-04 23:47:54 +02:00
Andreas Rheinhardt
63b3156558 avformat/aviobuf: Don't use NULL as src for memcpy
This might happen in avio_write() if size == 0
when the direct codepath is taken. It is undefined behaviour
according to the spec although it happens to work in practice.
Fixes the webm-webvtt-remux FATE-test under UBSan.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-10-04 18:01:01 +02:00
Andreas Rheinhardt
d09776d486 avformat/avio: Schedule AVIODirContext to become an opaque type
Users can't make anything with its content.
Making it opaque might allow us to avoid one level of indirection.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-10-03 23:21:57 +02:00
Andreas Rheinhardt
7eed125dbb avcodec/mpeg4audio: Move ff_copy_pce_data() to a header of its own
It is only used by three of the thirty files that (potentially
indirectly) include mpeg4audio.h. Twenty of these files won't
have a put_bits.h inclusion any more after this patch.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-10-02 20:16:42 +02:00
Paul B Mahol
4b6b75c752 avcodec: add Media 100i decoder 2022-09-30 19:11:36 +02:00
Pierre-Anthony Lemieux
0e402ebf48
format/imfdec: improve error handling when selecting tracks for playback
Reviewed-by: Zane van Iperen <zane@zanevaniperen.com>
2022-09-28 11:54:52 +10:00
Andreas Rheinhardt
2b41463b87 avformat/internal: Don't include avcodec.h
The general demuxing API uses parsers and decoders. Therefore
FFStream contains pointers to AVCodecContexts and
AVCodecParserContext and lavf/internal.h includes lavc/avcodec.h.

Yet actually only a few files files really use these; and it is best
when this number stays small. Therefore this commit uses opaque
structs in lavf/internal.h for these contexts and stops including
avcodec.h.
This also avoids including lavc/codec_desc.h implicitly. All other
headers are implicitly included as now (mostly through codec.h).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-26 03:02:50 +02:00
Andreas Rheinhardt
832e6563df avformat/matroska*: Use av_chroma_location_(pos_to_enum|enum_to_pos)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-26 03:02:27 +02:00
Andreas Rheinhardt
843fe314ea avformat/nutdec: Don't shrink packet size manually
It is unnecessary because an av_shrink_packet() a few lines below
will set the size; furthermore, it is actually harmful, because
av_shrink_packet() does nothing in case the size already matches,
so that the packet's padding is not correctly zeroed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-25 14:56:03 +02:00
Michael Niedermayer
aa441ac105
avformat/matroskadec: Error out if a timestamp is beyond duration
Maybe timestamp / duration validity should be checked earlier

Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6586894739177472
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:29:43 +02:00
Michael Niedermayer
4075f0cec1
avformat/spdifdec: Use 64bit to compute bit rate
Fixes: signed integer overflow: 32 * 553590816 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-6564974517944320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:29:32 +02:00
Michael Niedermayer
529f64b2eb
avformat/rpl: Use 64bit for duration computation
Fixes: signed integer overflow: 24709512 * 88 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6737973728641024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:29:08 +02:00
Michael Niedermayer
2c789f753c
avformat/xwma: Use av_rescale() for duration computation
Fixes: signed integer overflow: 34242363648 * 538976288 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6577923913547776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:57 +02:00
Michael Niedermayer
aa8eb1bed0
avformat/sdsdec: Use av_rescale() to avoid intermediate overflow in duration calculation
Fixes: signed integer overflow: 72128794995445727 * 240 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_SDS_fuzzer-6628185583779840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:51 +02:00
Michael Niedermayer
5f529e9147
avformat/sbgdec: Check ts_int in genrate_intervals
There is probably a better place to check for this, but better
here than nowhere

Fixes: signed integer overflow: -9223372036824775808 - 86400000000 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6601162580688896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:41 +02:00
Michael Niedermayer
981f5e46af
avformat/sbgdec: clamp end_ts
Fixes: signed integer overflow: 9223372036851135042 + 15666854 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6573717339111424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:29 +02:00
Michael Niedermayer
2cb7ee8a36
avformat/rmdec: check tag_size
Fixes: signed integer overflow: -2147483648 - 8 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-6598073725353984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:19 +02:00
Michael Niedermayer
2c146406ea
avformat/nutdec: Check fields
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6566001610719232

