ffmpeg.git
4 months agoavcodec/wmalosslessdec: Check block_align
Michael Niedermayer [Sat, 19 Oct 2019 17:18:18 +0000 (19:18 +0200)]
avcodec/wmalosslessdec: Check block_align

Fixes: NULL pointer dereference
Fixes: 18331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5652847445671936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_tile: fix memory leak
Paul B Mahol [Sat, 19 Oct 2019 17:24:52 +0000 (19:24 +0200)]
avfilter/vf_tile: fix memory leak

Fixes #8313

4 months agoavfilter/vf_atadenoise: add support for commands
Paul B Mahol [Sun, 20 Oct 2019 10:07:15 +0000 (12:07 +0200)]
avfilter/vf_atadenoise: add support for commands

4 months agoavfilter/vf_shuffleframes: improve error message
Paul B Mahol [Sun, 20 Oct 2019 09:39:24 +0000 (11:39 +0200)]
avfilter/vf_shuffleframes: improve error message

4 months agoavformat/options: don't call avformat_free_context() within avformat_alloc_context()
James Almer [Sat, 19 Oct 2019 14:58:35 +0000 (11:58 -0300)]
avformat/options: don't call avformat_free_context() within avformat_alloc_context()

avformat_free_context() expects AVFormatContext->internal to not be NULL.

Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavformat/nutenc: free all missing dynamic AVIOContext on header writing failure
James Almer [Sat, 19 Oct 2019 17:37:27 +0000 (14:37 -0300)]
avformat/nutenc: free all missing dynamic AVIOContext on header writing failure

Fixes part of ticket #8316

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavfilter/af_tremolo: fix heap-buffer overflow
Paul B Mahol [Sat, 19 Oct 2019 17:34:47 +0000 (19:34 +0200)]
avfilter/af_tremolo: fix heap-buffer overflow

Fixes #8317

4 months agoavfilter/vf_fftdnoiz: round toward nearest integer
Paul B Mahol [Sat, 19 Oct 2019 17:07:28 +0000 (19:07 +0200)]
avfilter/vf_fftdnoiz: round toward nearest integer

Instead of rounding toward zero and thus producing
darker output.

4 months agoavfilter/vf_bm3d: round values toward nearest integer
Paul B Mahol [Sat, 19 Oct 2019 16:53:48 +0000 (18:53 +0200)]
avfilter/vf_bm3d: round values toward nearest integer

Instead of rounding toward zero and thus producing
darker output.

4 months agoavfilter/vf_bm3d: forward status back
Paul B Mahol [Sat, 19 Oct 2019 16:45:35 +0000 (18:45 +0200)]
avfilter/vf_bm3d: forward status back

4 months agompeg4_unpack_bframes: Merge close and flush
Andreas Rheinhardt [Wed, 10 Jul 2019 21:08:27 +0000 (23:08 +0200)]
mpeg4_unpack_bframes: Merge close and flush

They are identical now.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/zmbv: Call decode_intra directly
Andreas Rheinhardt [Thu, 17 Oct 2019 12:35:14 +0000 (14:35 +0200)]
avcodec/zmbv: Call decode_intra directly

zmbv has only one function for decoding intra frames, namely
decode_intra; and yet up until now it has been called via a function
pointer. This has been changed.

This also removes spec-incompliant conversions between function pointers
and pointers of type void * and thereby fixes the warning "ISO C forbids
assignment between function pointer and ‘void *’" that GCC emits with
the -pedantic option.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g729dec: Avoid computing invalid temporary pointers for ff_acelp_weighted_vec...
Michael Niedermayer [Thu, 17 Oct 2019 09:54:12 +0000 (11:54 +0200)]
avcodec/g729dec: Avoid computing invalid temporary pointers for ff_acelp_weighted_vector_sum()

Fixes: Ticket8176

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g729postfilter: Fix left shift of negative value
Michael Niedermayer [Thu, 17 Oct 2019 09:48:47 +0000 (11:48 +0200)]
avcodec/g729postfilter: Fix left shift of negative value

Fixes: Ticket8176

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_fieldhint: add support for duplicating fields
Paul B Mahol [Sat, 19 Oct 2019 11:08:37 +0000 (13:08 +0200)]
avfilter/vf_fieldhint: add support for duplicating fields

Fixes #7066

4 months agoavfilter/vf_fieldmatch: fix heap-buffer overflow
Paul B Mahol [Sat, 19 Oct 2019 09:56:02 +0000 (11:56 +0200)]
avfilter/vf_fieldmatch: fix heap-buffer overflow

Also fix use of uninitialized values.

