1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Commit Graph

96809 Commits

Author SHA1 Message Date
Michael Niedermayer
a71794e8c2 avcodec/ralf: Fix overflows of biased values
Fixes: signed integer overflow: 2003010644 * 2 cannot be represented in type 'int'
Fixes: 19593/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5660628006207488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:59:48 +01:00
Michael Niedermayer
32522b5307 tools/target_dec_fuzzer: limit per frame samples for APE
APE in its highest compression mode is really slow so even one frame
of millions of samples takes a long time

Fixes: Timeout (too long -> 3sec)
Fixes: 19937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5751668818051072

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:59:10 +01:00
Michael Niedermayer
1cd4184020 avformat/mov: Check STCO location
Fixes: bypassing of checks and assertion failure
Fixes: asan_1003879.mp4

Found-by: Clusterfuzz + asan
Reported-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:58:45 +01:00
Michael Niedermayer
422202516c avcodec/wmalosslessdec: Fix multiple integer overflows
Fixes: left shift of 3329 by 20 places cannot be represented in type 'int'
Fixes: signed integer overflow: -199378355 + -1948950833 cannot be represented in type 'int'
Fixes: 19837/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5752565837070336
Fixes: 19839/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5767483265122304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:58:22 +01:00
Michael Niedermayer
a3655bb02c avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
Fixes: signed integer overflow: -2143289344 - 6246400 cannot be represented in type 'int'
Fixes: 19239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5173755680915456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:58:15 +01:00
Michael Niedermayer
07754f3f8f remove tests/ref/lavf/fits
This appears to be forgotten in ac4b5d8622

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:57:58 +01:00
Michael Niedermayer
6f5c18da59 avcodec/smacker: Check space before decoding type
Fixes: Timeout (232sec -> 280ms)
Fixes: 19682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5654129649385472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:57:34 +01:00
Michael Niedermayer
2b5b9d5dac avcodec/rawdec: Use linesize in b64a
Fixes: out of array access
Fixes: 19750/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer-5074834119983104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:57:25 +01:00
Michael Niedermayer
8652f4e7a1 avcodec/iff: Over-allocate ham_palbuf for HAM6 IFF-PBM
IFF-PBM-HAM6 can read out of array without this overallocation
Fixes: Out of array read
Fixes: 19752/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5675331403120640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:56:25 +01:00
Michael Niedermayer
d4b05f31d8 doc/filters: Document geq *sum functions
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:55:36 +01:00
Michael Niedermayer
48b6947821 tools/target_dec_fuzzer: Add threshold for ALS
Fixes: Timeout (253sec -> 16sec)
Fixes: 18668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-6227155369590784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 19:40:26 +01:00
Michael Niedermayer
0694b60b7b avcodec/x86/diracdsp: Fix incorrect src addressing in dequant_subband_32()
Fixes: Segfault (not reproducable with asm, which made this hard to debug)
Fixes: decoding errors
Fixes: 19854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5729372837511168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 18:47:21 +01:00
Michael Niedermayer
20916f9bc4 avcodec/screenpresso: Optimize sum_delta_flipped()
553 -> 332 sec

Testcase: 20280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCREENPRESSO_fuzzer-6238663432470528

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 18:47:21 +01:00
Andreas Rheinhardt
6e8e8431e1 avformat/aviobuf: Remove AVIOInternal and one level of indirection
In the Libav commit cae448cf, the opaque of every AVIOContext opened
by ffio_fdopen() (which is used internally by avio_open() and avio_open2())
changed: It was a simple pointer to an URLContext before, but now it was
a structure (namely AVIOInternal) containing a pointer to an URLContext
as its only member. The next commits (namely 8c0ceafb and ec4c4839) added
members to AVIOInternal to allow white-/blacklisting of protocols.

But these two commits were never merged into FFmpeg (they were only
merged as no-ops in 510046c2 and 063b26d3), because FFmpeg chose
a different way to implement this (in 93629735); and so our AVIOInternal
still has exactly one member.

