1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-23 12:43:46 +02:00
Commit Graph

101522 Commits

Author SHA1 Message Date
Michael Niedermayer
bd525e2876 avcodec/flacdec: Avoid undefined shift in error case
Fixes: flac_1040988

Reported-by: Thomas Guilbert <tguilbert@google.com>
Reviewed-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
09b3040354 avformat/cinedec: Fix index_entries size check
Fixes: out of array access
Fixes: 29868/clusterfuzz-testcase-minimized-ffmpeg_dem_CINE_fuzzer-5692001957445632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
0c48c332ee avcodec/h264_metadata_bsf: Check nb_units before accessing the first in h264_metadata_update_fragment()
Fixes: null pointer dereference
Fixes: 29835/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-4712125383704576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
4e7dbca74c avformat/aaxdec: Check that segments table has been initialized
Fixes: Timeout
Fixes: 29766/clusterfuzz-testcase-minimized-ffmpeg_dem_AAX_fuzzer-5635887566290944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
36ad2f41e3 avcodec/ffv1dec: Check if trailer is available
Fixes: out of array read
Fixes: 29750/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_fuzzer-4808377272238080.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Michael Niedermayer
312bcdbfc1 avcodec/exr: Check col/line for integer overflow
Fixes: signed integer overflow: -2272 + -2147483360 cannot be represented in type 'int'
Fixes: 30009/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5005660322398208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-13 21:02:31 +01:00
Marton Balint
c281d84b20 avformat: add Changelog entry for librist and bump minor
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
5bd1d0f4e7 avformat/librist: clarify and limit buffer_size
As suggested by librist developers.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
4217e091fe avformat/librist: increase default loglevel
Also remove AV_LOG_SIMULATE from the list as it is not used directly, and do
not use panic level on unknown loglevel, but make them warn. Also fix mapping of
NOTICE/INFO/VERBOSE and add documentation about when the option should actually
be used.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
7b0832dea8 avformat/librist: simplify secret strlcpy
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
deffb5ddce avformat/librist: make packet size adjustable for writing, fix it for reading
Maximum packet size is 10000 (RIST_MAX_PACKET_SIZE, which is unfortunately
private) minus the RIST protocol overhead which is 28 bytes for the unencrypted
case, 36 for the encrypted case.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Marton Balint
4b1e387e25 avformat/librist: rework librist_read
Queue tracking makes no difference so remove it, return EAGAIN of no data is
available and rist data block needs to be freed even for zero sized packets.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-13 17:36:48 +01:00
Paul B Mahol
4098f809d6 libavformat: add librist protocol
This work is sponsored by Open Broadcast Systems.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2021-03-13 17:36:48 +01:00
Christopher Degawa
e93403b75f libavutil/timer: Fix clang reserved-user-defined-literal
clang errors when compiling with C++11 about needing spaces between
literal and identifier

Signed-off-by: Christopher Degawa <ccom@randomderp.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-13 11:47:43 -03:00
Marton Balint
b2d0826513 avdevice/pulse_audio_dec: do not read undersized frames
Keep on reading fragments until we got fragment_size amount of data, otherwise
we might get frames with 1-2 samples only if pa_stream_peek is called slightly
less frequently than sample rate.

Note that fragments might contain a lot less data than fragment_size, so
reading multiple fragments to get fragment_size amount of data is intentional.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-12 23:55:30 +01:00
Marton Balint
7f059a250b avdevice/pulse_audio_dec: only set adjust latency flag if fragment_size is not set
Otherwise fragment_size is ignored.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-12 23:55:30 +01:00
Marton Balint
104aa921c9 avdevice/pulse_audio_dec: query actual fragment size
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-12 23:55:30 +01:00
Marton Balint
1a90cf4410 avdevice/alsa_dec: make sure we have enough data in non-blocking mode
Otherwise we might return 1-2 samples per packet if av_read_frame() call rate is
only sligthly less than the stream sample rate.

Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-12 23:55:30 +01:00
James Almer
6e7e3a3820 avcodec: add a get_encode_buffer() callback to AVCodecContext
This callback is functionally the same as get_buffer2() is for decoders, and
implements for the new encode API the functionality of the old encode API had
where the user could provide their own buffers.

Reviewed-by: Lynne <dev@lynne.ee>
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-12 19:49:08 -03:00
Mark Thompson
2c96e6cb95 cbs_sei: Detect payload overflows when reading SEI messages
The top-level GetBitContext is sized for the whole NAL unit, so it fails
to detect overflows where a payload continues into the following message.
To fix that, we make a new context on the stack for reading each payload.

