eessppeelllloo/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-12-25 16:30:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
86,492 Commits 38 Branches 415 Tags
c0607d88ee1fbd5a5272abe415ee83cc10310021
Commit Graph

38516 Commits

Author SHA1 Message Date
Michael Niedermayer
c0607d88ee avcodec/parser: assert that there is a past buffer if theres a reference into the past 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-16 01:35:35 +02:00
Michael Niedermayer
3c716682a8 avcodec/truemotion2: Move skip computation after checks 
Fixes: runtime error: signed integer overflow: 630067357 * 4 cannot be represented in type 'int'
Fixes: 2233/clusterfuzz-testcase-minimized-5943031318446080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-16 00:21:30 +02:00
Michael Niedermayer
e3fadc57c5 avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2() 
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 2231/clusterfuzz-testcase-minimized-4565181982048256

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-16 00:21:30 +02:00
Michael Niedermayer
611b356274 avcodec/dnxhd_parser: Do not return invalid value from dnxhd_find_frame_end() on error 
Fixes: Null pointer dereference

Fixes: CVE-2017-9608
Found-by: Yihan Lian
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-16 00:21:30 +02:00
Rostislav Pehlivanov
b52b398c30 vc2enc: decrease default strictness level 
Given how incredibly limited the official specifications are (limiting all use
to only the most common broadcasting formats), permit all supported inputs
by default. This makes the encoder more useful.
 2017-06-15 18:30:08 +01:00
Tyler Jones
752dd1952a vorbisenc: Stop tracking number of samples per frame 
Each frame is now padded with 0 values if not enough samples are
present, and all frames are guaranteed to have exactly
1 << (venc->log2_blocksize[1] - 1) samples.

Signed-off-by: Tyler Jones <tdjones879@gmail.com>
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
 2017-06-15 16:42:49 +01:00
Tyler Jones
f57f665183 vorbisenc: Apply and output correct length window and mdct 
Usage of blocksize, window, mode, and mdct indexes are switched from
default 0 to a default of 1 to better align with specs. A flag of 0
should correspond with short windows, a flag of 1 with long.

Signed-off-by: Tyler Jones <tdjones879@gmail.com>
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
 2017-06-15 16:42:49 +01:00
Tyler Jones
5a2ad7ede3 vorbisenc: Separate copying audio samples from windowing 
Audio samples are shifted around when copying from the frame queue so that
analysis can be done without negatively impacting calculation of the MDCT.

Window coefficients are applied to the current two overlapped windows
simultaneously instead of applying overlap for the next frame ahead of time.
This improves readability when applying windows of varying lengths.

Signed-off-by: Tyler Jones <tdjones879@gmail.com>
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
 2017-06-15 16:42:49 +01:00
Michael Niedermayer
bc40674462 avcodec/hevcdec: Check nb_sps 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-15 03:09:40 +02:00
Michael Niedermayer
1cb4ef526d avcodec/hevc_refs: Check nb_refs in add_candidate_ref() 
Fixes: runtime error: index 16 out of bounds for type 'int [16]'
Fixes: 2209/clusterfuzz-testcase-minimized-5012343912136704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-15 03:09:40 +02:00
Michael Niedermayer
12245ab1f6 avcodec/mpeg4videodec: Check sprite delta upshift against overflowing. 
Fixes: runtime error: signed integer overflow: -268386304 * 16 cannot be represented in type 'int'
Fixes: 2204/clusterfuzz-testcase-minimized-5616756909408256

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-15 00:16:20 +02:00
Michael Niedermayer
0a87be404a avcodec/mpeg4videodec: Fix integer overflow in num_sprite_warping_points=2 case 
Fixes: runtime error: signed integer overflow: 131072 + 2147352576 cannot be represented in type 'int'
Fixes: 2192/clusterfuzz-testcase-minimized-5370387988742144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-15 00:16:20 +02:00
Michael Niedermayer
900fe8ee5d avcodec/dnxhdenc: Assert that frame size is not assigned an error code 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-15 00:16:20 +02:00
Mark Thompson
88a2e4504d hevc: Fix scaling list prediction delta for the 32x32 inter matrix 
Fixes ticket #6356.
 2017-06-14 23:08:26 +01:00
Mark Thompson
3882063174 vaapi: Add external control of allow-profile-mismatch 
Uses the just-added ALLOW_PROFILE_MISMATCH flag.

