* commit '9df9309d233f59d9706444a1e24ac24139f2640d':
dashenc: calculate stream bitrate from first segment if not available
Merged-by: Rodger Combs <rodger.combs@gmail.com>
The GnuTLS version is checked through the macro GNUTLS_VERSION_NUMBER,
but this wasn't introduced before 2.7.2. Building with older versions
of GnuTLS (using icc) warns:
src/libavformat/tls_gnutls.c(38): warning #193: zero used for undefined preprocessing identifier "GNUTLS_VERSION_NUMBER"
#if HAVE_THREADS && GNUTLS_VERSION_NUMBER <= 0x020b00
This adds a fallback to the older, deprecated LIBGNUTLS_VERSION_NUMBER
macro.
Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
Commit 598e416840 added use of
GNUTLS_E_PREMATURE_TERMINATION, which wasn't introduced to GnuTLS
before 2.99.x / 3.x. This fixes compilation with older versions.
Signed-off-by: Moritz Barsnick <barsnick@gmx.net>
This fixes redirects, where the original redirect response indicated
support for compression, while the actual redirected content didn't.
Signed-off-by: Martin Storsjö <martin@martin.st>
Duration depends on the selected subsong and thus must be queried after
selecting the subsong. There is no compelling reason to query other
metadata earlier either.
Tested with libopenmpt version: 0.2.8760-beta27
Libopenmpt configure options: --without-ogg --without-vorbis
--without-vorbisfile --without-portaudio --without-portaudiocpp
--without-mpg123 --without-pulseaudio --without-sndfile --without-flac
Signed-off-by: Jörn Heusipp <osmanx@problemloesungsmaschine.de>
Signed-off-by: Josh de Kock <josh@itanimul.li>
GnuTLS is too strict on the SSL shutdown alert, and it's neither
mandatory in the spec or critical. As it's ignored in OpenSSL, we
should also suppress it in GnuTLS as well.
Ticket: #6667
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It must be freed using avio_context_free() starting with commit
99684f3ae7.
Signed-off-by: James Almer <jamrial@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
ffmpeg need a dash demuxer for demux the dash formats base on
https://github.com/samsamsam-iptvplayer/exteplayer3/blob/master/tmp/ffmpeg/patches/3.2.2/000001_add_dash_demux.patch
TODO:
1. support multi bitrate dash.
v2 fixed:
1. from autodetect to disabled
2. from camelCase code style to ffmpeg code style
3. from RepType to AVMediaType
4. fix variable typo
5. change time value from uint32_t to uint64_t
6. removed be used once API
7. change 'time(NULL)`, except it is not 2038-safe.' to av_gettime and av_timegm
8. merge complex free operation to free_fragment
9. use API from snprintf to av_asprintf
v3 fixed:
1. fix typo from --enabled-xml2 to --enable-xml2
v4 fixed:
1. from --enable-xml2 to --enable-libxml2
2. move system includes to top
3. remove nouse includes
4. rename enum name
5. add a trailing comma for the last entry enum
6. fix comment typo
7. add const to DASHContext class front
8. check sscanf if return arguments and give warning message when error
9. check validity before free seg->url and seg
10. check if the val is null, before use atoll
v5 fixed:
1. fix typo from mainifest to manifest
v6 fixed:
1. from realloc to av_realloc
2. from free to av_free
v7 fixed:
1. remove the -lxml2 from configure when require_pkg_config
v8 fixed:
1. fix replace filename template by av_asprintf secure problem
v9 modified:
1. make manifest parser clearly
v10 fixed:
1. fix function API name code style
2. remove redundant strreplace call
3. remove redundant memory operation and check return value from get_content_url()
4. add space between ) and {
5. remove no need to log the value for print
v11 fixed:
1. from atoll to strtoll
Suggested-by: Michael Niedermayer <michael@niedermayer.cc>
v12 fixed:
1. remove strreplace and instead by av_strreplace
Suggested-by: Nicolas George <george@nsup.org>
v13 fixed:
1. fix bug: cannot play:
http://dash.edgesuite.net/akamai/bbb_30fps/bbb_30fps.mpd
Reported-by: Andy Furniss <adf.lists@gmail.com>
v14 fixed:
1. fix bug: TLS connection was non-properly terminated
2. fix bug: No trailing CRLF found in HTTP header
Reported-by: Andy Furniss <adf.lists@gmail.com>
v15 fixed:
1. play youtube link: ffmpeg -i $(youtube-dl -J "https://www.youtube.com/watch?v=XmL19DOP_Ls" | jq -r ".requested_formats[0].manifest_url")