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:28:10 +02:00
Michael Niedermayer
7124f10c1d
avformat/flvdec: Use 64bit for sum_flv_tag_size
Fixes: signed integer overflow: 2138820085 + 16130322 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_LIVE_FLV_fuzzer-6704728165187584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 18:27:43 +02:00
Michael Niedermayer
b1a68127bb
avformat/jacosubdec: Fix overflow in get_shift()
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-6722544461283328
Fixes: signed integer overflow: 48214448 * 60 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:37 +02:00
Michael Niedermayer
0345a88545
avformat/genh: Check nb_channels for IMA ADPCM
The check could be made more strict

Fixes: signed integer overflow: 36 * 538976288 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_GENH_fuzzer-6539389873815552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:37 +02:00
Michael Niedermayer
93db0f0740
avformat/dxa: avoid bpc overflows
Fixes: signed integer overflow: 2147483647 + 32 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-6639823726706688

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:37 +02:00
Michael Niedermayer
10453f5192
avformat/dhav: Use 64bit seek_back
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_DHAV_fuzzer-6604736532447232

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:36 +02:00
Michael Niedermayer
d4bb4e3759
avformat/cafdec: Check that nb_frasmes fits within 64bit
Fixes: signed integer overflow: 1099511693312 * 538976288 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6565048815845376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:36 +02:00
Michael Niedermayer
736e9e69d5
avformat/asfdec_o: Limit packet offset
avoids overflows with it

Fixes: signed integer overflow: 9223372036846866010 + 4294967047 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-6538296768987136
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-657169555665715

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:36 +02:00
Michael Niedermayer
5b23cab5c7
avformat/apm: Use 64bit for bit_rate computation
Fixes: signed integer overflow: -1155522528 * 4 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_APM_fuzzer-6580670570299392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:35 +02:00
Michael Niedermayer
d0349c9929
avformat/ape: Check frames size
Fixes: signed integer overflow: 9223372036854775806 + 3 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_APE_fuzzer-6389264140599296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-24 17:57:35 +02:00
James Almer
aa79d13f51 avformat/cafenc: derive Opus frame size from the relevant stream parameters
Use the stream duration as last resort, as an off-by-one result of the
"st->duration / (caf->packets - 1)" calculation can break playback on some
devices.
Also, don't write the sample_rate value propagated by encoders like libopus.
The sample rate of the audio fed to it is irrelevant after being encoded.

Fixes ticket #9930.

Signed-off-by: James Almer <jamrial@gmail.com>
2022-09-24 12:16:15 -03:00
Paul B Mahol
a166b8a19b avcodec: add FTR audio decoder and parser 2022-09-24 14:03:59 +02:00
Paul B Mahol
6c23391064 avformat: add APAC demuxer 2022-09-23 20:27:35 +02:00
Vignesh Venkatasubramanian
a2d95928c3 avformat/movenc: Write auxi box for animated AVIF with alpha
According to the HEIF specification (ISO/IEC 23008-12) Section
7.5.3.1, tracks with handler_type 'auxv' must contain a 'auxi' box
in its SampleEntry to notify the nature of the auxiliary track to the
decoder.

The content is the same as the 'auxC' box. So parameterize and re-use
the existing function.

