Michael Niedermayer
8b8ab274af
avcodec/cbs_h265_syntax_template: Limit sps_num_palette_predictor_initializer_minus1 to 127
...
Fixes: index 128 out of bounds for type 'uint16_t [128]'
Fixes: 38651/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-6296416058736640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 85413a5ae6michael@niedermayer.cc >
2021-10-06 13:59:34 +02:00
Michael Niedermayer
1653a2247f
avcodec/cbs_h265_syntax_template: Limit num_long_term_pics more strictly
...
The limit is based on hevcdec.c
Fixes: 20854/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5160442882424832
Fixes: out of array access
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 435fa373d1michael@niedermayer.cc >
2020-05-21 15:32:28 +02:00
Michael Niedermayer
726904b6d0
avcodec/cbs_h265_syntax_template: Check num_negative/positive_pics when inter_ref_pic_set_prediction_flag is set
...
Fixes: out of array access
Fixes: 20446/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5707770718584832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 588114cea4michael@niedermayer.cc >
2020-05-19 17:17:36 +02:00
James Almer
31c523469a
avcodec/cbs_h265: fix writing extension_data bits
...
We only care about the right most bit.
Signed-off-by: James Almer <jamrial@gmail.com >
(cherry picked from commit 38d1815cc6
2020-05-03 18:49:01 -03:00
Andriy Gelman
662accb728
lavc/cbs_h2645_syntax_template: Fix memleak
...
payload_count is used to track the number of SEI payloads. It is also
used to free the SEIs in cbs_h264_free_sei()/cbs_h265_free_sei().
Currently, payload_count is set after for loop is completed. Hence if
there is an error and the function exits, the payload remains zero
causing a memleak.
This commit keeps track of payload_count inside the for loop to fix the
issue. Note that that the contents of current are initialized with
av_mallocz() so there is no need to zero initialize payload_count.
Found-by: libFuzzer
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com >
Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com >
(cherry picked from commit c07a772473
2019-12-31 16:57:37 -03:00
James Almer
e460dcc832
avcodec/cbs_h265: add support for Alpha Channel Info SEI messages
...
As defined in sections F.14.2.8 and F.14.3.8
Reviewed-by: Mark Thompson <sw@jkqxz.net >
Signed-off-by: James Almer <jamrial@gmail.com >
2019-07-20 11:28:09 -03:00
James Almer
45048ece81
avcodec/cbs_h2645: use the fixed() macro for forbidden_zero_bit
...
This follows the spec definition, and removes a field from the relevant
structs.
Reviewed-by: Mark Thompson <sw@jkqxz.net >
Signed-off-by: James Almer <jamrial@gmail.com >
2019-04-28 20:29:40 -03:00
James Almer
16c50abb50
avcodec/cbs_h2645: add macros to read and write fields with no custom range of values
...
Reviewed-by: Mark Thompson <sw@jkqxz.net >
Signed-off-by: James Almer <jamrial@gmail.com >
2019-04-28 20:28:42 -03:00
James Almer
137c0fcad1
avcodec/cbs_h265: fix storage type for time_offset_value in Time Code SEI
...
The spec defines it as an array of signed values, inferred to 0 when not
present.
Reviewed-by: Mark Thompson <sw@jkqxz.net >
Signed-off-by: James Almer <jamrial@gmail.com >
2019-04-16 20:33:10 -03:00
Andreas Rheinhardt
9f588ba5ca
cbs_h265: Fix Time Code SEI syntax
...
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@googlemail.com >
Signed-off-by: Mark Thompson <sw@jkqxz.net >
2018-12-02 19:49:08 +00:00
Mark Thompson
7a20656474
cbs_h265: Add a lot more SEI parsing support
...
Supports both prefix and suffix SEI, decoding all of the common SEI
types and some more obscure ones. Most of this is tested by the
existing tests in fate.
2018-11-18 17:33:26 +00:00
Mark Thompson
252e79663d
cbs_h265: Add PTL parsing for sublayers
...
With fate test using the SLPPLP_A_VIDYO_2 conformance file, which contains
two sublayers with full PTL information.
2018-11-11 17:22:09 +00:00
Mark Thompson
2dee0679e9
cbs_h265: Add PTL parsing for Main 10 Still Picture profile
...
This was added in the 2018 version of the standard.
2018-10-31 21:38:33 +00:00
Haihao Xiang
2943dd35b7
cbs_h265: read/write content light level information SEI message
...
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com >
2018-05-10 20:55:42 +01:00
Haihao Xiang
56ed011692
cbs_h265: read/write HEVC PREFIX SEI
...
Similar to H264, cbs_h265_{read, write}_nal_unit() can handle HEVC
prefix SEI NAL units. Currently mastering display colour volume SEI
message is added only, we may add more SEI message if needed later
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com >
2018-05-10 20:36:45 +01:00
Mark Thompson
300ef25314
cbs: Add support for array subscripts in trace output
...
This makes the trace output for arrays significantly nicer.
2018-05-02 01:20:45 +01:00
Mark Thompson
315cc8c098
cbs_h2645: Simplify representation of fixed values
2018-05-01 23:31:41 +01:00
Mark Thompson
c4eeea7633
cbs_h265: Use helper macro for maximum values of fixed-width elements
...
Apply the same logic as the previous patch to H.265. There are no cases
which currently overflow here, but this is still more consistent.
2018-03-18 17:55:00 +00:00
Mark Thompson
9b0c7aa0e4
lavc: Add coded bitstream read/write support for H.265
...
(cherry picked from commit 867381b8b5f763489364067a9ddeb8
2017-10-17 20:56:29 +01:00