2. code refine for timeline living stream
Reported-by: Ricardo Constantino <wiiaboo@gmail.com>
v16 fixed:
1. remove the snprintf and instead by get_segment_filename make safety
2. remove unnecessary loops
3. updated xmlStrcmp and xmlFree to av_* functions
4. merge code repeat into one function
5. add memory alloc faild check
6. update update_init_section and open_url
7. output safety error message when filename template not safe
Suggested-by : wm4 <nfxjfg@googlemail.com>
v17 fixed:
1. add memory alloc faild check
2. fix resource space error at free_representation
v18 fixed:
1. add condition of template format
v19 fixed:
1. fix typo of the option describe
v20 fixed:
1. add the c->base_url alloc check
2. make the DASHTmplId same to dashenc
v21 fixed:
1. remove get_repl_pattern_and_format and get_segment_filename
2. process use dashcomm APIs
v22 fixed:
1. modify the include "dashcomm.h" to include "dash.h"
2. use internal API from dash_fill_tmpl_params to ff_dash_fill_tmpl_params
Signed-off-by: Steven Liu <lq@onvideo.cn>
Signed-off-by: samsamsam <samsamsam@o2.pl>
WebM supports a subset of elements from the Tags master.
See https://www.webmproject.org/docs/container/#tagging
Reviewed-by: Ivan Janatra <janatra@google.com>
Signed-off-by: James Almer <jamrial@gmail.com>
Fixes: Missing EOF check in loop
No testcase
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Missing EOF check in loop
No testcase
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
merge from libav: 585dc1aece
If the metadata packet is corrupted, flv_read_metabody can accidentally
read past the start of the next packet. If the start of the next packet
had been flushed out of the IO buffer, we would be unable to seek to
the right position (on a nonseekable stream).
Prefer to clearly error out instead of silently trying to read from a
desynced stream which will only be interpreted as garbage.
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
If the metadata packet is corrupted, flv_read_metabody can accidentally
read past the start of the next packet. If the start of the next packet
had been flushed out of the IO buffer, we would be unable to seek to
the right position (on a nonseekable stream).
Prefer to clearly error out instead of silently trying to read from a
desynced stream which will only be interpreted as garbage.
Signed-off-by: Martin Storsjö <martin@martin.st>
Main use-case is proxying avio through a foreign I/O layer and a custom
AVIO context, without losing latency and performance characteristics.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Merged from Libav commit 173b56218f.
It must be freed using avio_context_free() starting with commit
b12e4d3bb8.
Found-by: Ronald S. Bultje <rsbultje@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
Before this commit, AVIOContext is to be freed with a plain av_free(),
which prevents us from adding any deeper structure to it.
(cherry picked from commit 99684f3ae7)
Signed-off-by: James Almer <jamrial@gmail.com>
move from dashenc, move DASHTmplId and dash_fill_tmpl_params to
dash.c, they will be used by dash demuxer and dash muxer.
v2 fixed:
1. rename common file from dashcomm.* to dash.*
Suggested-by: Hendrik Leppkes <h.leppkes@gmail.com>
v3 fixed:
1. rename header file pre defined
2. add ff_ prefix for the internal API
Suggested-by: James Almer <jamrial@gmail.com>
Suggested-by: Timo Rothenpieler <timo@rothenpieler.org>
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Steven Liu <lq@onvideo.cn>
Fixes: 20170829B.mxf
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 20170829A.mxf
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 20170829.nsv
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
MP4 files with fragments might have the first moof box that is mentioned
in a fragment index before the first mdat box. Since it is then already
parsed by mov_read_header, we have to make sure that mov_switch_root
will not parse it again when seeking by setting the headers_read flag in
the index. Parsing it a second time would cause the ctts_data array to
receive a second copy of the information from the trun box, leading to
wrong PTS values for the second and following fragments in presence of
B-frames.