This of course means that it is unnecessary to use AVIOInternal as
opaque as it is just adding a level of indirection (not only pointer
dereference, but also wrapper functions). Therefore this commit
removes AVIOInternal entirely and essentially reverts cae448cf.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-30 18:47:21 +01:00
Paul B Mahol
0a275fec62 avfilter/vf_xfade: add radial transition 2020-01-30 17:29:31 +01:00
Jun Zhao
b99ed6e428 cmdutils: fix crash if no name for "ffmpeg -h protocol"
fix crash when used the command like:
- ffmpeg -h protocol
- ffmpeg -h protocol=

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-30 12:50:22 -03:00
Paul B Mahol
863accbefa avfilter: add xfade filter 2020-01-30 16:35:33 +01:00
Steven Liu
6087692a60 cmdutils: add show_help_protocol for get protocol options
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2020-01-30 17:10:21 +08:00
Steven Liu
27529eeb27 avformat/avio: add avio_protocol_get_class
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Suggested-by: Hendrik Leppkes <h.leppkes@gmail.com>
Suggested-by: Nicolas George <george@nsup.org>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2020-01-30 17:10:12 +08:00
Paul B Mahol
3bce9e9b3e avformat/tty: add probe function 2020-01-29 21:55:47 +01:00
Marton Balint
47d5d0cc74 avfilter/vf_geq: fix multiple assignments of ptr in slice_geq_filter
Fixes Coverity CID 1427183.

Signed-off-by: Marton Balint <cus@passwd.hu>
2020-01-29 19:53:43 +01:00
Michael Niedermayer
04e524c34b tools/target_dec_fuzzer: Add threshold for IFF_ILBM
Fixes: Timeout (32 -> 1sec)
Fixes: 20138/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5634665251864576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-29 13:06:26 +01:00
Michael Niedermayer
cc7bf7e05c tools/target_dec_fuzzer: Sort threshold list alphabetically
This also removes the comments as they are hard to maintain
together with sorted lists

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-29 13:06:26 +01:00
Paul B Mahol
d01d606504 avcodec/dnxhddec: properly set colorspace 2020-01-29 09:42:14 +01:00
Guo, Yejun
de1b2aa796 Revert "fate/filter-video: add two tests for dnn_processing with frame format rgb24 and grayf32"
The tests broke fate without SAMPLES and fate on some platforms.
This reverts commit 95ade711eb.
2020-01-29 01:15:56 +01:00
Andreas Rheinhardt
43f58f2354 avformat/mov: Don't leak MOVFragmentStreamInfo on error
Fixes Coverity issue #1441933.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-28 17:18:27 +01:00
Andreas Rheinhardt
3999c4b374 avformat/mov: Free encryption data on error
Fixes memleak and Coverity issue #1439587.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-28 17:18:27 +01:00
Andreas Rheinhardt
ab39f0d841 avfilter/asrc_sinc: Don't allocate arrays separately
Besides the obvious advantages this also fixes a potential memleak:
If only one of the arrays had been successfully allocated, the other
would leak. This also fixes Coverity issues #1440386 and #1440387.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-28 17:18:27 +01:00
Gyan Doshi
febd37f4bd avformat/mov: update extensions
Added all extensions used by the mov muxer family, except m4v which
is also used for raw MPEG-4 Part 2 bitstreams
2020-01-28 11:10:24 +05:30
Carl Eugen Hoyos
d89f69e142 test/fate: Add missing exe suffix to h265_levels test.
Fixes fate on WSL using mingw.
2020-01-28 00:02:01 +01:00
Carl Eugen Hoyos
26c7f91e66 ffmpeg: Do not print "SDP:" on top of sdp files.
Fixes ticket #7068.
2020-01-27 22:45:06 +01:00
Andreas Rheinhardt
44be057380 avformat/matroskaenc: Remove useless AVIOContext
Write a few numbers directly via AV_WB32 instead of using an AVIOContext
(that is initialized only for this very purpose) to write these numbers
at known offsets into a fixed buffer.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-27 16:38:06 -03:00
Andreas Rheinhardt
9c8aa86883 avformat/matroskaenc: Improve writing Projection
The Matroska Projection master element has such a small maximum length
that it can always be written with a length field of length one.
So it is unnecessary to first write the element into a dynamic buffer to
get the accurate length in order not to waste bytes on the length field.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-27 16:37:59 -03:00
Andreas Rheinhardt
8867efa85f avformat/mux: Don't use av_ prefix for static functions
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-27 16:00:05 -03:00
Paul B Mahol
32ea6ffb16 avfilter/vf_colorconstancy: fix memory leak on error
Also remove unneeded log message while here.
2020-01-27 16:58:50 +01:00
Michael Niedermayer
dfc4714886 avfilter/vf_find_rect: Remove assert
A score of 0 is possible
Fixes: Ticket8500

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-27 12:01:42 +01:00
Michael Niedermayer
6ff2474e02 avfilter/vf_find_rect: Increase worst case score
score could be 1.0 which lead to uninitialized values

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-27 12:01:42 +01:00
James Almer
5e62100152 avcodec/av1_parser: export color information
Should fix fate-lavf-fate-av1.mkv failures on builds without an AV1 decoder.

Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-26 15:30:26 -03:00
Andreas Rheinhardt
148fb44b36 avformat/mux: Don't unnecessarily zero-initialize AVPacketList
If no error occurs and this AVPacketList is used at all, its packet
substructure will be overwritten and its next pointer explicitly set, so
every field will still be initialized even when using av_malloc.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
020159e0e7 avformat/mux: Move packet references
In the common case that the input packet was already refcounted,
ff_interleave_add_packet would allocate a new AVPacketList, use
av_packet_ref to create a new reference to the buffer for the
AVPacketList's packet, interleave the packet and finally unreference
the original input packet.
This commit changes this: It uses av_packet_move_ref to transfer
the packet to its destination. In case the input packet is refcounted,
this saves an allocation and a free (of an AVBufferRef); if not, the
packet is made refcounted before moving it. When the input packet has
side data, one saves even more than one allocation+free.

Furthermore, when the packet is in reality an uncoded frame, a hacky
ad-hoc variant of av_packet_move_ref has been employed. Not any more.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
262b554358 avformat/gxfenc: Add deinit function
Fixes memleaks when the trailer is never written (e.g. if the call to
gxf_write_map_packet() at the end of gxf_write_header() fails).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
e6aa9b11bf avformat/mxfenc: Add deinit function
Fixes memleaks when allocating the private data of the timecode_track
fails or when the trailer is never written.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
360aeccf46 avformat/mxfenc: Don't free priv_data of AVStream
It will be freed when the AVStream is freed later anyway.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
f1d46db926 avformat/audiointerleave: Check before dereferencing
In order to use ff_audio_rechunk_interleave() (a special interleavement
function for situations where the ordinary "interleave by dts" is not
appropriate), the AVStreams must have private data and this private data
must begin with an AudioInterleaveContext which contains a fifo that may
need to be freed and when ff_audio_interleave_close() was called, it just
assumed that everything has been properly set up, i.e. that every streams
priv_data exists. This implies that this function can not be called from
the deinit function of a muxer, because such functions might be called
if the private data has not been successfully allocated. In order to
change this, add a check for whether the private data exists before
trying to free the fifo in it.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
556c4e38d5 avformat/dvenc: Don't zero unnecessarily
The muxing context has already been zeroed when it was allocated, hence
it is unnecessary to do it again.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Andreas Rheinhardt
f1dbfcdf89 avformat/dvenc: Replace write_trailer by deinit function
The old write_trailer only freed memory, so it is better to make a
dedicated deinit function out of it. Given that this function will also
be called when writing the header fails, one can also remove code that
frees already allocated fifos when allocating another one fails.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2020-01-26 17:24:41 +01:00
Gyan Doshi
0b1ff3265e avformat/yuv4mpegdec: increase header limit
Allows demuxing UHD 30000/1001 fps yuvj420p files
2020-01-26 21:44:43 +05:30
Gyan Doshi
724e6b3d63 avformat/yuv4mpegdec: better error logging 2020-01-26 21:44:38 +05:30
James Almer
609dfb4057 fate/lavf-container: add an AV1 in Matroska muxing test
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-26 12:41:32 -03:00
Andreas Rheinhardt
a3e43e0cf3 avformat/av1: Avoid allocation + copying when filtering OBUs
Certain types of OBUs are stripped away before muxing into Matroska and
ISOBMFF; there are two functions to do this: One that outputs by
directly writing in an AVIOContext and one that returns a freshly
allocated buffer with the units not stripped away copied into it.

The latter option is bad for performance, especially when the input
does already not contain any of the units intended to be stripped away
(this covers typical remuxing scenarios). Therefore this commit changes
this by avoiding allocating and copying when possible; it is possible if
the OBUs to be retained are consecutively in the input buffer (without
an OBU to be discarded between them). In this case, the caller receives
the offset as well as the length of the part of the buffer that contains
the units to be kept. This also avoids copying when e.g. the only unit
to be discarded is a temporal delimiter at the front.

For a 22.7mb/s file with average framesize 113 kB this improved the time
for the calls to ff_av1_filter_obus_buf() when writing Matroska from
313319 decicycles to 2368 decicycles; for another file with 1.5mb/s
(average framesize 7.3 kB) it improved from 34539 decicycles to 1922
decicyles. For these files the only units that needed to be stripped
away were temporal unit delimiters at the front.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2020-01-26 12:41:32 -03:00