Fixes #8239

4 months agoavfilter/vf_decimate: fix memory leaks
Paul B Mahol [Sat, 19 Oct 2019 08:12:09 +0000 (10:12 +0200)]
avfilter/vf_decimate: fix memory leaks

Fixes #8311

4 months agoavfilter/vf_lagfun: fix heap-buffer overflow
Paul B Mahol [Sat, 19 Oct 2019 07:56:53 +0000 (09:56 +0200)]
avfilter/vf_lagfun: fix heap-buffer overflow

Fixes #8310

4 months agoavfilter/vf_datascope: fix heap buffer overflow
Paul B Mahol [Sat, 19 Oct 2019 07:50:53 +0000 (09:50 +0200)]
avfilter/vf_datascope: fix heap buffer overflow

Fixes #8309

4 months agodoc/utils: add hexadecagonal channel layout
Gyan Doshi [Sat, 19 Oct 2019 07:30:36 +0000 (13:00 +0530)]
doc/utils: add hexadecagonal channel layout

4 months agoavformat/sapdec: check av_strdup() return value and fix memleak
Steven Liu [Thu, 10 Oct 2019 02:55:29 +0000 (10:55 +0800)]
avformat/sapdec: check av_strdup() return value and fix memleak

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/mvdec: check av_strdup() return value
Steven Liu [Thu, 10 Oct 2019 02:52:52 +0000 (10:52 +0800)]
avformat/mvdec: check av_strdup() return value

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/mtv: check av_strdup() return value
Steven Liu [Thu, 10 Oct 2019 05:47:04 +0000 (13:47 +0800)]
avformat/mtv: check av_strdup() return value

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/mpeg: check av_strdup() return value
Steven Liu [Thu, 10 Oct 2019 02:47:22 +0000 (10:47 +0800)]
avformat/mpeg: check av_strdup() return value

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/libsrt: check av_strdup() return value and fix memleak
Steven Liu [Thu, 10 Oct 2019 02:43:58 +0000 (10:43 +0800)]
avformat/libsrt: check av_strdup() return value and fix memleak

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/hlsenc: check av_strdup() return value
Steven Liu [Sat, 19 Oct 2019 04:48:49 +0000 (06:48 +0200)]
avformat/hlsenc: check av_strdup() return value

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/cinedec: check av_strdup() return value
Steven Liu [Thu, 10 Oct 2019 02:34:38 +0000 (10:34 +0800)]
avformat/cinedec: check av_strdup() return value

Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
4 months agoavformat/mpegenc: check for stream private data during deinit
James Almer [Sat, 19 Oct 2019 02:14:21 +0000 (23:14 -0300)]
avformat/mpegenc: check for stream private data during deinit

Prevents pointer dereferences when streams were not fully initialized.

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavformat/nutenc: don't allocate a dynamic AVIOContext if no index is going to be...
James Almer [Fri, 18 Oct 2019 23:53:10 +0000 (20:53 -0300)]
avformat/nutenc: don't allocate a dynamic AVIOContext if no index is going to be written

Fixes ticket #8295

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavfilter/vf_shuffleplanes: add mising query_formats()
Paul B Mahol [Fri, 18 Oct 2019 21:19:50 +0000 (23:19 +0200)]
avfilter/vf_shuffleplanes: add mising query_formats()

Fixes #8298

4 months agoavfilter/vf_maskfun: fix memleak
Paul B Mahol [Fri, 18 Oct 2019 19:57:20 +0000 (21:57 +0200)]
avfilter/vf_maskfun: fix memleak