Fixes ticket 6560.
Signed-off-by: Daniel Glöckner <daniel-gl@gmx.net>
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
ctts data in ffmpeg relies on the index entries array to be 1:1
with samples... yet sc->sample_count can be read directly from
the 'stsz' box and index entries are only generated if a chunk
count has been read from 'stco' box.
Ensure that if sc->sample_count > 0, sc->chunk_count is too as
a basic sanity check. Additionally we need to check that after
the index is built we have the right number of entries, so we
also check in mov_read_trun() that sc->sample_count ==
st->nb_index_entries.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If a file does not have a known duration, this leads to the timestamps
starting over for the next file, causing non-monotonic timestamps.
To prevent this, track the duration during demuxing and use it to
determine the current file duration before opening the next file.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
The toolchain for this target is unmaintained since many years.
While it has been continuously build tested on fate, it hasn't
actually been tested at runtime since many, many years (and back
then, only a few codecs in libavcodec were tested).
So far, keeping support for it has been mostly effortless, but
the compiler does seem to have issues with dllimported data symbols,
ending up as internal compiler errors in some cases. Instead of
jumping through further hoops to work around that, just remove the
target.
Signed-off-by: Martin Storsjö <martin@martin.st>
Main use-case is proxying avio through a foreign I/O layer and a custom
AVIO context, without losing latency and performance characteristics.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Others do not work, but nothing rejects them prior to this patch if the
parameters otherwise match
Reviewed-by: Matthieu Bouron <matthieu.bouron@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: loop.m3u
The default max iteration count of 1000 is arbitrary and ideas for a better solution are welcome
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Previous version reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When sidx box support is enabled, the code will skip reading all
trun boxes (each containing ctts entries for samples inthat box).
If seeks are attempted before all ctts values are known, the old
code would dump ctts entries into the wrong location. These are
then used to compute pts values which leads to out of order and
incorrectly timestamped packets.
This patch fixes ctts processing by always using the index returned
by av_add_index_entry() as the ctts_data index. When the index gains
new entries old values are reshuffled as appropriate.
This approach makes sense since the mov demuxer is already relying
on the mapping of AVIndex entries to samples for correct demuxing.
As a result of this all ctts entries are now 1-count. A followup
change will be submitted to remove support for > 1 count entries
which will simplify seeking.
Notes for future improvement:
Probably there are other boxes (stts, stsc, etc) that are impacted
by this issue... this patch only attempts to fix ctts since it
completely breaks packet timestamping.
This patch continues using an array for the ctts data, which is not
the most ideal given the rearrangement that needs to happen (via
memmove as new entries are read in). Ideally AVIndex and the ctts
data would be set-type structures so addition is always worst case
O(lg(n)) instead of the O(n^2) that exists now; this slowdown is
noticeable during seeks.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed integer overflow is undefined behavior.
Detected with clang and -fsanitize=signed-integer-overflow
Signed-off-by: Vitaly Buka <vitalybuka@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed integer overflow is undefined behavior.
Detected with clang and -fsanitize=signed-integer-overflow
Signed-off-by: Vitaly Buka <vitalybuka@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
KB2 'i' found in Life is Strange (Xbox 360), rest verified against binkconv.exe
Signed-off-by: bnnm <bananaman255@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When using streaming input, it may be possible to see frames that appear
before the current_frame. When these frames are inserted into the
index, the current_frame needs to be updated so it is still pointing
at the same frame.
Signed-off-by: Jacob Trimble <modmaker@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Makes behaviour of 805ce25b1d optional, re-enables
HLS key rotation feature
Reviewed-by: Steven Liu <lq@onvideo.cn>
Signed-off-by: DHE <git@dehacked.net>
Add comments to describe the sources of the constraint values expressed here,
and add some more related values which will be used in following patches.
