summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* avcodec/vlc, bitstream: Allow to use BE codes to initialize LE VLCAndreas Rheinhardt2020-10-122-13/+22
| | | | | | | | | This is easily possible because ff_init_vlc_sparse() already transforms both LE as well as BE codes to a normal form internally before processing them further. This will be used in subsequent commits. Reviewed-by: Michael Niedermayer <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/speedhq: Don't use ff_ prefix for static symbolsAndreas Rheinhardt2020-10-121-17/+17
| | | | | Reviewed-by: Paul B Mahol <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/speedhq: Don't pretend reading DC can failAndreas Rheinhardt2020-10-121-4/+0
| | | | | | | | It can't, because the tables used don't have any loose ends. This also fixes a bug in the only caller of decode_dc_le(): It didn't check the return value. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/indeo2: Remove #ifdef BITSTREAM_READER_LE cruftAndreas Rheinhardt2020-10-121-16/+3
| | | | | | | | | | | | | | | | Before the LE bitstream reader was used in the Indeo 2 decoder, a standard BE bitstream reader with swapped bits was used; when the LE bitstream reader was added, the old code was only #ifdef'ed away and not removed. Said code has several problems: It modifies the input packet without ensuring that the packet is indeed writable; and it doesn't work since 09c4e5c5988c0037d108c5fc2a137d9ad488f7f4 because said commit removed the BE table used to initialize the VLC table. So just remove this cruft from the actual decoder, too. Also use INIT_LE_VLC_STATIC while at it. Reviewed-by: Paul B Mahol <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avfilter/vf_scale_cuda: unload cuModule on uninitleozhang2020-10-121-0/+10
| | | | | Signed-off-by: leozhang <[email protected]> Signed-off-by: Timo Rothenpieler <[email protected]>
* Add support for building fuzzer tools for an individual demuxerMichael Niedermayer2020-10-123-1/+15
| | | | Signed-off-by: Michael Niedermayer <[email protected]>
* fate-mxf-probe-applehdr10: Ignore endiannessTomas Härdin2020-10-122-2/+2
|
* avcodec/cbs_av1: Free content in cbs_av1_free_metadata()Michael Niedermayer2020-10-121-0/+1
| | | | | | | | | Fixes: memleak Fixes: 25838/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5736255957237760 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <[email protected]> Signed-off-by: Michael Niedermayer <[email protected]>
* avfilter/af_sofalizer: allow up to 64 channelsPaul B Mahol2020-10-121-4/+4
|
* avfilter/af_sofalizer: allow to specify virtual speakers indetifier as numberPaul B Mahol2020-10-121-5/+14
|
* avcodec/apedec: use proper macro and type for pivot variablePaul B Mahol2020-10-121-5/+3
|
* avcodec/apedec: properly calculate and store absolute valuePaul B Mahol2020-10-121-2/+2
|
* avcodec/apedec: fix decoding 24bit insane files with recent versionsPaul B Mahol2020-10-121-13/+46
|
* avformat/isom: add support for RAW ASC Bayer BGGR in movPaul B Mahol2020-10-122-0/+3
|
* avcodec/mpeg12: Don't pretend reading dct_dc_size_* VLCs can failAndreas Rheinhardt2020-10-123-10/+0
| | | | | | | | | | It can't because the corresponding trees don't have any loose ends. Removing the checks also removed an instance of av_log(NULL (with a nonsense message) from the codebase. Reviewed-by: Michael Niedermayer <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/mpeg12: Reduce size of motion-vector VLCAndreas Rheinhardt2020-10-122-2/+2
| | | | | | | | | | It currently uses 9 bits per table, but there are no codes with nine bits at all, while there are codes with eight, ten and eleven bits. So reducing the table size to eight bits will not reduce the amount of codes that can be parsed in the first step, but it allows to reduce the size of the motion-vector VLC. Signed-off-by: Andreas Rheinhardt <[email protected]>
* lavc, lavf: Remove newlines from calls to avpriv_request_sample().Carl Eugen Hoyos2020-10-118-10/+10
|
* avcodec/exr: Check line size for overflowMichael Niedermayer2020-10-111-0/+6
| | | | | | | | Fixes: signed integer overflow: 570425356 * 6 cannot be represented in type 'int Fixes: 25929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5099197739827200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/exr: Check xdelta, ydeltaMichael Niedermayer2020-10-111-1/+2
| | | | | | | | Fixes: assertion failure Fixes: 25617/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5648746061496320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/adpcm: Check block align for AV_CODEC_ID_ADPCM_PSXMichael Niedermayer2020-10-111-0/+3
| | | | | | | | | Regression since: ca49476ace90ddebc5f92d9d82297f77e528c21e Fixes: out of array write Fixes: 25786/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5704869380620288 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/mobiclip: Fix multiple integer overflowsMichael Niedermayer2020-10-111-6/+6
| | | | | | | | | Fixes: signed integer overflow: 872415232 * 7 cannot be represented in type 'int' Fixes: signed integer overflow: -2013265888 + -1744830464 cannot be represented in type 'int' Fixes: 25834/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-5471406434025472 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* Allow using only the mfra info for seeking using the fragment indexJustin Ruggles2020-10-111-0/+1
| | | | | | | | The mfra has enough information to enable seeking, and reading it is behind an AVOption flag, so we shouldn't require that sidx information also be present in order to seek using the fragment index. Signed-off-by: Derek Buitenhuis <[email protected]>
* swscale/utils: override forced-zero formats back to full rangeJan Ekström2020-10-111-2/+2
| | | | | | | | Fixes vf_scale outputting RGB AVFrames with limited range flagged in case either input or output specifically sets the range. This is the reverse of the logic utilized for RGB and PAL8 content in sws_setColorspaceDetails.