Signed-off-by: Vignesh Venkatasubramanian <vigneshv@google.com>
Signed-off-by: James Zern <jzern@google.com>
2022-09-22 14:10:22 -07:00
Michael Niedermayer
db73ae0dc1
avformat/icodec: Check nb_pal
Fixes: signed integer overflow: 538976288 * 4 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_ICO_fuzzer-6690068904935424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:05 +02:00
Michael Niedermayer
9303ba272e
avformat/aiffdec: Use 64bit for block_duration use
Fixes: signed integer overflow: 3 * -2147483648 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-6668935979728896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:05 +02:00
Michael Niedermayer
1c2b6265c8
avformat/aiffdec: Check block_duration
Fixes: signed integer overflow: 3 * -2147483648 cannot be represented in type 'int'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-6668935979728896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:04 +02:00
Michael Niedermayer
c5bd689655
avformat/mxfdec: Avoid some redundant writing to tables in mxf_compute_ptses_fake_index()
offsets suggested by Tomas Härdin
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:04 +02:00
Michael Niedermayer
1182bbb2c3
avformat/mxfdec: only probe max run in
Suggested-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:04 +02:00
Michael Niedermayer
7786097825
avformat/mxfdec: Check run_in is within 65536
Fixes: signed integer overflow: 9223372036854775807 - -2146905566 cannot be represented in type 'long'
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6570996594769920

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2022-09-22 17:44:03 +02:00
Andreas Rheinhardt
8306074dc6 avformat/dashdec: Reindent after the previous commit
Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-22 15:34:54 +02:00
Andreas Rheinhardt
14b3830b33 avformat/dashdec: Fix crash on invalid input/ENOMEM, fix leak
In case a SupplementalProperty node exists in an adaptationset,
it is searched for a "schemeIdUri" property via xmlGetProp().
Whatever xmlGetProp() returns is then compared via av_strcasecmp()
to a string literal. xmlGetProp() can return NULL, namely in case
no "schemeIdUri" exists and (given that this string is allocated)
presumably also on allocation failure. No check for NULL is done,
so this may crash.

Furthermore, the string returned by xmlGetProp() needs to be freed
with xmlFree(), but this is not done either.

This commit fixes both of these issues; they existed since this code
has been added in 10d008f0fd.

This has been found while investigating ticket #9697. The continuous
leaks might very well be the reason behind the observed slowdown.

Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-22 15:34:23 +02:00
Wang Yaqiang
0744782de3 avformat/mov: get the correct fragment stsd_id when decrypting the sample
When determining whether a packet should be decrypted,
should use the stsd_id of the fragment where the current packet is located.

Reviewed-by: Zhao Zhili <zhilizhao@tencent.com>
Signed-off-by: Wang Yaqiang <wangyaqiang03@kuaishou.com>
2022-09-21 13:58:40 +08:00
Will Cassella
e601ec3c19 libavformat/riffec: Zero-initialize channels in ff_get_wav_header
Clang's static analyzer complains that leaving the  variable
uninitialized could lead to a code path where the uninitialized value is
written to  at the end of this function.
This patch simply zero-initializes that variable to avoid that.

Signed-off-by: Will Cassella <cassew@google.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2022-09-20 18:58:23 -03:00
Andreas Rheinhardt
d438540d2b avformat/spdifenc: Reorder struct members to make it smaller
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-20 18:32:28 +02:00
Pierre-Anthony Lemieux
48fa27e77a avformat/mxf: set stream frame rates for ST 422 essence containers
The MXF demuxer does not currently set AVStream::avg_frame_rate and ::r_frame_rate
when J2K essence is wrapped according to SMPTE ST 422.

Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-20 11:25:54 +02:00
Andreas Rheinhardt
c8707c105f avformat/aptxdec: Don't set AV_PKT_FLAG_CORRUPT mistakenly
Just because we try to put multiple units of block_align bytes
(the atomic units for APTX and APTX HD) into one packet
does not mean that packets with fewer units than the
one we wanted are corrupt; only those packets that are not
a multiple of block_align are.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-19 17:05:33 +02:00
Andreas Rheinhardt
9d10d3a4ee avformat/aptxdec: Don't set AVCodecParameters.frame_size
This field was misunderstood: It gives the number of samples
in a packet, not the number of bytes. Its usage was wrong for APTX HD.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-19 17:05:33 +02:00
Paul B Mahol
9c05f178a6 avformat/ape: fix overflow in total_blocks 2022-09-16 18:04:20 +02:00
Paul B Mahol
8f11512273 avformat/ape: set packet duration 2022-09-16 18:04:20 +02:00
Andreas Rheinhardt
2c23cd0181 avformat/bonk: Don't set data_offset to what it would be set to anyway
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-09-16 17:49:40 +02:00