Fix the incorrect values for SPS and PPS count (they are not the same as those
used for H.264), and remove HEVC_MAX_CU_SIZE because it is not used anywhere.
The pointer to the packet queue is stored in the internal structure
so the queue needs to be flushed before internal is freed.
Signed-off-by: Steven Siloti <ssiloti@bittorrent.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
mov_finalize_stsd_codec() parses stream information from the ALAC extradata,
so run it after the extradata processing is completed in mov_read_stsd().
Fixes playback of 96kHz ALAC streams muxed by qaac or the reference alac encoder.
Adapted from an FFmpeg patch by Hendrik Leppkes <h.leppkes@gmail.com>
Bug-Id: 1072
Fixes: out of array accesses
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array accesses
Fixes: crash-9238fa9e8d4fde3beda1f279626f53812cb001cb-SEGV
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: double free
Fixes: clusterfuzz-testcase-minimized-5080550145785856
Found-by: ClusterFuzz
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
ticket-id: #6541
when use hls fmp4 muxer, the extention name is not .m4s, this
code can fix it.
Found-by: JohnPi
Signed-off-by: Steven Liu <lq@onvideo.cn>
Muxers may want to directly access filename in stored in
AVFormatContext. For example in case of RTSP, the filename (url)
is used by the muxer to extract parameters of the connection.
These muxers will fail when used with fifo pseudo-muxer.
This commit fixes this issue by passing filename from AVFormatContext
of fifo pseudo-muxer to all AVFormatContext(s) of underlying muxers
during initialization.
Signed-off-by: Jan Sebechlebsky <sebechlebskyjan@gmail.com>
This makes probing for regular DTS more strict because more header
fields are checked and values not supported by decoder are now rejected.
Also fixes an issue original code had with 14-bit streams: 96 bits of
header were expected, however only 84 bits were converted, which was not
enough to parse LFE flag.
Signed-off-by: James Almer <jamrial@gmail.com>
This is apparently not supposed to error out anyway.
Reviewed-by: Steven Liu <lq@onvideo.cn>
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
glibc introduced _DEFAULT_SOURCE in version 2.19 to replace _BSD_SOURCE and
_SVID_SOURCE, which were deprecated in version 2.20. Add _DEFAULT_SOURCE
where the latter two are used to be forwards-compatible and avoid warnings
about the use of deprecated definitions.
In url_find_protocol(), proto_str is either "file" or a string
consisting of only the characters in URL_SCHEME_CHARS, which does not
include ','. Therefore the strchr(proto_str, ',') call always returns
NULL.
Note: The code was added in commit
6161c41817.
Signed-off-by: Wan-Teh Chang <wtc@google.com>
Signed-off-by: Muhammad Faiz <mfcc64@gmail.com>
have not implementation the fmp4 single file yet before this commit.
Suggested-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Steven Liu <lq@onvideo.cn>
Added 2 byte skipping if there no sound present, that fixes playback
files without sound stream.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If AVCodecParameters.codec_tag is 'hvc1' use it instead of 'hev1' for
h.265 streams. QuickTime (and other Apple software) requires 'hvc1'.
(cherry picked from commit 84ab1cc437)
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
mux.c init_muxer() already sets codec_tag correctly in the cases
simplified here.
This also adds the capability to support alternative tags for the
same codec_id.
(cherry picked from commit f6f86f432f)
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
when use fmp4 segment type in hls and use codec copy,
there have an error message.
error message:
[mp4 @ 0x25df020] Tag avc1 incompatible with output codec id '28' ([33][0][0][0])
[hls @ 0x2615c80] Some of the provided format options in '(null)' are not recognized
Could not write header for output file #0 (incorrect codec parameters ?): Invalid argument
this patch can fix it.
Signed-off-by: Liu Qi <w_liuqi@kingsoft.com>
Signed-off-by: Steven Liu <lq@onvideo.cn>
ff_mp4_obj_type contains the wrong type of tags for
AVOutputFormat.codec_tag. AVOutputFormat.codec_tag is used to
validate AVCodecParameters.codec_tag so needs to be the same
type of tag.