(cherry picked from commit 7acb90333a)
 2017-06-14 22:27:06 +01:00
Mark Thompson
49ae8a5e87 lavc: Add flag to allow profile mismatch with hardware decoding 
(cherry picked from commit 64a5260c69)
 2017-06-14 22:27:04 +01:00
Mark Thompson
b658b5399e vaapi_encode: Use gop_size consistently in RC parameters 
The non-H.26[45] codecs already use this form.  Since we don't
currently generate I frames for codecs which support them separately
to IDR, the p_per_i variable is set to infinity by default so that it
doesn't interfere with any other calculation.  (All the code for I
frames still exists, and it works for H.264 if set manually.)

(cherry picked from commit 6af014f402)
 2017-06-14 22:26:32 +01:00
Mark Thompson
28aedeed19 qsvenc: Allow use of hw_device_ctx to make the internal session 
(cherry picked from commit 3d197514e6)
 2017-06-14 22:26:32 +01:00
Mark Thompson
8aa3c2df1a qsvdec: Allow use of hw_device_ctx to make the internal session 
(cherry picked from commit 8848ba0bd6)
 2017-06-14 22:26:32 +01:00
Mark Thompson
91c3b50d74 qsv: Add ability to create a session from a device 
(cherry picked from commit 4936a48b1e)
 2017-06-14 22:26:32 +01:00
Mark Thompson
92bd089745 vaapi_encode: Discard output buffer if picture submission fails 
Previously this was leaking, though it actually hit an assert making
sure that the buffer had already been cleared when freeing the picture.

(cherry picked from commit 17aeee5832)
 2017-06-14 22:23:43 +01:00
Matthieu Bouron
204008354f lavc/aarch64/simple_idct: fix build with Xcode 7.2 2017-06-14 23:20:58 +02:00
Ronald S. Bultje
d35ff98e27 vp9: fix overwrite in ff_vp9_ipred_dr_16x16_16_avx2. 
Fixes trac issue 6459.
 2017-06-14 11:37:38 -04:00
Matthieu Bouron
8aa60606fb lavc/aarch64/simple_idct: fix idct_col4_top coefficient 
Fixes regression introduced by 5d0b8b1ae3.
 2017-06-13 17:46:55 +02:00
Michael Niedermayer
4cc2a357f5 avcodec/aacsbr_fixed: Fix signed integer overflow in sbr_hf_inverse_filter() 
Fixes: runtime error: signed integer overflow: 2147483584 + 128 cannot be represented in type 'int'
Fixes: 2164/clusterfuzz-testcase-minimized-4715936172998656

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-13 17:39:13 +02:00
Michael Niedermayer
d1992448d3 avcodec/aacsbr_fixed: Check shift in sbr_hf_assemble() 
Fixes: runtime error: shift exponent -10 is negative

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-13 17:39:13 +02:00
Michael Niedermayer
d549f026d8 avcodec/sbrdsp_fixed: Return an error from sbr_hf_apply_noise() if operations are impossible 
Fixes: 1775/clusterfuzz-testcase-minimized-5330288148217856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-13 17:39:13 +02:00
Matthieu Bouron
3839580b71 lavc/mediacodecdec: switch to the new generic filtering mechanism 2017-06-13 14:33:54 +02:00
Michael Niedermayer
4f9e958b04 avcodec/put_bits: Implement put_bits32() in a single pass instead of 2 passes writing 16bits each 
820 cpu cycles -> 660 cpu cycles for 100 put_bits32()

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-13 04:17:13 +02:00
Michael Niedermayer
db93fd74e4 avcodec/golomb: Assert that the input is not too large in set_ue_golomb() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-13 04:17:13 +02:00
Ilia Valiakhmetov
81fc617c12 avcodec/vp9: ipred_dr_16x16_16 avx2 implementation 
Signed-off-by: Ilia Valiakhmetov <zakne0ne@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
 2017-06-12 12:40:58 -04:00
Michael Niedermayer
f8593c2f49 avcodec/libvpxdec: Check that display dimensions fit in the storage dimensions 
Fixes assertion failure
Fixes: 2112/clusterfuzz-testcase-minimized-4526878557732864

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 22:41:26 +02:00
Michael Niedermayer
07339a45a0 avcodec/avpacket: Limit iterations in ff_packet_split_and_drop_side_data() 
This avoids scaning beyond what a valid packet can contain
Fixes: Timeout
Fixes: 541/clusterfuzz-testcase-610189291657625