* swscale/utils: split range override check into its own functionJan Ekström2020-10-111-2/+7
|
* avfilter/avfilter.h: add missing FF_API_NEXT wrapperJames Almer2020-10-101-0/+2
| | | | Signed-off-by: James Almer <[email protected]>
* avformat/avformat.h: add missing FF_API_NEXT wrappersJames Almer2020-10-101-0/+4
| | | | Signed-off-by: James Almer <[email protected]>
* avcodec/codec.h: add missing FF_API_NEXT wrapperJames Almer2020-10-101-0/+2
| | | | Signed-off-by: James Almer <[email protected]>
* avcodec/vp9: Fix stack-buffer overflow with VP9 VDPAU availableAndreas Rheinhardt2020-10-111-3/+0
| | | | | | | | | | | | | ccca62ef991f0a47dfa30c3e822d91294b8afe4c added new VP9 VDPAU profiles and as a consequence AV_PIX_FMT_VDPAU can now be twice in the list of pixel formats used for format negotiation by ff_thread_get_format(); yet there is only one entry in said list reserved for VDPAU, leading to a stack-buffer overflow. This commit fixes this by making sure that AV_PIX_FMT_VDPAU will not occur twice in said list. Fixes Coverity ticket 1468046. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/sheervideo: Avoid code duplication when creating VLC tablesAndreas Rheinhardt2020-10-102-229/+169
| | | | | | | | | The SheerVideo decoder uses two VLC tables and these are in turn created from structures (called SheerTable) that are naturally paired. This commit unifies these pairs of SheerTables to arrays and unifies creating the VLC tables. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/sheervideo: Reduce the size of static arraysAndreas Rheinhardt2020-10-102-1076/+152
| | | | | | | | | | | | | | | The SheerVideo decoder uses VLC tables which are currently stored in large arrays that contain the length of each leaf of the corresponding tree from left to right, taking 15.5KB of space. But all these arrays follow a common pattern: First the entries are ascending and then they are descending with lots of successive entries have the same value. Therefore it makes sense to use a run-length encoding to store them, as this commit does. Notice that the length 16 has to be treated specially because there are arrays with more than 256 consecutive entries with value 16 and because the length of the entries start to descend from this length onward. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/sheervideo: Don't leave context in inconsistent state upon errorAndreas Rheinhardt2020-10-101-6/+7
| | | | | | | | | | | | This has happened if the format changed midstream and if the new packet is so small that it is instantaneously rejected: In this case the VLC tables were for the new format, although the context says that they are still the ones for the old format. It can also happen if the format changed midstream and the allocation of the new tables fails. If the next packet is a packet for the old format, the decoder thinks it already has the correct VLC tables, leading to a segfault. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/sheervideo: Inline compile-time constantsAndreas Rheinhardt2020-10-101-171/+172
| | | | | Reviewed-by: Paul B Mahol <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/sheervideo: Improve creating VLC tablesAndreas Rheinhardt2020-10-101-12/+7
| | | | | | | | | Don't needlessly copy an array around; don't create a table with default symbols; and use smaller types to save stack space: The longest code here is 16 bits, so one can store the codes in this type. Reviewed-by: Paul B Mahol <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/celp_filters: Avoid invalid negation in ff_celp_lp_synthesis_filter()Michael Niedermayer2020-10-101-3/+3
| | | | | | | | Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself Fixes: 25675/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-4786580731199488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/takdsp: Fix negative shift in decorrelate_sf()Michael Niedermayer2020-10-101-1/+1
| | | | | | | | Fixes: left shift of negative value -4 Fixes: 25723/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-6250580752990208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* fate: Add aa-demux testMichael Niedermayer2020-10-102-0/+286
| | | | | | This should help fuzzer coverage Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/parsers: add missing FF_API_NEXT wrappersJames Almer2020-10-102-5/+10
| | | | Signed-off-by: James Almer <[email protected]>
* avcodec/mpeg12dec: Optimize reading mpeg2 intra escape codesAndreas Rheinhardt2020-10-101-6/+4
| | | | | | | | | | Said escape code is only six bits long, so that one has at least 25 - 6 bits in the bitstream reader's cache after reading it; therefore the whole following 18 bits (containing the actual code) are already in the bitstream reader's cache, making it unnecessary to reload the cache. Reviewed-by: Michael Niedermayer <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avformat/aviobuf: increase default read buffer size to 2*max_buffer_size for ↵Marton Balint2020-10-091-0/+5
