Commit Graph

94813 Commits

Author SHA1 Message Date
Michael Niedermayer
cc78783ce5 avcodec/truemotion2: Fix multiple integer overflows in tm2_null_res_block()
Fixes: signed integer overflow: 1795032576 + 598344192 cannot be represented in type 'int'
Fixes: 16196/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5636723419119616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
5a3dee65d4 tools/target_dec_fuzzer: adjust pixel threshold for TRUEMOTION2, as it allows coding gigantic images on tiny input
Fixes: Timeout (137sec -> 6sec)
Fixes: 16090/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5674245178261504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
fe536b6d99 avcodec/vc1_block: Check the return code from vc1_decode_p_block()
Fixes: left shift of negative value -1
Fixes: 16424/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-5656579055026176
Fixes: 16358/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5714436358144000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
9c6b400492 avcodec/vc1dec: Require res_sprite for wmv3images
non res_sprite leads to decoder delay which leads to assertion failure
Fixes: Assertion failure
Fixes: 16402/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5704510034411520
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 16425/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5692858838810624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
6962fd586e avcodec/vc1_block: Check for double escapes
Fixes: out of array read
Fixes: 16331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5672735195267072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
679f340890 avutil/mathematics: Fix 2 overflows in av_add_stable()
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: 16022/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5759796759756800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Marton Balint
ce1fcc8ced avformat/utils: return pending IO error on EOF in av_read_frame()
avio_feof() returns true both in case of actual EOF and in case of IO errors.
Some demuxers (matroska) have special handling to be able to return the proper
error for this exact reason, e.g.:

if (avio_feof(pb)) {
     if (pb->error) {
         return pb->error;
     } else {
         return AVERROR_EOF;
     }
}

However, most of the demuxers do not, and they simply return AVERROR_EOF if
avio_feof() is true, so there is a real chance that IO errors are mistaken for
EOF.

We might just say that the API user should always check the IO context error
attribute on EOF to make sure no IO errors happened, but not even ffmpeg.c does
this. It should be more intuitive to the API user if we simply return the IO
error as the return value of av_read_frame() instead of AVERROR_EOF.

Signed-off-by: Marton Balint <cus@passwd.hu>
2019-08-31 17:38:25 +02:00
Marton Balint
2e31774b40 avformat/avidec: add support for recognizing HEVC fourcc when demuxing
Some security cams generate this, as well as some versions of VirtualDub and
VLC so support for _reading_ such files is justified.

Fixes ticket #7110.

See also this discussion: https://patchwork.ffmpeg.org/patch/8744/

Signed-off-by: Marton Balint <cus@passwd.hu>
2019-08-31 17:38:25 +02:00
Marton Balint
765c56bfa9 avformat/mpegts: fix teletext PTS when selecting teletext streams only
After a1b4f120c0 the teletext PTS values were set
to AV_NOPTS_VALUE if the stream of the PCR pid was discarded.

What actually matters is that if we parse the PCR of the PCR PID or not, so
let's use the cached discard value of the actual PCR PID instead of the stream
discard value, which may be different.

Also fixes ticket #7567, which was caused by the fact that teletext PTS values
were not touched if the PCR pid was discarded even before
a1b4f120c0.

Signed-off-by: Marton Balint <cus@passwd.hu>
2019-08-31 17:38:25 +02:00
Michael Niedermayer
a370582ba9 tools/target_dec_fuzzer: Init parsepkt
Fixes: memory corruption
Fixes: 16702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5768418552184832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 17:33:56 +02:00
Paul B Mahol
c79d6728a7 avfilter/vf_v360: add cubemap 1x6 layout 2019-08-31 14:52:32 +02:00
Michael Niedermayer
07b948fe60 avcodec/vorbisdec: Check get_vlc2() failure
Fixes: out of array read
Fixes: 16510/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-5754510382727168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-30 23:55:50 +02:00
Paul B Mahol
62459d6584 avfilter/vf_stereo3d: improve dubois anaglyphs 2019-08-30 22:41:07 +02:00
Michael Niedermayer
9b57b90c4c avcodec/vaapi_encode: Simplify code with av_clip_int8()
Reviewed-by: "Li, Zhong" <zhong.li@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-30 20:23:02 +02:00
Guo, Yejun
83e0b71f66 dnn: export operand info in python script and load in c code
Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-30 11:41:30 -03:00
Guo, Yejun
2d5e39c13e dnn: change .model file format to put layer number at the end of file
currently, the layer number is at the beginning of the .model file,
so we have to scan twice in python script, the first scan to get the
layer number. Only one scan needed after put the layer number at the
end of .model file.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-30 11:41:30 -03:00
Guo, Yejun
09a455a246 dnn: introduce dnn operand (in c code) to hold operand infos within network
the info can be saved in dnn operand object without regenerating again and again,
and it is also needed for layer split/merge, and for memory reuse.

to make things step by step, this patch just focuses on c code,
the change within python script will be added later.