Creates new tag lists for mp4 and ismv. New tag lists support
same list of codecs found in ff_mp4_obj_type. psp uses the same
tag list as mp4 since these both use mp4_get_codec_tag to look up tags.
(cherry picked from commit 713efb2c0d)
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Skip the codec_tag altogether here, to let the user (try to) set
whichever codec/tag is preferred; the individual chained muxer will
reject invalid codecs anyway.
(cherry picked from commit 61f589e31e)
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Currently, the tags enforced and set on the segmenter muxer level
mismatch what the mp4/ismv muxer uses (since 713efb2c0d).
Skip the codec_tag altogether here, to let the user (try to) set
whichever codec/tag is preferred; the individual chained muxer will
reject invalid codecs anyway.
Signed-off-by: Martin Storsjö <martin@martin.st>
Otherwise AVTimebaseSource gets av_apply_bitstream_filters' documentation in doxygen.
Signed-off-by: Max Weber <mii7303@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This implements the 0x10 frame format for Interplay MVE movies. The
format is a variation on the 0x06 format with some changes. In addition
to the decoding map there's also a skip map. This skip map is used to
determine what 8x8 blocks can change in a particular frame.
This format expects to be able to copy an 8x8 block from before the last
time it was changed. This can be an arbitrary time in the past. In order
to implement this this decoder allocates two additional AVFrames where
actual decoding happens. At the end of a frame decoding changed blocks
are copied to a finished frame based on the skip map.
The skip map's encoding is a little convulted, I'll refer to the code
for details.
Values in the decoding map are the same as in format 0x06.
Signed-off-by: Hein-Pieter van Braam <hp@tmm.cx>
This implements the 0x06 frame format for Interplay MVE movies. The
format is relatively simple. The video data consists of two parts:
16 bits per 8x8 block movement data
a number of 8x8 blocks of pixel data
For each 8x8 block of pixel data the movement data is consulted. There
are 3 possible meanings of the movement data:
* zero : copy the 8x8 block from the pixel data
* negative : copy the 8x8 block from the previous frame from an offset
determined by the actual value of the entry -0xC000.
* positive : copy the 8x8 block from the current frame from an offset
determined by the actual value of the entry -0x4000
Decoding happens in two passes, in the fist pass only new pixeldata is
copied, during the second pass data is copied from the previous and
current frames.
The codec expects that the current frame being decoded to still has the
data from 2 frames ago on it when decoding starts.
Signed-off-by: Hein-Pieter van Braam <hp@tmm.cx>
Interplay MVE can contain up to three different frame formats. They
require different streams of information to render a frame. This patch
changes the IP packet format to prepare for the extra frame formats.
Signed-off-by: Hein-Pieter van Braam <hp@tmm.cx>
Interplay MVE movies have a SEND_BUFFER operation. Only after this
command does the current decoding buffer get displayed. This is required
for the other frame formats. They are fixed-size and can't always encode
a full frame worth of pixeldata.
This code prevents half-finished frames from being emitted.
Signed-off-by: Hein-Pieter van Braam <hp@tmm.cx>
Buffering more than one packet can be a huge performance improvement for
encoding files with small packets (e.g. wav) over SMB/CIFS.
Acked-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
If flushing is not disabled, then mux.c will signal the end of the packets with
an AVIO_DATA_MARKER_FLUSH_POINT, and aviobuf will be able to decide to flush or
not based on the preferred minimum packet size set by the used protocol.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
This patch makes aviobuf work more like traditinal file IO, which is how people
think about it.
For example, in the past, aviobuf only flushed buffers until the current buffer
position, even if more data was written to it previously, and a backward seek
was used to reposition the IO context.
From now, aviobuf will keep track of the written data, so no explicit seek will
be required till the end of the buffer, or till the end of file before flushing.
This fixes at least one regression, fate-vsynth3-flv was broken if
flush_packets option was set to false, an explicit seek was removed in
4e3cc4bdd8.
Also from now on, if a forward seek in the write buffer were to cause a gap
between the already written data and the new file position, a flush will
happen.