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 22:09:15 +02:00
Michael Niedermayer
d24043e1a2 avcodec/jpeg2000dwt: Fix runtime error: left shift of negative value -123 
Fixes: 2208/clusterfuzz-testcase-minimized-5976593765761024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 20:52:47 +02:00
Michael Niedermayer
c996374d4d avcodec/wavpack: Fix runtime error: signed integer overflow: 1886191616 + 277872640 cannot be represented in type 'int' 
Fixes: 2181/clusterfuzz-testcase-minimized-6314784322486272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 20:52:47 +02:00
Michael Niedermayer
2e44126363 avcodec/snowdec: Fix runtime error: left shift of negative value -1 
Fixes: 2197/clusterfuzz-testcase-minimized-6010716676947968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 15:22:07 +02:00
Michael Niedermayer
6d499ecef9 avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1297616 
Fixes: 2195/clusterfuzz-testcase-minimized-4736721533009920

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 15:22:07 +02:00
Paul B Mahol
9a949cdf8f avcodec/gdv: fix compiler warnings 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-06-11 10:26:18 +02:00
Paul B Mahol
d1c08027d8 avcodec: add Gremlin Digital Video decoder 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-06-11 10:00:39 +02:00
Paul B Mahol
29bdcf588f avcodec: add Gremlin DPCM decoder 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-06-11 10:00:16 +02:00
Michael Niedermayer
22a25ab389 avcodec/tiff: Fix leak of geotags[].val 
Fixes: 2176/clusterfuzz-testcase-minimized-5908197216878592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 01:06:08 +02:00
Michael Niedermayer
1197c04896 avcodec/fft_template: Fix multiple runtime error: signed integer overflow: -1943918714 - 1935113003 cannot be represented in type 'int' 
Fixes: 1735/clusterfuzz-testcase-minimized-5350472347025408

This uses unsigned instead of SUINT because the later was rejected by multiple developers
See: [FFmpeg-devel] [PATCH] avcodec/fft_template: Fix multiple runtime error: signed integer overflow: -1943918714 - 1935113003 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 00:56:33 +02:00
Michael Niedermayer
71da0a5c97 avcodec/ra144: Fix runtime error: signed integer overflow: -2200 * 1033073 cannot be represented in type 'int' 
Fixes: 2175/clusterfuzz-testcase-minimized-5809657849315328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-11 00:47:29 +02:00
Michael Niedermayer
90e8317b3b avcodec/flicvideo: Fix runtime error: signed integer overflow: 4864 * 459296 cannot be represented in type 'int' 
Fixes: 2174/clusterfuzz-testcase-minimized-5739234533048320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-10 19:46:04 +02:00
Michael Niedermayer
54aaadf648 avcodec/cfhd: Check band parameters before storing them 
Fixes out of array read
Fixes: 2169/clusterfuzz-testcase-minimized-5688641642823680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-10 18:46:27 +02:00
Michael Niedermayer
09096fb687 avcodec/h264_parse: Check picture structure when initializing weight table 
Fixes: runtime error: index 49 out of bounds for type 'int [48][2][2]'
Fixes: 2159/clusterfuzz-testcase-minimized-5267945972301824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-10 00:48:23 +02:00
Michael Niedermayer
e1b0044c23 avcodec/dvbsubdec: Check pixel buffer size constraint from ETSI EN 300 743 V1.3.1 
Fixes: OOM
Fixes: 2143/clusterfuzz-testcase-minimized-5482288060039168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-10 00:48:07 +02:00
Michael Niedermayer
4bcde26172 avcodec/dvbsubdec: Use av_image_check_size2() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-10 00:48:07 +02:00
Aman Gupta
a32a6b4201 lavc: add mpeg2 mediacodec decoder 
Android TV and FireOS hardware supports mpeg2 hardware decoding via
MediaCodec.

Signed-off-by: Matthieu Bouron <matthieu.bouron@gmail.com>
 2017-06-08 19:16:09 +02:00
Michael Niedermayer
a3b5b60bdf avcodec/indeo4: Check remaining data in Pic hdr extension parsing code 
Fixes: Timeout
Fixes: 2115/clusterfuzz-testcase-minimized-6594111748440064

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-06-08 17:37:16 +02:00