Fixes: 29892/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-6310830956216320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-12 22:45:33 +00:00
Mark Thompson
b128b0ce22 cbs_h265: Detect more reference combinations which would overflow the DPB
In total, the number of short term references (from the selected short
term ref pic set), the number of long term references (combining both the
used candidates from the SPS and those defined in the slice header) and
the number of instances of the current picture (usually one, but can be
two if current picture reference is enabled) must never exceed the size
of the DPB.  This is a generalisation of the condition associated with
num_long_term_pics in 7.4.7.1.

We use this to apply tighter bounds to the number of long term pictures
referred to in the slice header, and also to detect the invalid case where
the second reference to the current picture would not fit in the DPB (this
case can't be detected earlier because an STRPS with 15 pictures can still
be valid in the same stream when used with a different PPS which does not
require two DPB slots for the current picture).

Fixes: 24913/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-6261760693370880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-12 22:45:33 +00:00
Andreas Rheinhardt
ec54c32d4a avcodec/cbs_h26[45]: Remove redundant enum constants
Unused since 8843607f49.

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 23:25:23 +01:00
Andreas Rheinhardt
70d226575a avcodec/cbs_sei: Fix leak of AVBufferRef on error
An AVBufferRef (and the corresponding AVBuffer and the underlying actual
buffer) would leak in ff_cbs_sei_add_message() on error in case an error
happened after its creation and before it has been attached to more
permanent storage. Fix this by only creating the AVBufferRef immediately
before attaching it to its intended target position.

(Given that no SEI message currently created is refcounted, the above
can't happen at the moment. But Coverity already nevertheless noticed:
This commit fixes Coverity issue #1473521.)

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 23:24:31 +01:00
Andreas Rheinhardt
12a9f3fc09 avcodec/cbs_sei: Don't use -1th element of array
(This affected only suffix SEI messages; yet no such SEI messages are
currently inserted.)

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 23:23:26 +01:00
Andreas Rheinhardt
85685297c2 avcodec/cbs: Remove redundant checks for CodedBitstreamContext.codec
Setting this field happens immediately after the allocation in
ff_cbs_init(), so the whole CBS code may presume that any
CodedBitstreamContext has this set. Lots of code already presumed this,
yet ff_cbs_close() did it inconsistently: It checked before checking
whether the CodedBitstreamType has a close function; yet it simply
unconditionally read ctx->codec->priv_class. Coverity complained about
this in issue #1473564, which this commit fixes.

Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 23:21:35 +01:00
Martin Storsjö
30cd7feb2d avcodec/nvenc: base timestamps on frameIntervalP
If b-frames were enabled implicitly (if max_b_frames wasn't set by
the caller at all, since a0949d0bcb),
we wouldn't offset dts at all, producing invalid pts/dts combinations
(causing loud warnings by ffmpeg, or muxer errors if passed without
an extra cleanup pass).

Instead use frameIntervalP for offsetting, which should always be
accurate.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
2021-03-12 22:11:39 +01:00
Andreas Rheinhardt
6e2db67801 avfilter/vf_uspp: Fix leak of packet side data
The uspp filter uses a special option ("no_bitstream") of
the Snow encoder to suppress it from generating output.
The filter therefore did not unref the packet after usage,
believing it to be blank. But this is wrong, as the Snow encoder
attaches quality stats side data to the packet.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 19:05:37 +01:00
Andreas Rheinhardt
0858853241 avfilter/vf_uspp: Fix leak of qp-table on error
Fixes Coverity issue #1473500.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 19:05:11 +01:00
Andreas Rheinhardt
0364188fb9 avcodec/decode: Reindentation
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 18:29:03 +01:00
Andreas Rheinhardt
cc448f8d39 avcodec/decode: Remove always-true check
Forgotten in 1fd7627770.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 18:28:20 +01:00
Andreas Rheinhardt
d025a5bcc2 avformat/adp, svs: Remove redundant av_shrink_packet()
av_get_packet() already makes sure that the packet size is accurate
and that the packet data is zero-padded even when one could not read as
much as desired.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-12 17:13:10 +01:00
parazyd
51367267c8 avformat/gopher: Add support for Gopher over TLS
This commit adds a "gophers" handler to the gopher protocol. gophers
is a community-adopted protocol that acts the same way like normal
gopher with the added TLS encapsulation.