| | | | | | | | | | streamed data This should increase the effectiveness of ffio_ensure_seekback by reducing the number of buffer reallocations and memmoves/memcpys because even a small seekback window requires max_buffer_size+window_size buffer space. Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: fix indentationMarton Balint2020-10-091-8/+8
| | | | Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: do not allocate a new buffer in ffio_ensure_seekback if ↵Marton Balint2020-10-091-1/+5
| | | | | | | | not needed Let's move unread data to the start of the old buffer instead. Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: discard part of the IO buffer in ffio_ensure_seekback if ↵Marton Balint2020-10-092-11/+20
| | | | | | | | | | | | | | | | | | | | | | needed Previously ffio_ensure_seekback never flushed the buffer, so successive ffio_ensure_seekback calls were all respected. This could eventually cause unlimited memory and CPU usage if a demuxer called ffio_ensure_seekback on all it's read data. Most demuxers however only rely on being able to seek back till the position of the last ffio_ensure_seekback call, therefore we change the semantics of ffio_ensure_seekback so that a new call can invalidate seek guarantees of the old. In order to support some level of "nested" ffio_ensure_seekback calls, we document that the function only invalidates the old window (and potentially discards the already read data from the IO buffer), if the newly requested window does not fit into the old one. This way we limit the memory usage for ffio_ensure_seekback calls requesting consecutive data windows. Signed-off-by: Marton Balint <[email protected]>
* avformat/mpjpegdec: make sure we seek back to the ensured bufferMarton Balint2020-10-091-5/+6
| | | | | | | | It was possible for the old code to seek back before the most recently read data if start of a new multipart was across read boundaries. Now we read some small sections multiple times to avoid this, but that is OK. Signed-off-by: Marton Balint <[email protected]>
* avformat/mpegts: make sure mpegts_resync do not run out of the initially ↵Marton Balint2020-10-091-1/+2
| | | | | | requested probe buffer Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: fix checks in ffio_ensure_seekbackMarton Balint2020-10-091-2/+2
| | | | | | | | | | | | | The new buf_size was detemined too conservatively, maybe because of the off-by-one issue which was fixed recently in fill_buffer. We can safely substract 1 more from the new buffer size, because max_buffer_size space must only be guaranteed when we are reading the last byte of the requested window. Comparing the new buf_size against filled did not make a lot of sense, what makes sense is that we want to reallocate the buffer if the new buf_size is bigger than the old, therefore the change in the check. Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: check if requested seekback buffer is already readMarton Balint2020-10-091-0/+3
| | | | | | | | Existing code did not check if the requested seekback buffer is already read entirely. In this case, nothing has to be done to guarantee seekback. Signed-off-by: Marton Balint <[email protected]>
* avformat/aviobuf: write data into the IO buffer till the very end of the bufferMarton Balint2020-10-091-1/+1
| | | | | | | There was an off-by-one error when checking if the IO buffer still has enough space till the end. One more byte can be safely written. Signed-off-by: Marton Balint <[email protected]>
* avfilter/vf_minterpolate: Remove redundant code for freeingAndreas Rheinhardt2020-10-091-12/+3
| | | | | | | | ad73b32d2922f4237405043d19763229aee0e59e added some code for freeing in the input's config_props function, yet this is unnecessary as uninit is called anyway if config_props fails. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avfilter/vf_minterpolate: Fix left shift of negative valueAndreas Rheinhardt2020-10-091-12/+15
| | | | | | | | | | | | This has happened when initializing the motion estimation context if width or height of the video was smaller than the block size used for motion estimation and if the motion interpolation mode indicates not to use motion estimation. The solution is of course to only initialize the motion estimation context if the interpolation mode uses motion estimation. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avfilter/vf_minterpolate: Reject too small dimensionsAndreas Rheinhardt2020-10-091-0/+5
| | | | | | | | | | The latter code relies upon the dimensions to be not too small; otherwise one will call av_clip() with min > max lateron which aborts in case ASSERT_LEVEL is >= 2 or one will get a nonsense result that may lead to a heap-buffer-overflow/underflow. The latter has happened in ticket #8248 which this commit fixes. Signed-off-by: Andreas Rheinhardt <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-23 12:51:43 +0000