Fixes #8305

4 months agoavfilter/buffersink: cosmetics
Paul B Mahol [Fri, 18 Oct 2019 08:54:05 +0000 (10:54 +0200)]
avfilter/buffersink: cosmetics

4 months agoavfilter/vf_colorspace: fix memmory leaks
Paul B Mahol [Fri, 18 Oct 2019 08:48:22 +0000 (10:48 +0200)]
avfilter/vf_colorspace: fix memmory leaks

Fixes #8303

4 months agoavfilter/af_acrossover: fix memory leak
Paul B Mahol [Fri, 18 Oct 2019 08:33:54 +0000 (10:33 +0200)]
avfilter/af_acrossover: fix memory leak

Fixes #8304

4 months agolavf/hlsenc: fix memory leak
Jun Zhao [Fri, 11 Oct 2019 16:47:25 +0000 (00:47 +0800)]
lavf/hlsenc: fix memory leak

fix memory leak

Reviewed-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agofftools/ffmpeg_opt: add error handle if av_asprintf return null
Jun Zhao [Fri, 11 Oct 2019 16:46:05 +0000 (00:46 +0800)]
fftools/ffmpeg_opt: add error handle if av_asprintf return null

add error handle if av_asprintf return null.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavfi/avf_showspectrum: add error handle if av_asprintf return null
Jun Zhao [Fri, 11 Oct 2019 16:36:19 +0000 (00:36 +0800)]
lavfi/avf_showspectrum: add error handle if av_asprintf return null

add error handle if av_asprintf return null.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agoavfilter/x86/vf_atadenoise: add SIMD for serial too
Paul B Mahol [Thu, 17 Oct 2019 19:05:50 +0000 (21:05 +0200)]
avfilter/x86/vf_atadenoise: add SIMD for serial too

4 months agoavfilter/vf_atadenoise: add option to use additional algorithm
Paul B Mahol [Thu, 17 Oct 2019 18:28:31 +0000 (20:28 +0200)]
avfilter/vf_atadenoise: add option to use additional algorithm

4 months agoavfilter/vf_adadenoise: add x86 SIMD
Paul B Mahol [Mon, 14 Oct 2019 16:15:14 +0000 (18:15 +0200)]
avfilter/vf_adadenoise: add x86 SIMD

4 months agompeg4_unpack_bframes: Avoid allocations and copies of packet structures
Andreas Rheinhardt [Wed, 10 Jul 2019 21:08:26 +0000 (23:08 +0200)]
mpeg4_unpack_bframes: Avoid allocations and copies of packet structures

1. Since bd90a2ec, mpeg4_unpack_bframes caches whole packets instead of
just the pointer to the buffer and the buffer's size in order to be able
to make use of refcounting to avoid copying of data; this unfortunately
introduced copies of packet structures and side data (if existing),
although the only fields that are needed are the buffer-related ones
(data, size and buf). This can be changed without compromising the
advantages of refcounting by storing a reference to the buffer.

2. This change also makes it easy to use only one packet throughout
so that an allocation and free of an AVPacket structure per filtered
packet can be saved by switching to ff_bsf_get_packet_ref.

3. Furthermore, this commit also fixes a memleak introduced in bd90a2ec:
If a stored b_frame with side data was used for a later frame, the side
data would leak when the input frame's properties were copied into the
output frame.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/binkaudio: Check sample rate
Michael Niedermayer [Thu, 10 Oct 2019 22:40:07 +0000 (00:40 +0200)]
avcodec/binkaudio: Check sample rate

Fixes: signed integer overflow: 1092624416 * 2 cannot be represented in type 'int'
Fixes: 18045/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_RDFT_fuzzer-5718519492116480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavformat/mpegenc: Fix memleaks and return values
Andreas Rheinhardt [Wed, 16 Oct 2019 16:47:39 +0000 (18:47 +0200)]
avformat/mpegenc: Fix memleaks and return values

If there is an error in mpeg_mux_init() (the write_header function of
the various MPEG-PS muxers), two things might happen:

1. Several fifos might leak. Instead of freeing them, the goto fail part
of the functions freed the private data of the AVStreams instead,
although this will be freed later in free_stream() anyway.
2. And if the function is exited via goto fail, it automatically
returned AVERROR(ENOMEM), although this is also used when the error is
not a memory allocation failure.

