Commit Graph

493 Commits

Author SHA1 Message Date
Michael Niedermayer
5a3dee65d4 tools/target_dec_fuzzer: adjust pixel threshold for TRUEMOTION2, as it allows coding gigantic images on tiny input
Fixes: Timeout (137sec -> 6sec)
Fixes: 16090/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5674245178261504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
a370582ba9 tools/target_dec_fuzzer: Init parsepkt
Fixes: memory corruption
Fixes: 16702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5768418552184832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 17:33:56 +02:00
Guo, Yejun
83e0b71f66 dnn: export operand info in python script and load in c code
Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-30 11:41:30 -03:00
Guo, Yejun
2d5e39c13e dnn: change .model file format to put layer number at the end of file
currently, the layer number is at the beginning of the .model file,
so we have to scan twice in python script, the first scan to get the
layer number. Only one scan needed after put the layer number at the
end of .model file.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-30 11:41:30 -03:00
Michael Niedermayer
ba823394f6 tools/target_dec_fuzzer: Adjust maxpixels for indeo4
Fixes: Timeout (131sec -> 4sec)
Fixes: 15581/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5651105515569152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
96efaa9a1a tools/target_dec_fuzzer: Adjust GDV pixel threshold down by a factor of 2
Fixes: Timeout (7sec -> 1sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
738ff94f7c tools/target_dec_fuzzer: adjust pixel threshold for SANM, as it allows coding gigantic images on tiny input
Fixes: Timeout (13sec ->1sec)
Fixes: 16122/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SANM_fuzzer-5724944247291904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
02a44ed0c8 tools/target_dec_fuzzer: Increase maxpixels threshold for dirac
wavelets allow significant size expansion and they are also not
very fast.

Fixes: Timeout
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5659892689403904 (108sec -> 17ms)
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5749422717140992 (big ->15sec)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-26 10:36:40 +02:00
Michael Niedermayer
5af613cc48 tools/target_dec_fuzzer: Do not corrupt the packet size return
Fixes: Timeout (infinite)
Fixes: 16732/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5642166377906176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-26 10:36:40 +02:00
James Almer
92c32b0f0c tools/target_dec_fuzzer: use refcounted packets
Should reduce allocations and data copying.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-23 11:08:36 -03:00
Michael Niedermayer
ac77c5492f tools/target_dec_fuzzer: Do not increase max_pixels
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-23 14:38:42 +02:00
Guo, Yejun
ddd92ba2c6 convert_from_tensorflow.py: support conv2d with dilation
conv2d with dilation > 1 generates tens of nodes in graph, it is not
easy to parse each node one by one, so we do special tricks to parse
the conv2d layer.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-15 14:58:19 -03:00
Guo, Yejun
2c01434d60 convert_from_tensorflow.py: add option to dump graph for visualization in tensorboard
Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-15 14:58:19 -03:00
Michael Niedermayer
df7e79a5c3 tools/target_dec_fuzzer: adjust pixel threshold for MSRLE, as it allows coding gigantic images on tiny input
Fixes: Timeout (12sec ->2sec)
Fixes: 16125/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSRLE_fuzzer-5650846364205056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-15 01:26:21 +02:00
Michael Niedermayer
1e2e47e348 tools/target_dec_fuzzer: Print max_pixels and iterations at the end
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-13 16:48:38 +02:00
Nicolas George
2b4c1a0f3c tools/aviocat: add verbose mode.
For now: print the input size as detected by AVSEEK_SIZE.
2019-08-13 15:38:57 +02:00
Michael Niedermayer
faa9cd312f tools/target_dec_fuzzer: Add missing breaks
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:51:09 +02:00
Michael Niedermayer
9e0e9a5f36 tools/target_dec_fuzzer: Limit number off all pixels decoded
This should reduces the number of uninteresting timeouts encountered

