Fixes: out of array access
Fixes: 38603/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSNSIREN_fuzzer-5741847809490944.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: assertion failure
Fixes: 38332/clusterfuzz-testcase-minimized-ffmpeg_dem_DHAV_fuzzer-4522405595316224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
By using preinit, the AVDCT already exists directly after
allocating the filter, so that the filter's AVClass's child_next
becomes usable for setting options with the AV_OPT_SEARCH_CHILDREN
search flag. This means that it is no longer necessary to use
the init_dict callback for this filter.
Furthermore, the earlier code did not abide by the documentation
of the init_dict callback at all: Instead of only returning the
options that have not been recognized it always returned all options
on any av_opt_set() error and errored out in this case, even if it
is just an unrecognized option. This behaviour has been inherited by
avfilter_init_dict(), contradicting its documentation. This is also
fixed in this commit.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
By using preinit, the SwrContext already exists directly after
allocating the filter, so that the filter's AVClass's child_next
becomes usable for setting options with the AV_OPT_SEARCH_CHILDREN
search flag. This means that it is no longer necessary to use
the init_dict callback for this filter.
Furthermore, the earlier code did not abide by the documentation
of the init_dict callback at all: Instead of only returning the
options that have not been recognized it always returned all options
on any av_opt_set() error and errored out in this case; yet if
the error was just caused by an unrecognized option, it should not
error out at all and instead return said option.
This behaviour has been inherited by avfilter_init_dict(),
contradicting its documentation. This is also fixed by this commit.
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Do this by putting an AVBuffer structure into BufferPoolEntry and
reuse it for all subsequent uses of said BufferPoolEntry.
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
zimg's color range enum values are off-by-one compared to ours;
therefore the code just adds one when converting from theirs to ours.
Yet this is not how one should deal with enums; use a switch instead.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
SRTSOCKET is an abstraction designed by libsrt, it's not guaranteed
to be a real file descriptor. Even if it is, it should not be
operated directly outside of libsrt.
Signed-off-by: Marton Balint <cus@passwd.hu>
It's useful for test client which pass streamid to ffmpeg/ffplay.
For example, use ffmpeg to test streamid support in VLC:
./ffmpeg -v info -re -i foo.mp4 -c copy -f mpegts -mode listener srt://127.0.0.1:9000
./vlc srt://127.0.0.1:9000?streamid=foobar
Signed-off-by: Marton Balint <cus@passwd.hu>
When a possible overflow was detected, there was a break to exit the while
loop. However, it should have already substracted 2 bytes from
program_info_length (descriptor ID + length).
Fixes ticket #9422.
Signed-off-by: Marton Balint <cus@passwd.hu>
The problem was caused by if the width of the processed block
minus 1 is a multiple of the aligned number the instruction
jle .bscale_scalar would skip the Optimized Loop Step, which
will lead to an incorrect sampling when specifying steps more
than 1. Move the Optimized Loop Step after .bscale_scalar to
ensure the loop step is enabled.
Signed-off-by: Wu Jianhua <jianhua.wu@intel.com>
This filter chain was supposed to convert from narrow range
to full range yuv444p, but didn't:
buffer=width=1280:height=720:pix_fmt=yuv444p:frame_rate=25/1:\
time_base=1/25:sar=1/1,zscale=min=709:rin=limited:pin=709:\
tin=709:t=linear,format=gbrpf32le,zscale=tin=linear:p=709:m=709:\
r=full:t=709,format=pix_fmts=yuv444p,buffersink