Both of these issues happened in ticket #8284 and have been fixed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/libdav1d: set AVFrame reordered_opaque
James Almer [Thu, 17 Oct 2019 15:35:28 +0000 (12:35 -0300)]
avcodec/libdav1d: set AVFrame reordered_opaque

Fixes ticket #8300

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agovp9_superframe: Avoid allocations and copies of packet structures
Andreas Rheinhardt [Thu, 17 Oct 2019 08:29:45 +0000 (10:29 +0200)]
vp9_superframe: Avoid allocations and copies of packet structures

Up until now, the vp9_superframe bsf used distinct packets for input and
output. But at no point in the bsf are the input and output packets used
at the same time (except during a call to av_packet_move_ref()), so that
one can avoid using two packets if one switches to ff_bsf_get_packet_ref
at the same time. This also saves one malloc+free of an AVPacket
structure per filtered packet.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavcodec/cavsdec: Set ret on errors in decode_pic()
Michael Niedermayer [Thu, 17 Oct 2019 11:05:24 +0000 (13:05 +0200)]
avcodec/cavsdec: Set ret on errors in decode_pic()

Fixes regression and fate failure on some machienes

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/ac3enc: Fix memleak
Andreas Rheinhardt [Thu, 17 Oct 2019 09:11:55 +0000 (11:11 +0200)]
avcodec/ac3enc: Fix memleak

Fixes ticket #8294.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavfilter/af_arnndn: Remove superfluous qualifier
Andreas Rheinhardt [Thu, 17 Oct 2019 09:24:55 +0000 (11:24 +0200)]
avfilter/af_arnndn: Remove superfluous qualifier

remove_doubling() returned a const float, but returning qualified types
is pointless anyway. This is all the more important given that  GCC 4.2.1
(and maybe other compilers, too) seems to treat this as an error as several
FATE units that don't compile any more show.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agodoc/filters: fixes for scale filter
Gyan Doshi [Thu, 17 Oct 2019 10:12:44 +0000 (15:42 +0530)]
doc/filters: fixes for scale filter

Adjusted formatting and prose for option force_divisible_by in scale filter

4 months agoavfilter/vf_dedot: fix crash
Paul B Mahol [Thu, 17 Oct 2019 09:51:22 +0000 (11:51 +0200)]
avfilter/vf_dedot: fix crash

Fixes #8299

4 months agoavfilter/vf_amplify: cosmetics
Paul B Mahol [Thu, 17 Oct 2019 09:32:27 +0000 (11:32 +0200)]
avfilter/vf_amplify: cosmetics

4 months agoavfilter/vf_random: fix memory leaks
Paul B Mahol [Thu, 17 Oct 2019 09:28:55 +0000 (11:28 +0200)]
avfilter/vf_random: fix memory leaks

Fixes #8296

4 months agoavfilter/af_arnndn: make sure that vad_output nb_neurons is always 1
Paul B Mahol [Thu, 17 Oct 2019 09:02:02 +0000 (11:02 +0200)]
avfilter/af_arnndn: make sure that vad_output nb_neurons is always 1

4 months agoavfilter/vf_gblur: fix undefined behaviour
Paul B Mahol [Wed, 16 Oct 2019 17:21:00 +0000 (19:21 +0200)]
avfilter/vf_gblur: fix undefined behaviour

Fixes #8292

4 months agoavcodec/sbcdec: Fix integer overflows in sbc_synthesize_eight()
Michael Niedermayer [Fri, 27 Sep 2019 16:44:44 +0000 (18:44 +0200)]
avcodec/sbcdec: Fix integer overflows in sbc_synthesize_eight()