The gophers protocol is supported by gopher servers like geomydae(8),
and clients like curl(1), clic(1), and hurl(1).

This commit also adds compilation guards to both gopher and gophers,
since now there are two protocols in the file it makes sense to
have this addition.

Signed-off-by: parazyd <parazyd@dyne.org>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-11 23:47:19 +01:00
parazyd
ed4c2e183b avformat/gopher: Add default_whitelist to ff_gopher_protocol
Signed-off-by: parazyd <parazyd@dyne.org>
Signed-off-by: Marton Balint <cus@passwd.hu>
2021-03-11 23:26:37 +01:00
Derek Buitenhuis
e690aa6a8d avcodec/gifenc: Actually use the shrunk palette
I have no idea how nobody, including myself, noticed this.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2021-03-11 21:41:52 +00:00
James Almer
99042c2bf6 avcodec/h264_slice: don't copy frame data during error concealment
In addition to the fact that av_image_copy() cannot handle hardware pixel formats,
h->short_ref[0]->f may not be writable at this point.

Based on a patch by Hendrik Leppkes.

Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-11 17:57:37 -03:00
James Almer
9e2e6f935b avdevice/decklink: add missing include for buffer_size_t
Should fix compilation broken in f7abb53cb4.

Reviewed-by: Marton Balint <cus@passwd.hu>
Signed-off-by: James Almer <jamrial@gmail.com>
2021-03-11 17:39:09 -03:00
Stephen Hutchinson
16e8ea0dde avisynth: fix audio on big endian
AviSynth+ outputs audio in the same format as the
OS, so assuming little endian formats as input
on big endian OSes results in nothing but static.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
emcodem
8b74458d93 avisynth: populate field order
Fixes Trac ticket #8757

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
Stephen Hutchinson
4c40686ee2 avisynth: more intelligent RGB flipping
avs_is_color_space provides a generic way of checking whether the
video is RGB, and has been available through AVSC_API since 2.6.
This means that GetProcAddress doesn't have to run on every frame.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
2021-03-11 14:21:30 -05:00
Andreas Rheinhardt
9f1b808bde avformat/rawenc: Use init instead of write_header function
force_one_stream() does not write anything.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 20:01:28 +01:00
Michael Niedermayer
b87781649e avcodec/4xm: Check pre_gb in decode_i_block()
Fixes: Timeout
Fixes: 31257/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FOURXM_fuzzer-5150866229297152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-03-11 16:06:33 +01:00
Andreas Rheinhardt
1ad628d2c2 avutil/buffer_internal: Include internal for buffer_size_t
Fixes checkheaders.

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 14:07:15 +01:00
Andreas Rheinhardt
2f056def65 dnn/dnn_backend_native_layer_mathbinary: Fix leak upon error
Fixes Coverity issue #1473568.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:21:48 +01:00
Andreas Rheinhardt
723ebf029a dnn/dnn_backend_native_layer_conv2d: Don't pretend convolution can fail
It can't; these are just remnants of commit
3c7cad69f2 which let the worker threads
do the reallocation.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:20:00 +01:00
Andreas Rheinhardt
9da96d8b69 dnn/dnn_backend_native_layer_conv2d: Check thread creation for errors
Fixes Coverity issue #1473533.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:13:00 +01:00
Andreas Rheinhardt
c2fef8f16c dnn/dnn_backend_native_layer_conv2d: Check allocation
Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:10:46 +01:00
Andreas Rheinhardt
d14ae74064 dnn/dnn_backend_native_layer_conv2d: Avoid separate, unchecked allocations
Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:09:48 +01:00
Andreas Rheinhardt
508d7005a0 dnn/dnn_backend_native_layer_conv2d: Fix memleak on error
If an error happens when preparing the output data buffer, an already
allocated array would leak. Fix this by postponing its allocation.

Fixes Coverity issue #1473531.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 13:06:32 +01:00
Andreas Rheinhardt
16e36d5c0c dnn/dnn_backend_native_layer_conv2d: Avoid allocation when single-threaded
Also fixes a memleak in single-threaded mode when an error happens
in preparing the output data buffer; and also removes an unchecked
allocation.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 12:47:11 +01:00
Andreas Rheinhardt
639b3bbbc7 dnn/dnn_backend_native_layer_conv2d: Join two arrays, avoid allocation
Fixes Coverity issue #1473507.

Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2021-03-11 12:45:45 +01:00