1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-21 10:55:51 +02:00
Commit Graph

98757 Commits

Author SHA1 Message Date
Michael Niedermayer
d08c3f56ec tools/target_dec_fuzzer: Adjust threshold for DST
Fixes: Timeout (too long -> 3sec)
Fixes: 24239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5189061015502848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-08-18 14:56:04 +02:00
Andreas Rheinhardt
d661cfc184 avformat/mlvdec: Only store dimensions after having validated them
Otherwise it might happen that invalid dimensions are used when reading
a video packet; this might lead to undefined overflow.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 14:26:40 +02:00
Andreas Rheinhardt
0d560873da avformat/mlvdec: Don't leak open AVIOContexts on error
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 14:25:30 +02:00
Andreas Rheinhardt
6e0dd41fa3 avformat/mlvdec: Check for existence of AVIOContext before using it
The mlv demuxer supports input split into multiple files; if invalid
data is encountered when parsing one of the subsequent files, that file
is closed. But at this point some index entries belonging to this file
might already have been added. In this case, the read_packet function
might try to use the AVIOContext (which is NULL) to read data which will
of course crash. This commit fixes this.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 14:18:18 +02:00
Andreas Rheinhardt
97d8029149 avformat/hls: Use av_init_pkt() directly
and remove reset_packet(). The packet's data pointer is already zeroed,
so the only thing that reset_packet() does that av_init_pkt() doesn't is
redundant.

Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 07:03:00 +02:00
Andreas Rheinhardt
8c91b5c48a avformat/hls: Remove redundant resetting of AVPacket
av_read_frame() already returns blank packets on error.

Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 07:02:52 +02:00
Andreas Rheinhardt
dfc6a9f075 avformat/hls: Fix memleak when url is empty
Fixes Coverity ID 1465888.

Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-18 07:02:43 +02:00
Limin Wang
ab384d289d FATE: fix copy & paste for minterpolate test
Reported-by: Nicolas George <george@nsup.org>
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-08-18 08:32:02 +08:00
Gautam Ramakrishnan
642404f28d doc/encoders: Add all options for JPEG2000 encoder
This patch updates the documentation by adding all options
for JPEG2000 encoder.

Revised-by: Gyan Doshi <ffmpeg@gyani.pro>
2020-08-17 15:30:25 +05:30
Andriy Gelman
5df9724e42 avcodec/v4l2_context: return EAGAIN to signal full buffers
Return proper error when frame buffers are full. This path is triggered
on the DragonBoard 410c since the encoding API change in commit
827d6fe73d.

Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
Reviewed-by: Mark Thompson <sw@jkqxz.net>
2020-08-16 17:39:13 -04:00
Limin Wang
d7af6d1469 avcodec/utils: calculate frame number of HEVC if the framerate > 30FPS
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-08-16 22:51:11 +08:00
Paul B Mahol
6328a57068 doc/general: fix ADPCM typos 2020-08-16 16:23:54 +02:00
James Almer
b6e92d928f avformat/av1dec: don't update temporal_unit_size after it's no longer used
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 23:31:41 -03:00
Moritz Barsnick
2250dc4044 avdevice/xcbgrab: check return values of xcb query functions
Fixes #7312, segmentation fault on close of X11 server

xcb_query_pointer_reply() and xcb_get_geometry_reply() can return NULL
if e.g. the X server closes or the connection is lost. This needs to
be checked in order to cleanly exit, because the returned pointers are
dereferenced later.

Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
Reviewed-by: Andriy Gelman <andriy.gelman@gmail.com>
2020-08-15 15:32:52 -04:00
James Almer
161d7f3fee avcodec/bsf: improve the doxy for av_bsf_flush()
Mention an example scenario where the function should be used.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 15:55:22 -03:00
James Almer
34a385b340 avcodec/qsvenc_h264: add missing atsc_a53.h include
Regression since 0de01da1d2

Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 14:43:11 -03:00
James Almer
a72d5290c5 avformat/av1dec: inline obu_read_data() and obu_prefetch() into obu_get_packet()
They don't really help making the demuxer more readable.