Fixes: signed integer overflow: 518484152 + 1868182638 cannot be represented in type 'int'
Fixes: 17732/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SBC_fuzzer-5663738132168704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/adpcm: Check initial predictor for ADPCM_IMA_EA_EACS
Michael Niedermayer [Fri, 27 Sep 2019 16:02:17 +0000 (18:02 +0200)]
avcodec/adpcm: Check initial predictor for ADPCM_IMA_EA_EACS

Fixes: signed integer overflow: -2147483360 - 631 cannot be represented in type 'int'
Fixes: 17701/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer-5711517319692288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g723_1dec: Fix overflow in shift
Michael Niedermayer [Fri, 27 Sep 2019 15:53:35 +0000 (17:53 +0200)]
avcodec/g723_1dec: Fix overflow in shift

Fixes: shift exponent 1008 is too large for 32-bit type 'int'
Fixes: 17700/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G723_1_fuzzer-5707633436131328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/apedec: Fix integer overflow in predictor_update_3930()
Michael Niedermayer [Fri, 27 Sep 2019 15:19:36 +0000 (17:19 +0200)]
avcodec/apedec: Fix integer overflow in predictor_update_3930()

Fixes: signed integer overflow: -69555262 * 31 cannot be represented in type 'int'
Fixes: 17698/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5728970447781888

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g729postfilter: Fix undefined intermediate pointers
Michael Niedermayer [Fri, 27 Sep 2019 15:01:38 +0000 (17:01 +0200)]
avcodec/g729postfilter: Fix undefined intermediate pointers

Fixes: index -49 out of bounds for type 'int16_t [192]'
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g729postfilter: Fix undefined shifts
Michael Niedermayer [Fri, 27 Sep 2019 15:01:38 +0000 (17:01 +0200)]
avcodec/g729postfilter: Fix undefined shifts

Fixes: left shift of negative value -12
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/lsp: Fix undefined shifts in lsp2poly()
Michael Niedermayer [Fri, 27 Sep 2019 15:01:38 +0000 (17:01 +0200)]
avcodec/lsp: Fix undefined shifts in lsp2poly()

Fixes: left shift of negative value -30635
Fixes: 17689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5756275014500352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/aacdec_template: Check decode_extension_payload() for failure
Michael Niedermayer [Fri, 27 Sep 2019 10:12:22 +0000 (12:12 +0200)]
avcodec/aacdec_template: Check decode_extension_payload() for failure

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/adpcm: Fix left shifts in AV_CODEC_ID_ADPCM_EA
Michael Niedermayer [Fri, 27 Sep 2019 10:04:57 +0000 (12:04 +0200)]
avcodec/adpcm: Fix left shifts in AV_CODEC_ID_ADPCM_EA

Fixes: left shift of negative value -1
Fixes: 17683/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_EA_R2_fuzzer-5111690013704192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/smacker: cleanup on errors in smka_decode_frame()
Michael Niedermayer [Thu, 26 Sep 2019 20:22:31 +0000 (22:22 +0200)]
avcodec/smacker: cleanup on errors in smka_decode_frame()

Fixes: multiple memleaks
Fixes: 17660/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer-5689769928949760
Fixes: 18064/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer-5631086809317376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agotools/target_dec_fuzzer: Adjust threshold for EATGV
Michael Niedermayer [Thu, 26 Sep 2019 20:00:37 +0000 (22:00 +0200)]
tools/target_dec_fuzzer: Adjust threshold for EATGV

Fixes: Timeout (26sec -> 9sec)
Fixes: 17645/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EATGV_fuzzer-5717065922510848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agotools/target_dec_fuzzer: Adjust threshold for SCPR
Michael Niedermayer [Thu, 26 Sep 2019 20:00:37 +0000 (22:00 +0200)]
tools/target_dec_fuzzer: Adjust threshold for SCPR

Fixes: Timeout (46sec -> 7sec)
Fixes: 17644/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5715704283660288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/cavsdec: Check remaining bitstream in the main loop in decode_pic()
Michael Niedermayer [Tue, 24 Sep 2019 21:33:03 +0000 (23:33 +0200)]
avcodec/cavsdec: Check remaining bitstream in the main loop in decode_pic()