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
2019-08-30 11:41:30 -03:00
Eugene Lyapustin
20a12448aa avfilter/vf_v360: add facebook's format 2019-08-30 11:42:31 +02:00
Jun Zhao
95780f4dcb avutil/file: add more check befor destory the buffer
add more check befor destory the buffer

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-08-30 09:16:01 +08:00
Jun Zhao
7ce15b1d43 avutil/file: always set *size to zero if *bufptr is NULL
Always set *size to zero if *bufptr is NULL, it's more make sence.

fix #8095

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
2019-08-30 09:15:43 +08:00
Paul B Mahol
7c0b3ba7dd avcodec: add IMM5 decoder 2019-08-29 21:04:54 +02:00
Paul B Mahol
0067da587a avcodec/msrle: add a flush() callback
The reference frame isn't valid after seeking.
2019-08-29 18:31:59 +02:00
Aman Gupta
59e651c052 configure: fix --enable-omx compile on raspberry pi
Many ffmpeg + rpi compilation guides on the internet recommend
using `./configure --enable-omx --enable-omx-rpi`. This fails
to find the IL OMX headers on device because the omx require_headers
check happens first before the add_cflags in omx_rpi.

A workaround is to use `./configure --enable-omx-rpi` only, since
omx_rpi already implies omx. But because many users expect to use
existing scripts and commands, we swap the order here so omx_rpi
special cases are applied first.

In the past this wasn't an issue because users noticed the OMX_Core.h
missing error and installed libomxil-bellagio-dev. But since
76c82843cc, the rpi specific headers from /opt/vc/include/IL
are required.

Signed-off-by: Aman Gupta <aman@tmm1.net>
2019-08-29 08:52:37 -07:00
Michael Niedermayer
15a65c13e1 avcodec/ivi: Allocate bufs later
Fixes: Timeout (24sec->2sec)
Fixes: 15951/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO5_fuzzer-5095433266790400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
ba823394f6 tools/target_dec_fuzzer: Adjust maxpixels for indeo4
Fixes: Timeout (131sec -> 4sec)
Fixes: 15581/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5651105515569152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
96efaa9a1a tools/target_dec_fuzzer: Adjust GDV pixel threshold down by a factor of 2
Fixes: Timeout (7sec -> 1sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
738ff94f7c tools/target_dec_fuzzer: adjust pixel threshold for SANM, as it allows coding gigantic images on tiny input
Fixes: Timeout (13sec ->1sec)
Fixes: 16122/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SANM_fuzzer-5724944247291904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
7e9aecc9f3 avcodec/tta: Fix integer overflow in prediction
Fixes: signed integer overflow: -395281576 + -1827578048 cannot be represented in type 'int'
Fixes: 16038/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5646109705240576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
dea2591d4f avcodec/vb: Check input packet size to be large enough to contain flags
Fixes: Timeout (->9sec)
Fixes: 16292/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VB_fuzzer-5747063496638464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:18:42 +02:00
Michael Niedermayer
37bc8e3249 avcodec/cavsdec: Limit the number of access units per packet to 2
Fixes: Timeout (122sec -> 13ms)
Fixes: 15978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CAVS_fuzzer-5148925004087296

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:16:18 +02:00
Michael Niedermayer
e0c973e5be avformat/mpsubdec: Remove floating point usage
This makes the code bitexact between platforms.
Intermediate timestamps between frames are preserved.
The timebase is simplified.
Rounding differs from doubles in cases where timestamps/durations
are "funny"

Suggested-by: jb
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:14:32 +02:00
Thierry Foucu
a80fdbcf13 lavc/cbs_h2645: Use av_realloc instead of av_malloc
Follow the description of av_realloc, the memory needs to be allocated
by av_realloc.
2019-08-28 21:57:48 +02:00
Limin Wang
ffd65c8862 lavf/dump: dump the vbv_delay with N/A instead of 18446744073709551615
How to check it:
./ffmpeg -f lavfi -i testsrc  -c:v mpeg2video  -f null  -
master:
  Side data:
        cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay:
        18446744073709551615
patch applied:
Side data:
      cpb: bitrate max/min/avg: 0/0/200000 buffer size: 0 vbv_delay: N/A