Reviewed-by: Guangxin Xu <oddstone@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:30 -03:00
James Almer
0de01da1d2 avcodec: move ff_alloc_a53_sei() to atsc_53
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:25 -03:00
James Almer
1ab3ae6fd5 avcodec/hevc_sei: use ff_parse_a53_cc() to parse A53 Closed Captions
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:19 -03:00
James Almer
c93ba51ef3 avcodec/h264_sei: use ff_parse_a53_cc() to parse A53 Closed Captions
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:13 -03:00
James Almer
6c1bf7c02e avcodec/libdav1d: add support for A53 Closed Captions
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:08 -03:00
James Almer
1841921277 avcodec: split off A53 Closed Caption parsing code into its own file
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-15 13:01:00 -03:00
Limin Wang
392a2d0790 avcodec/libsvtav1: remove unneeded svt_av1_enc_deinit_handle()
It's for FF_CODEC_CAP_INIT_CLEANUP flag.

Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-08-14 22:54:01 +08:00
Limin Wang
ad49dd7694 avcodec/mpeg12enc: support mpeg2 encoder const level
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-08-14 22:48:05 +08:00
Paul B Mahol
9f702fc8f4 avcodec: extend CFHD description 2020-08-14 10:52:28 +02:00
Paul B Mahol
20ee692761 doc/general: move Cineform HD and Canopus codecs to correct section 2020-08-14 10:52:28 +02:00
James Almer
a762fd2c1b avformat/av1dec: fix return value on some code paths
If avio_read() returns a value of bytes read that's lower than the
expected, return an error instead. And when there are zero bytes in
the prefetch buffer, return 0 in order for the frame merge bsf to
drain all potentially buffered packets.

Missed by mistake when amending and committing 9a7bdb6d71.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-14 00:14:37 -03:00
James Almer
3105e97050 avformat/av1dec: add missing preprocessor wrappers to annexb and obu demuxers
Ensure the modules are compiled only if enabled.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-14 00:02:29 -03:00
Xu Guangxin
9a7bdb6d71 avformat/av1dec: add low-overhead bitstream format
It's defined in Section 5.2, used by netflix.

Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-14 00:02:13 -03:00
Xu Guangxin
6a941b5691 avcodec/av1_parse: use macro for MAX_OBU_HEADER_SIZE
Signed-off-by: James Almer <jamrial@gmail.com>
2020-08-13 23:48:40 -03:00
Guo, Yejun
3c05c8a15f dnn_backend_tf.c: fix build issue for tensorflow backend
Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
2020-08-14 08:59:39 +08:00
Andreas Rheinhardt
cfc6552032 avfilter/formats: Avoid allocations when merging channel layouts
When one merges two AVFilterChannelLayouts structs, there is no need to
allocate a new one. Instead one can reuse one of the two given ones.
If one does this, one also doesn't need to update the references of the
AVFilterChannelLayouts that is reused. Therefore this commit reuses the
structure with the higher refcount.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-13 16:28:49 +02:00
Andreas Rheinhardt
4147f63d63 avfilter/formats: Fix heap-buffer overflow when merging channel layouts
The channel layouts accepted by ff_merge_channel_layouts() are of two
types: Ordinary channel layouts and generic channel layouts. These are
layouts that match all layouts with a certain number of channels.
Therefore parsing these channel layouts is not done in one go; instead
first the intersection of the ordinary layouts of the first input
list of channel layouts with the ordinary layouts of the second list is
determined, then the intersection of the ordinary layouts of the first
one and the generic layouts of the second one etc. In order to mark the
ordinary channel layouts that have already been matched as used they are
zeroed. The inner loop that does this is as follows:

for (j = 0; j < b->nb_channel_layouts; j++) {
    if (a->channel_layouts[i] == b->channel_layouts[j]) {
        ret->channel_layouts[ret_nb++] = a->channel_layouts[i];
        a->channel_layouts[i] = b->channel_layouts[j] = 0;
    }
}

(Here ret->channel_layouts is the array containing the intersection of
the two input arrays.)