Fixes: Timeout (149sec ->1sec)
Fixes: 17311/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CAVS_fuzzer-5679368642232320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavformat/shortendec: Check k in probe
Michael Niedermayer [Tue, 24 Sep 2019 20:52:03 +0000 (22:52 +0200)]
avformat/shortendec: Check k in probe

Fixes: Assertion failure
Fixes: 17640/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5708767475269632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agotools/target_dec_fuzzer: Adjust threshold for MSZH
Michael Niedermayer [Wed, 25 Sep 2019 19:14:01 +0000 (21:14 +0200)]
tools/target_dec_fuzzer: Adjust threshold for MSZH

Fixes: Timeout (250sec -> 6sec)
Fixes: 17627/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSZH_fuzzer-5643017129558016

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoswscale/output: Avoid 64bit in Alpha in yuv2ya16_X_c_template()
Michael Niedermayer [Thu, 26 Sep 2019 15:17:15 +0000 (17:17 +0200)]
swscale/output: Avoid 64bit in Alpha in yuv2ya16_X_c_template()

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoswscale/output: Correct Alpha in yuv2ya16_X_c_template()
Michael Niedermayer [Thu, 26 Sep 2019 15:13:16 +0000 (17:13 +0200)]
swscale/output: Correct Alpha in yuv2ya16_X_c_template()

Untested, no testcase

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoswscale/output: Implement Luma computation from yuv2ya16_X_c_template() without 64bit
Michael Niedermayer [Thu, 26 Sep 2019 15:10:49 +0000 (17:10 +0200)]
swscale/output: Implement Luma computation from yuv2ya16_X_c_template() without 64bit

This also reverts 21838cad2fc44023ad85e35d5c677e2f8d29a0ef
The revert is in this commit to avoid 2 fate updates

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agofate/source: add libavfilter/af_arnndn.c
Paul B Mahol [Wed, 16 Oct 2019 16:36:32 +0000 (18:36 +0200)]
fate/source: add libavfilter/af_arnndn.c

4 months agovafilter/af_replaygain: fix undefined behaviour
Paul B Mahol [Wed, 16 Oct 2019 16:24:31 +0000 (18:24 +0200)]
vafilter/af_replaygain: fix undefined behaviour

Fixes #8291

4 months agoavfilter/avf_abitscope: fix undefined behaviour
Paul B Mahol [Wed, 16 Oct 2019 16:18:57 +0000 (18:18 +0200)]
avfilter/avf_abitscope: fix undefined behaviour

Fixes #8289

4 months agoavfilter/vf_colorchannelmixer: do not use pointer if there is no alpha
Paul B Mahol [Wed, 16 Oct 2019 16:16:09 +0000 (18:16 +0200)]
avfilter/vf_colorchannelmixer: do not use pointer if there is no alpha

Fixes #8288

4 months agoavfilter/vf_edgedetect: fix undefined behaviour
Paul B Mahol [Wed, 16 Oct 2019 16:06:47 +0000 (18:06 +0200)]
avfilter/vf_edgedetect: fix undefined behaviour

Fixes #8287

4 months agoavcodec/apedec: Check remaining space in decode_array_0000()
Michael Niedermayer [Sat, 5 Oct 2019 16:39:05 +0000 (18:39 +0200)]
avcodec/apedec: Check remaining space in decode_array_0000()

Fixes: Timeout (? -> 2sec)
Fixes: 17886/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5728165124636672
Fixes: 18131/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5710803432374272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/apedec: Check error flag after entropy_decode*
Michael Niedermayer [Sat, 5 Oct 2019 16:39:05 +0000 (18:39 +0200)]
avcodec/apedec: Check error flag after entropy_decode*

Fixes: 17886/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5728165124636672
Fixes: 18131/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5710803432374272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/f_reverse: fix memory leaks
Paul B Mahol [Wed, 16 Oct 2019 14:27:06 +0000 (16:27 +0200)]
avfilter/f_reverse: fix memory leaks

Fixes #8283

4 months agoavfilter: add arnndn filter
Paul B Mahol [Fri, 26 Jul 2019 08:38:31 +0000 (10:38 +0200)]
avfilter: add arnndn filter

4 months agoavfilter/vf_atadenoise: compensate for small overall brightness loss
Paul B Mahol [Wed, 16 Oct 2019 11:16:41 +0000 (13:16 +0200)]
avfilter/vf_atadenoise: compensate for small overall brightness loss

This is very hard to spot.