The must_flush varable is also removed, which might have caused needless
flushes with multiple seeks whithin the write buffer. Since we know the amount
of data written to it, we will know when to flush.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes a NULL pointer derefence when ogg_init() returns a failure and
a stream's private data was not yet allocated.
This is a regression since 3c5a53cdfa
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
The rtmp protocol uses nonblocking reads, to poll for incoming
messages from the server while publishing a stream.
Prior to 94599a6de3 and
d13b124eaf, the tls protocol
handled the nonblocking flag, mostly as a side effect from not
using custom IO callbacks for reading from the socket. When custom
IO callbacks were taken into use in
d15eec4d6b, the handling of a nonblocking
socket wasn't necessary for the default blocking mode any longer.
The code was simplified, since it was overlooked that other code
within libavformat actually used the tls protocol in nonblocking mode.
This fixes publishing over rtmps, with the gnutls backend.
Signed-off-by: Martin Storsjö <martin@martin.st>
The rtmp protocol uses nonblocking reads, to poll for incoming
messages from the server while publishing a stream.
Prior to 94599a6de3 and
d13b124eaf, the tls protocol
handled the nonblocking flag, mostly as a side effect from not
using custom IO callbacks for reading from the socket. When custom
IO callbacks were taken into use in
d15eec4d6b, the handling of a nonblocking
socket wasn't necessary for the default blocking mode any longer.
The code was simplified, since it was overlooked that other code
within libavformat actually used the tls protocol in nonblocking mode.
This fixes publishing over rtmps, with the openssl backend.
Signed-off-by: Martin Storsjö <martin@martin.st>
mux.c init_muxer() already sets codec_tag correctly in the cases
simplified here.
This also adds the capability to support alternative tags for the
same codec_id.
ff_mp4_obj_type contains the wrong type of tags for
AVOutputFormat.codec_tag. AVOutputFormat.codec_tag is used to
validate AVCodecParameters.codec_tag so needs to be the same
type of tag.
Creates new tag lists for mp4 and ismv. New tag lists support
same list of codecs found in ff_mp4_obj_type. psp uses the same
tag list as mp4 since these both use mp4_get_codec_tag to look up tags.
When the hlsenc at BYTERANGE mode, it should not show the warning message:
"Duplicated segment filename detected:"
Reported-by: Marco <marco@worldcast.com>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Daniel Kucera <daniel.kucera@gmail.com>
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Daniel Kucera <daniel.kucera@gmail.com>
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If the videos starts with B frame, then the minimum composition time
as computed by stts + ctts will be non-zero. Hence we need to shift
the DTS, so that the first pts is zero. This was the intention of that
code-block. However it was subtracting by the wrong amount.
For example, for one of the videos in the bug nonFormatted.mp4 we have
stts:
sample_count duration
960 1001
ctts:
sample_count duration
1 3003
2 0
1 3003
....
The resulting composition times are : 3003, 1001, 2002, 6006, ...
The minimum composition time or PTS is 1001, which should be used to
offset DTS. However the code block was wrongly using ctts[0] which is
3003. Hence the PTS was negative. This change computes the minimum pts
encountered while fixing the index, and then subtracts it from all the
timestamps after the edit list fixes are applied.
Samples files available from:
https://bugs.chromium.org/p/chromium/issues/detail?id=721451https://bugs.chromium.org/p/chromium/issues/detail?id=723537
fate-suite/h264/twofields_packet.mp4 is a similar file starting with 2
B frames. Before this change the PTS of first two B-frames was -6006
and -3003, and I am guessing one of them got dropped when being decoded
and remuxed to the framecrc before, and now it is not being dropped.
Signed-off-by: Sasi Inguva <isasi@google.com>
This reduces the attack surface of local file-system
information leaking.
It prevents the existing exploit leading to an information leak. As
well as similar hypothetical attacks.
Leaks of information from files and symlinks ending in common multimedia extensions
are still possible. But files with sensitive information like private keys and passwords
generally do not use common multimedia filename extensions.
It does not stop leaks via remote addresses in the LAN.
The existing exploit depends on a specific decoder as well.