Yet the problem with this code is that after a match has been found, the
loop continues the search with the new value a->channel_layouts[i].
The intention of zeroing these elements was to make sure that elements
already paired at this stage are ignored later. And while they are indeed
ignored when pairing ordinary and generic channel layouts later, it has
the exact opposite effect when pairing ordinary channel layouts.

To see this consider the channel layouts A B C D E and E D C B A. In the
first round, A and A will be paired and added to ret->channel_layouts.
In the second round, the input arrays are 0 B C D E and E D C B 0.
At first B and B will be matched and zeroed, but after doing so matching
continues, but this time it will search for 0, which will match with the
last entry of the second array. ret->channel_layouts now contains A B 0.
In the third round, C 0 0 will be added to ret->channel_layouts etc.
This gives a quadratic amount of elements, yet the amount of elements
allocated for said array is only the sum of the sizes of a and b.

This issue can e.g. be reproduced by
ffmpeg -f lavfi -i anullsrc=cl=7.1 \
-af 'aformat=cl=mono|stereo|2.1|3.0|4.0,aformat=cl=4.0|3.0|2.1|stereo|mono' \
-f null -

The fix is easy: break out of the inner loop after having found a match.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-13 16:28:26 +02:00
Mark Thompson
bb59bdbcd1 cbs: Mention all codecs in unit type comment 2020-08-12 22:02:03 +01:00
Andreas Rheinhardt
c4c10feaa8 Revert "lavfi/avfiltergraph: add check before free the format"
This reverts commit f156f4ab23.

The checks added by said commit are nonsense because they did not help
in case ff_merge_samplerates() or ff_merge_formats() returned NULL
while freeing one of its arguments: Said freeing does not change
the local variables of can_merge_formats().

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 21:27:52 +02:00
Andreas Rheinhardt
9d1bf9cffe avfilter/formats: Simplify cleanup for ff_merge_* functions
Now that the output's refs-array is only allocated once, it is NULL in
any error case and therefore needn't be freed at all; Instead an
av_assert1() has been added to guarantee it to be NULL.

Furthermore, it is unnecessary to av_freep(&ptr) when ptr == NULL.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 21:26:45 +02:00
Andreas Rheinhardt
195a25a7ab avfilter/formats: Leave lists' ownership unchanged upon merge failure
ff_merge_formats(), ff_merge_samplerates() and ff_merge_channel_layouts()
share common semantics: If merging succeeds, a non-NULL pointer is
returned and both input lists (of type AVFilterFormats resp.
AVFilterChannelLayouts) are to be treated as if they had been freed;
the owners of the input parameters (if any) become owners of the
returned list. If merging does not succeed, NULL is returned and both
input lists are supposed to be unchanged.

The problem is that the functions did not abide by these semantics:
In case of reallocation failure, it is possible for these functions
to return NULL after having already freed one of the two input list.
This happens because sometimes the refs-array of the destined output
gets reallocated twice to its final size and if the second of these
reallocations fails, the first of the two inputs has already been freed
and its refs updated to point to the destined output which in this case
will be freed immediately so that all of the already updated pointers
are now dangling. This leads to use-after-frees and memory corruptions
lateron (when these owners get cleaned up, the lists they own get
unreferenced). Should the input lists don't have owners at all, the
caller (namely can_merge_formats() in avfiltergraph.c) thinks that both
the input lists are unchanged and need to be freed, leading to a double
free.

The solution to this is simple: Don't reallocate twice; do it just once.
This also saves a reallocation.

This commit fixes the issue behind Coverity issue #1452636. It might
also make Coverity realize that the issue has been fixed.

Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 21:22:53 +02:00
Andreas Rheinhardt
ae5026c905 avfilter/formats: Schedule avfilter_make_format64_list() for removal
Despite its name, this function is not part of the public API, as
formats.h, the header containing its declaration, is a private header.
The formats API was once public API, but that changed long ago
(b74a1da49d, the commit scheduling it to
become private, is from 2012). That avfilter_make_format64_list() was
forgotten is probably a result of the confusion resulting from the
libav-ffmpeg split.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 21:10:59 +02:00
Andreas Rheinhardt
2e0cf4de01 avfilter/avf_showcqt: Mark arrays as static const
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 21:08:16 +02:00
Andreas Rheinhardt
efbe58ceb6 avfilter/formats: Remove ff_make_formatu64_list()
It is unused since 8cbb055760 and it
actually coincides with avfilter_make_format64_list().

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-12 20:47:59 +02:00
Alexander Strasser
b40dd2fdab lavc/snowenc: Expose an option to set the rc_eq expression
Snow uses the ratecontrol module, but does not expose a way to set
the rc_eq expression. The default expression, set in the ratecontrol
module, will always be used.

Make it possible to set rc_eq by adding an AVOption to snowenc.

The option definition is mostly a copy from the mpegvideo common
options definition of rc_eq (libavcodec/mpegvideo.h), with some
minor style adjustments to be closer to the other snowenc option
initializer expressions.

Signed-off-by: Alexander Strasser <eclipse7@gmx.net>
2020-08-12 17:35:38 +02:00
Alexander Strasser
ecd71916d1 lavc/aac_ac3_parser: fix potential overflow when averaging bitrate
The new code is analog to how it's done in our mpegaudio parser.

Acked-by: Jun Zhao <barryjzhao@tencent.com>
Signed-off-by: Alexander Strasser <eclipse7@gmx.net>
2020-08-12 17:35:38 +02:00
Nicolas George
1201687da2 lavf/url: rewrite ff_make_absolute_url() using ff_url_decompose().
Also add and update some tests.

Change the semantic a little, because for filesytem paths
symlinks complicate things.
See the comments in the code for detail.

Fix trac tickets #8813 and 8814.
2020-08-12 16:45:21 +02:00
Nicolas George
d853293679 lavf/url: add ff_url_decompose(). 2020-08-12 16:33:09 +02:00
Harry Mallon
64ff61b3c5 avformat/mxfenc: Write color metadata to MXF
Writes color_primaries, color_trc and color_space to mxf
headers. ULs are from https://registry.smpte-ra.org/ site.

Signed-off-by: Harry Mallon <harry.mallon@codex.online>
2020-08-12 15:50:41 +02:00
Paul B Mahol
f95dac666c avcodec/sheervideo: reduce size of vlc tables to normal values 2020-08-12 10:17:01 +02:00
Guo, Yejun
0a51abe8ab dnn: add backend options when load the model
different backend might need different options for a better performance,
so, add the parameter into dnn interface, as a preparation.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
2020-08-12 15:43:40 +08:00
Mingyu Yin
4ed6bca4ae dnn_backend_native_layer_mathunary: add round support
Signed-off-by: Mingyu Yin <mingyu.yin@intel.com>
Reviewed-by: Guo, Yejun <yejun.guo@intel.com>
2020-08-12 10:30:46 +08:00
Limin Wang
ed39d28ce7 avcodec/libsvtav1: fix copy and paste error
Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
2020-08-12 08:12:59 +08:00
Andreas Rheinhardt
7ad4928580 avformat/ty: Remove write-only array and variable
Up until now, the TiVo demuxer parse an array of SEQ entries, yet it has
never ever made any use of them. In fact, parse_master, the function
parsing said table, only influenced the outside world in three ways: Via
an excessive amount of error message in case a certain parameter is not
what it expected; via an allocation (the aforementioned write-only
array); and by setting a certain parameter (ty->cur_chunk_pos), but that
parameter is always overwritten before it is used (it is overwritten
in get_chunk() on success and if get_chunk() fails, the error is
returned to the caller anyway). So remove the array and the function
used to parse it.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
2020-08-11 16:44:11 +02:00