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-28 18:18:41 +02:00
Paul B Mahol
330ba8d537 avcodec/dsd: use uint8_t instead of unsigned char 2019-08-28 17:30:55 +02:00
Paul B Mahol
9606e4b6e6 avcodec/dsddec: add slice threading support 2019-08-28 17:28:16 +02:00
Paul B Mahol
98f5cbcb7d avformat/dsfdec: set packet pts/duration/pos correctly 2019-08-28 17:01:43 +02:00
Paul B Mahol
ef73ccc2c4 avcodec/h264_refs: do not use invalid mmco values in case of error
Change one relevant assert to av_assert0 while here.
2019-08-28 16:31:00 +02:00
Paul B Mahol
428b4aacb1 avformat/mov: improve timecode calculation
Fixes timecode calculation for NTSC frame rates.
Fixes ticket #5978.
2019-08-28 16:27:58 +02:00
Paul B Mahol
d063f13700 avcodec/tiff: add missing break in tiff_decode_tag() 2019-08-28 15:46:40 +02:00
Paul B Mahol
d8410e9cf9 avformat/dhav: always initializer ret 2019-08-28 15:44:36 +02:00
Paul B Mahol
1232e67b16 avfilter/af_compand: change error condition into warning 2019-08-28 15:28:53 +02:00
OvchinnikovDmitrii
f8ad2ddd7a libavcodec/amfenc: Vulkan initialization support for encoder.
Added linux support for amf encoder through vulkan.

To use h.264(AMD VCE) encoder on linux amdgru-pro version 19.20+ and
amf-amdgpu-pro package(amdgru-pro contains, but does not install
automatically) are required.

This driver can be installed using amdgpu-pro-install script in
official amd driver archive.

Initialization of amf encoder occurs in this order:
1) trying to initialize through dx11(only windows)
2) trying to initialize through dx9(only windows)
3) trying to initialize through vulkan

Only Vulkan initialization available on linux.
2019-08-27 18:28:31 -07:00
James Almer
b319feb05f avcodec/qtrle: don't clear the palette when flushing
It may be propagated only once for the entire stream.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-27 15:24:47 -03:00
James Almer
d70bbdc5fa avcodec/qtrle: call ff_reget_buffer() only when the picture data is going to change
ff_reget_buffer() will attempt to create a writable copy of the frame,
which is not needed when the decoder intends to return a reference to
the same buffer as the previous frame.

Should reduce data copy, hopefully achieving a similar speed up as
a9dacdeea6 without dropping frames.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-27 15:24:21 -03:00
James Almer
8b71cc3363 Revert "avcodec/qtrle: Do not output duplicated frames on insufficient input"
This reverts commit a9dacdeea6.

This patch effectively made the decoder output vfr content out of samples
where cfr is expected.

Addresses ticket #7880.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-27 15:10:03 -03:00
Michael Niedermayer
dead949a1f avcodec/atrac9dec: Check block_align
Fixes: Infinite loop
Fixes: 16260/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5676365617037312
Fixes: 16260/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5768093879500800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-27 17:57:44 +02:00
James Almer
33a53722dc avcodec/qtrle: add a flush() callback
The reference frame isn't valid after seeking

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-27 11:58:45 -03:00
James Almer
af70bfbead avcodec/h2645_parse: zero initialize the rbsp buffer
Fixes ticket #8093

Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-27 10:56:41 -03:00
Aman Gupta
0821bc4eee avcodec/vaapi_encode: respect -force_key_frames setting
This was a regression in 5fdcf85bbf

Signed-off-by: Aman Gupta <aman@tmm1.net>
Signed-off-by: Mark Thompson <sw@jkqxz.net>
2019-08-26 16:09:11 -07:00
Michael Niedermayer
02a44ed0c8 tools/target_dec_fuzzer: Increase maxpixels threshold for dirac
wavelets allow significant size expansion and they are also not
very fast.

Fixes: Timeout
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5659892689403904 (108sec -> 17ms)
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5749422717140992 (big ->15sec)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-26 10:36:40 +02:00