A single threshold for all codecs did not work

Fixes: 13979/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5629872380051456 (14sec -> 4sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072 (179sec -> 7sec)
Fixes: 16296/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HNM4_VIDEO_fuzzer-5756304521428992 (108sec -> 9sec)
Fixes: 15620/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GIF_fuzzer-5657214435459072 (26sec -> 26ms)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:45:07 +02:00
Andriy Gelman
90e965be6d tools/zmqsend: Avoid mem copy past the end of input buffer
This patch avoids a read past the end of the input buffer in memcpy since the size
of the received zmq message is recv_buf_size - 1.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-09 23:18:58 +02:00
Michael Niedermayer
42a2edcc1d tools/target_dec_fuzzer: fix memleak of extradata
Fixes: memleak
Fixes: 15535/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5692162424963072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-31 20:35:07 +02:00
Guo, Yejun
ccbab41039 dnn: convert tf.pad to native model in python script, and load/execute it in the c code.
since tf.pad is enabled, the conv2d(valid) changes back to its original behavior.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-07-29 12:34:19 -03:00
Michael Niedermayer
508ce5839e tools/target_dec_fuzzer: Free parser in case of avcodec_open2() failure
Fixes: memleak
Fixes: part of 15529/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5140143700180992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-21 12:33:35 +02:00
Michael Niedermayer
ed4c6ce750 tools/target_dem_fuzzer: ignore avformat_find_stream_info() failure
Such a failure should not be fatal and its worth testing this path too

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-19 11:27:55 +02:00
Michael Niedermayer
9b5249a441 tools/target_dec_fuzzer: Remove redundant av_free()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-13 14:42:57 +02:00
Guo, Yejun
50e194e6e1 tools/python: add script to convert TensorFlow model (.pb) to native model (.model)
For example, given TensorFlow model file espcn.pb,
to generate native model file espcn.model, just run:
python convert.py espcn.pb

In current implementation, the native model file is generated for
specific dnn network with hard-code python scripts maintained out of ffmpeg.
For example, srcnn network used by vf_sr is generated with
https://github.com/HighVoltageRocknRoll/sr/blob/master/generate_header_and_model.py#L85

In this patch, the script is designed as a general solution which
converts general TensorFlow model .pb file into .model file. The script
now has some tricky to be compatible with current implemention, will
be refined step by step.

The script is also added into ffmpeg source tree. It is expected there
will be many more patches and community needs the ownership of it.

Another technical direction is to do the conversion in c/c++ code within
ffmpeg source tree. While .pb file is organized with protocol buffers,
it is not easy to do such work with tiny c/c++ code, see more discussion
at http://ffmpeg.org/pipermail/ffmpeg-devel/2019-May/244496.html. So,
choose the python script.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
2019-07-01 10:23:47 -03:00
Michael Niedermayer
6f2625aafc tools/target_dec_fuzzer: Also fuzz extradata
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-14 21:36:39 +02:00
Michael Niedermayer
0a2b768d3e tools/target_dec_fuzzer: Limit error concealment on pixels instead of just frames
This should reduce the amount of timeout issues overall

Fixes: Timeout (34->10sec)
Fixes: 14682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5728608414334976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-05 13:19:59 +02:00
Michael Niedermayer
710b7ec071 tools: Add fuzzer for demuxers
This is based on target_dec_fuzzer

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-05-31 22:44:30 +02:00
Jun Zhao
a6cd3ad21f tools/crypto_bench: update the comment about build command
commit cd62f9d557 missing the comment about build

Reviewed-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-05-09 17:03:30 +08:00
Jun Zhao
153a6a67a9 tools/crypto_bench: check malloc fail before using it
Need to check malloc fail before using it, so adjust the location
in the code.

