There is no point in delaying the check and it avoids bugs with a
half-initialized context.
Fixes invalid reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
* commit '94603feb1b3ad01a821a1a1cef1570b13f471821':
h264_ps: when parsing a VUI fails, only abort when explode is set
Merge only for metadata, ignoring invalid data can put the context
into an invalid state and can possibly be used for remote code
execution exploits.
Also we support all non standard VUIs that have been reported so
ignoring parsing failure makes no sense for us unless theres
some issue that has not been reported
Merged-by: Michael Niedermayer <michaelni@gmx.at>
A VUI doesn't contain anything strictly necessary for decoding.
Apparently there are many samples with truncated VUIs in the wild, this
commit should allow decoding them.
* commit 'c18838f5eb7d7001a9dc653f5162868c04c1b2a1':
h264_ps: Use more meaningful error values
Conflicts:
libavcodec/h264_ps.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Most of the changes are just trivial are just trivial replacements of
fields from MpegEncContext with equivalent fields in H264Context.
Everything in h264* other than h264.c are those trivial changes.
The nontrivial parts are:
1) extracting a simplified version of the frame management code from
mpegvideo.c. We don't need last/next_picture anymore, since h264 uses
its own more complex system already and those were set only to appease
the mpegvideo parts.
2) some tables that need to be allocated/freed in appropriate places.
3) hwaccels -- mostly trivial replacements.
for dxva, the draw_horiz_band() call is moved from
ff_dxva2_common_end_frame() to per-codec end_frame() callbacks,
because it's now different for h264 and MpegEncContext-based
decoders.
4) svq3 -- it does not use h264 complex reference system, so I just
added some very simplistic frame management instead and dropped the
use of ff_h264_frame_start(). Because of this I also had to move some
initialization code to svq3.
Additional fixes for chroma format and bit depth changes by
Janne Grunau <janne-libav@jannau.net>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
* commit 'c661cb6672af5ebcb900ec8766b24761bd2ab011':
cmdutils: pass number of groups to split_commandline().
mov: handle h263 and flv1 for codec_tag 'H','2','6','3'
h264: fix sps parsing for SVC and CAVLC 4:4:4 Intra profiles
Conflicts:
libavcodec/h264_ps.c
libavformat/isom.c
libavformat/mov.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '072be3e8969f24113d599444be4d6a0ed04a6602':
h264: set parameters from SPS whenever it changes
asyncts: cosmetics: reindent
Conflicts:
libavcodec/h264.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'd7d6efe42b0d2057e67999b96b9a391f533d2333':
h264: check sps.log2_max_frame_num for validity
mov: validate number of DataReferenceBox entries against box size
mov: compute avg_frame_rate only if duration is known
flac: change minimum and default of lpc_passes option to 1
Conflicts:
libavcodec/h264_ps.c
libavformat/mov.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
avformat: Drop pointless "format" from container long names
swscale: bury one more piece of inline asm under HAVE_INLINE_ASM.
wv: K&R formatting cosmetics
configure: Add missing descriptions to help output
h264_ps: declare array of colorspace strings on its own line.
fate: amix: specify f32 sample format for comparison
tiny_psnr: support 32-bit float samples
eamad/eatgq/eatqi: call special EA IDCT directly
eamad: remove use of MpegEncContext
mpegvideo: remove unnecessary inclusions of faandct.h
af_asyncts: avoid overflow in out_size with large delta values
af_asyncts: add first_pts option
Conflicts:
configure
libavcodec/eamad.c
libavcodec/h264_ps.c
libavformat/crcenc.c
libavformat/ffmdec.c
libavformat/ffmenc.c
libavformat/framecrcenc.c
libavformat/md5enc.c
libavformat/nutdec.c
libavformat/rawenc.c
libavformat/yuv4mpeg.c
tests/tiny_psnr.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
mpeg12: fixed parsing in some mpeg2 streams
Add SMPTE240M transfer characteristics flag.
mpegts: Some additional HDMV types and reg descriptors for mpegts
motionpixels: Clip YUV values after applying a gradient.
jpeg: handle progressive in second field of interlaced.
ituh263dec: Implement enough of Annex O (scalability) to fix a FPE.
h263: more strictly forbid frame size changes with frame-mt.
h264: additional protection against unsupported size/bitdepth changes.
tta: prevents overflows for 32bit integers in header.
configure: remove malloc_aligned.
vp8: update frame size changes on thread context switches.
snowdsp: explicitily state instruction size.
wmall: fix reconstructing audio with uncoded channels
WMAL cosmetics: fix indentation
gitignore: add Win32 library suffixes
Conflicts:
configure
libavcodec/h263dec.c
libavcodec/h264.c
libavcodec/ituh263dec.c
libavcodec/mjpegdec.c
libavcodec/wmalosslessdec.c
libavcodec/x86/snowdsp_mmx.c
libavformat/mpegts.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
