Check explicitly if enough bits are left to prevent an infinite loop
when the bitstream buffer is not followed by zero-padding.
Based on patches by Michael Niedermayer <michaelni@gmx.at>.
frame_size is the number of bytes left in the packet, so if we are passing
buf-4 we can safely read frame_size+4 bytes.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
* qatar/master: (46 commits)
mtv: Make sure audio_subsegments is not 0
v4l2: use V4L2_FMT_FLAG_EMULATED only if it is defined
avconv: add symbolic names for -vsync parameters
flvdec: Fix compiler warning for uninitialized variables
rtsp: Fix compiler warning for uninitialized variable
ulti: convert to new bytestream API.
swscale: Use standard multiple inclusion guards in ppc/ header files.
Place some START_TIMER invocations in separate blocks.
v4l2: list available formats
v4l2: set the proper codec_tag
v4l2: refactor device_open
v4l2: simplify away io_method
v4l2: cosmetics
v4l2: uniform and format options
v4l2: do not force interlaced mode
avio: exit early in fill_buffer without read_packet
vc1dec: fix invalid memory access for small video dimensions
rv34: fix invalid memory access for small video dimensions
rv34: joint coefficient decoding and dequantization
avplay: Don't call avio_set_interrupt_cb(NULL)
...
Conflicts:
Changelog
avconv.c
doc/APIchanges
doc/indevs.texi
libavcodec/adxenc.c
libavcodec/dnxhdenc.c
libavcodec/h264.c
libavdevice/v4l2.c
libavformat/flvdec.c
libavformat/mtv.c
libswscale/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
decoding.
BUG=100543
Review URL: http://codereview.chromium.org/8365014
This fixes 25% of CVE-2011-3893
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This fixes compilation failures related to START_TIMER/STOP_TIMER macros and
-Werror=declaration-after-statement. START_TIMER declares variables and thus
may not be placed after statements outside of a new block.
For small video dimensions, these calculations of the upper bound
for pixel access may have a negative result. Using an unsigned
comparison to bound a potentially negative value only works if
the greater operand is non-negative. Fixed by doing edge emulation
when the upper bound is probably negative, everywhere that this
pattern appears.
Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
For small video dimensions calculations of the upper bound for pixel
access may result in negative value. Using an unsigned comparison
works only if the greater operand is non-negative. This is fixed by
doing edge emulation explicitly for such conditions.
Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
Perform dequantization while decoding coefficients instead of performing it
on the entire coefficients buffer.
Since quantized coefficients are very sparse, this usually causes a small
speedup. Speedup of around 1% on Panda board compared to the removed here
neon code. Global speedup is probably around 3%.
Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
This fixes compilation failures related to START_TIMER/STOP_TIMER macros and
-Werror=declaration-after-statement. START_TIMER declares variables and thus
may not be placed after statements outside of a new block.
* qatar/master:
fate: add dxtory test
adx_parser: rewrite.
adxdec: Validate channel count to fix a division by zero.
adxdec: Do not require extradata.
cmdutils: K&R reformatting cosmetics
alacdec: implement the 2-pass prediction type.
alacenc: implement the 2-pass prediction type.
alacenc: do not generate invalid multi-channel ALAC files
alacdec: fill in missing or guessed info about the extradata format.
utvideo: proper median prediction for interlaced videos
lavu: bump lavu minor for av_popcount64
dca: K&R formatting cosmetics
dct: K&R formatting cosmetics
lavf: flush decoders in avformat_find_stream_info().
win32: detect number of CPUs using affinity
Add av_popcount64
snow: Restore three mistakenly removed casts.
Conflicts:
cmdutils.c
doc/APIchanges
libavcodec/adx_parser.c
libavcodec/adxdec.c
libavcodec/alacenc.c
libavutil/avutil.h
tests/fate/screen.mak
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* shariman/wmall:
Fix audio output
Suppress dumping of residues buffer
Use quantizer value read from bitstream
Cosmetics: Remove two empty lines and realign some code
Reset acfilter_prevvalues buffer in clear_codec_buffers()
Fix AC filter buffers and AC filter reversion
Merged-by: Michael Niedermayer <michaelni@gmx.at>
The previous code ended in multiple different infinite
loops. See stl_ten_1_big.sfd as example with and without zzuf
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
The original code wasn't taking into account the fact that linesize may not equal the frame's width. This is to correct that.
Signed-off-by: Michael Bradshaw <mbradshaw@sorensonmedia.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
mpegenc: use avctx->slices as number of slices
v410enc: fix undefined signed left shift caused by integer promotion
Release notes: mention cleaned up header includes
fix Changelog file
Fix a bunch of typos.
Drop some pointless void* return value casts from av_malloc() invocations.
wavpack: fix typos in previous cosmetic clean-up commit
wavpack: cosmetics: K&R pretty-printing
avconv: remove the 'codec framerate is different from stream' warning
wavpack: determine sample_fmt before requesting a buffer
bmv audio: implement new audio decoding API
mpegaudiodec: skip all channels when skipping granules
mpegenc: simplify muxrate calculation
Conflicts:
Changelog
avconv.c
doc/RELEASE_NOTES
libavcodec/h264.c
libavcodec/mpeg12.c
libavcodec/mpegaudiodec.c
libavcodec/mpegvideo.c
libavformat/mpegenc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Up until now, the decoder didn't output anything
in the data buffer. This fixes all the issues
related to sample format, removes leftover code
and actually outputs some audio to data buffer.
With this, the only sample we have can be played.
Seeking is still broken though.
Adds a new member to MpegEncContext to hold the number of used slice
contexts. Fixes segfaults with '-threads 17 -thread_type slice' and
fate-vsynth{1,2}-mpeg{2,4}thread{,_ilace} with --disable-pthreads.
* qatar/master:
avconv: make -frames work for all types of streams, not just video.
bfi: K&R cosmetics
bgmc: K&R cleanup
rawdec: Set start_time to 0 for raw audio files.
Detect 'yuv2' as rawvideo also in avi.
rawdec: propagate pict_type information to the output frame
rawdec: Support more QT 1bpp rawvideo files.
avconv: free bitstream filters
threads: limit the number of automatic threads to MAX_AUTO_THREADS
avplay: K&R cleanup
fate: use rgb24 as output format for dfa tests
threads: set thread_count to 1 when thread support is disabled
threads: introduce CODEC_CAP_AUTO_THREADS and add it to libx264
Conflicts:
ffplay.c
libavcodec/avcodec.h
libavcodec/pthread.c
libavcodec/version.h
tests/ref/fate/dfa1
tests/ref/fate/dfa10
tests/ref/fate/dfa11
tests/ref/fate/dfa2
tests/ref/fate/dfa3
tests/ref/fate/dfa4
tests/ref/fate/dfa5
tests/ref/fate/dfa6
tests/ref/fate/dfa7
tests/ref/fate/dfa8
tests/ref/fate/dfa9
Merged-by: Michael Niedermayer <michaelni@gmx.at>
fixes ticket #813
Reviewed-by: Michael Niedermayer <michaelni@gmx.at>
Reviewed-by: Jean First <jeanfirst@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>