Reviewed-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-05-09 16:59:55 +08:00
Michael Niedermayer
21b90435d6 tools/target_dec_fate.list: add issues 4000 to 6000
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-03-20 21:12:45 +01:00
James Almer
06476249cd Merge commit '7e5bde93a1e7641e1622814dafac0be3f413d79b'
* commit '7e5bde93a1e7641e1622814dafac0be3f413d79b':
  build: Rename OBJDIRS variable to OUTDIRS

Merged-by: James Almer <jamrial@gmail.com>
2019-03-10 19:31:13 -03:00
Michael Niedermayer
3b23eb283a tools/target_dec_fate.list: Add testcases for #2000 to #4000
Testcases which return 403 currently are commented out

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-03-01 23:25:08 +01:00
Michael Niedermayer
b7140a4db5 tools/target_dec_fate.sh: Add support for lines that are comments
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-03-01 23:25:08 +01:00
Diego Biurrun
7e5bde93a1 build: Rename OBJDIRS variable to OUTDIRS
These directories are not just for object files.
2019-02-16 13:09:35 +01:00
Michael Niedermayer
dfae0e295a tools/target_dec_fate.list: Extend selftests upto issue 2000
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-02-09 14:40:50 +01:00
Michael Niedermayer
b860f2218a tools/target_dec_fate.list: add entries upto 1214
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-01-28 01:09:38 +01:00
Michael Niedermayer
5faa1b8b5a tools/target_dec_fate: Add entries from around issue 500 to 700
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-01-04 20:32:03 +01:00
Michael Niedermayer
fccba32b4c tools: add target_dec_fate.sh
Script to download and test ossfuzz testcases
This also includes a list of such testcases.
I intend to subsequently fill this list with the cases we have fixed in the past

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-12-29 00:52:34 +01:00
Carl Eugen Hoyos
1a6cca1989 configure: Make sure libpostproc can be found if -rpath-link doesn't work.
Solaris ld takes "-rpath-link=libpostproc" as indication to search in "-link=libpostproc".
2018-12-28 00:22:13 +01:00
Carl Eugen Hoyos
1ffd63a445 tools/qt-faststart: Allow free atoms after moov atom. 2018-08-01 00:49:54 +02:00
Michael Niedermayer
5c0fd9df87 tools/target_dec_fuzzer: set parser codec id to avoid assertion failure
Fixes: 9211/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GSM_fuzzer-5680396581732352
Fixes: assertion failure

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-07-07 12:09:34 +02:00
Michael Niedermayer
9f0077cc03 tools/target_dec_fuzzer: Fix parser_avctx memleak on error path
Fixes: oss-fuzz issue 9195

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-30 16:13:48 +02:00
Michael Niedermayer
310a49f71d tools/target_dec_fuzzer: Also optionally fuzz with a parser
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-28 21:35:01 +02:00
erankor
3dc5aa36fb qt-faststart - print errors to stderr
instead of stdout

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-15 21:42:18 +02:00
erankor
dc16c9dd90 qt-faststart - stco offset bug fix
when the last offsets in the stco atom are close to 4GB, the addition of
the moov atom size can overflow, causing corruption near the end of the
mp4 file.
this patch upgrades all stco atoms to co64 when such an edge case is
detected. in order to accomplish this, the implementation was changed to
walk the atom tree, instead of searching for the strings 'stco'/'co64'.
this was required since when an stco atom is changed to co64, its size
changes, and the sizes of all containing atoms (moov, trak, etc.) have
to be updated as well.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-13 21:55:19 +02:00
erankor
ee09ffbfd2 qt-faststart: add validation on ftyp atom size
avoid trying to allocate an unreasonably sized buffer on corrupt files

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-13 21:55:19 +02:00
James Almer
e3734aa6a3 tools/crypto_bench: add missing RC4 implementation from tomcrypt
Signed-off-by: James Almer <jamrial@gmail.com>
2018-05-30 14:45:26 -03:00
James Almer
5420c8f76e tools/crypto_bench: add missing RC4 implementation from gcrypt
Signed-off-by: James Almer <jamrial@gmail.com>
2018-05-30 14:08:44 -03:00
James Almer
cd62f9d557 tools/crypto_bench: add support for mbedcrypto
Requires mbed TLS 2.7.0 or newer

Signed-off-by: James Almer <jamrial@gmail.com>
2018-05-30 14:08:35 -03:00