It does appear though that the exploit should be possible with any decoder.
The problem is that as long as sensitive information gets into the decoder,
the output of the decoder becomes sensitive as well.
The only obvious solution is to prevent access to sensitive information. Or to
disable hls or possibly some of its feature. More complex solutions like
checking the path to limit access to only subdirectories of the hls path may
work as an alternative. But such solutions are fragile and tricky to implement
portably and would not stop every possible attack nor would they work with all
valid hls files.
Developers have expressed their dislike / objected to disabling hls by default as well
as disabling hls with local files. There also where objections against restricting
remote url file extensions. This here is a less robust but also lower
inconvenience solution.
It can be applied stand alone or together with other solutions.
limiting the check to local files was suggested by nevcairiel
This recommits the security fix without the author name joke which was
originally requested by Nicolas.
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This reduces the attack surface of local file-system
information leaking.
It prevents the existing exploit leading to an information leak. As
well as similar hypothetical attacks.
Leaks of information from files and symlinks ending in common multimedia extensions
are still possible. But files with sensitive information like private keys and passwords
generally do not use common multimedia filename extensions.
It does not stop leaks via remote addresses in the LAN.
The existing exploit depends on a specific decoder as well.
It does appear though that the exploit should be possible with any decoder.
The problem is that as long as sensitive information gets into the decoder,
the output of the decoder becomes sensitive as well.
The only obvious solution is to prevent access to sensitive information. Or to
disable hls or possibly some of its feature. More complex solutions like
checking the path to limit access to only subdirectories of the hls path may
work as an alternative. But such solutions are fragile and tricky to implement
portably and would not stop every possible attack nor would they work with all
valid hls files.
Developers have expressed their dislike / objected to disabling hls by default as well
as disabling hls with local files. There also where objections against restricting
remote url file extensions. This here is a less robust but also lower
inconvenience solution.
It can be applied stand alone or together with other solutions.
limiting the check to local files was suggested by nevcairiel
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Atempt to read and propagate only full ADTS frames and not other data,
like id3v1 or APETags at the end of the file.
Fixes ticket #6437.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
The loglevel is choosen so that the main filename and any images of
multi image sequences are shown only at debug level to avoid
clutter.
This makes exploits in playlists more visible. As they would show
accesses to private/sensitive files
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
WebM supports a subset of elements from the Chapters master.
See https://www.webmproject.org/docs/container/#chapters
Addresses ticket #6425
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: James Almer <jamrial@gmail.com>
TLS is currently implemented over either OpenSSL or GnuTLS, with more
backends likely to appear in the future. Currently, those backend libraries
are part of the protocol names used during e.g. the configure stage of a
build. Hide those details behind a generically-named declaration for the
TLS protocol to avoid leaking those details into the configuration stage.
If we for some unexplicable reason didn't pick up getaddrinfo
at configure, the default, IPv4-only, fallback should be good enough.
This effectively reverts 6023d84a2b.
Signed-off-by: Martin Storsjö <martin@martin.st>
Parse the playlist to recover the start sequence and previously
generated segments and continue muxing from there.
Mainly useful for near-seamless recovery in live scenarios.
This prevents part of one exploit leading to an information leak
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
instead of deciding whether to encrypt based on the encryption scheme,
decide according to whether cenc was initialized or not.
mov_create_timecode_track calls ff_mov_write_packet with a track that
doesn't have cenc initialized.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This adapts and merges commit f4bf236338
from libav, originally skipped in 13a211e632
as it was not necessary back then.
Is's applied now in preparation for the following patches, where the
aac_adtstoasc bitstream filter will start to correctly propagate the new
extradata through packet side data.
Signed-off-by: James Almer <jamrial@gmail.com>
Don't just look at zero sized packets, and also check for AAC extradata
updates, in preparation for the following patches.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
If the source is using a custom IO, setting this flag causes heavy leaks
since the segments will not have their avio context closed.
Regression since f5da453b06.
Using AVOnce as a stack variable makes no sense as the state is lost
when the function exits.
This fixes repeated calls to av(filter/device)_register_all