4 months agoavfilter/vsrc_testsrc: rgbtestsrc: fix undefined behaviour
Paul B Mahol [Wed, 16 Oct 2019 10:31:40 +0000 (12:31 +0200)]
avfilter/vsrc_testsrc: rgbtestsrc: fix undefined behaviour

Fixes #8238

4 months agoavfilter/vf_gblur: fix heap-buffer overflow
Paul B Mahol [Wed, 16 Oct 2019 10:13:04 +0000 (12:13 +0200)]
avfilter/vf_gblur: fix heap-buffer overflow

Fixes #8282

4 months agoavformat/chromaprint: Fix writing raw fingerprint
Andriy Gelman [Sun, 6 Oct 2019 05:49:49 +0000 (01:49 -0400)]
avformat/chromaprint: Fix writing raw fingerprint

The pointer fp after the call to chromaprint_get_raw_fingerpoint() points to an array
of uint32_t whereas the current code assumed just a char stream. Thus when writing the
raw fingerprint, the output would be truncated by a factor of 4.

For reference the declaration of the function from chromaprint.h is:
int chromaprint_get_raw_fingerprint(ChromaprintContext *ctx, uint32_t **fingerprint, int *size);

4 months agoavfilter/af_afade: make sure that in is available
Paul B Mahol [Tue, 15 Oct 2019 22:45:26 +0000 (00:45 +0200)]
avfilter/af_afade: make sure that in is available

4 months agoavfilter/dnn: unify the layer load function in native mode
Guo, Yejun [Wed, 9 Oct 2019 14:08:18 +0000 (22:08 +0800)]
avfilter/dnn: unify the layer load function in native mode

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
4 months agoavfilter/dnn: unify the layer execution function in native mode
Guo, Yejun [Wed, 9 Oct 2019 14:08:11 +0000 (22:08 +0800)]
avfilter/dnn: unify the layer execution function in native mode

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
4 months agoavfilter/dnn: add DLT prefix for enum DNNLayerType to avoid potential conflicts
Guo, Yejun [Wed, 9 Oct 2019 14:08:04 +0000 (22:08 +0800)]
avfilter/dnn: add DLT prefix for enum DNNLayerType to avoid potential conflicts

and also change CONV to DLT_CONV2D for better description

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
4 months agoavformat/latmenc: abort if no extradata is available
James Almer [Tue, 15 Oct 2019 14:38:23 +0000 (11:38 -0300)]
avformat/latmenc: abort if no extradata is available

Fixes ticket #8273.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavfilter/vf_bm3d: make sure nb_jobs is at least 1
Paul B Mahol [Tue, 15 Oct 2019 15:59:43 +0000 (17:59 +0200)]
avfilter/vf_bm3d: make sure nb_jobs is at least 1

4 months agotools/target_dec_fuzzer: Also fuzz keyframe & disposal flags
Michael Niedermayer [Sat, 12 Oct 2019 20:34:03 +0000 (22:34 +0200)]
tools/target_dec_fuzzer: Also fuzz keyframe & disposal flags

This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agolavc/libxavs2: fix parameter setting result determination
hwren [Mon, 14 Oct 2019 13:22:42 +0000 (21:22 +0800)]
lavc/libxavs2: fix parameter setting result determination

Signed-off-by: hwren <hwrenx@126.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/af_afade: fix heap-buffer overflow
Paul B Mahol [Tue, 15 Oct 2019 14:55:13 +0000 (16:55 +0200)]
avfilter/af_afade: fix heap-buffer overflow

Fixes #8276

4 months agoavfilter/vf_edgedetect: fix heap-buffer overflow
Paul B Mahol [Tue, 15 Oct 2019 14:38:40 +0000 (16:38 +0200)]
avfilter/vf_edgedetect: fix heap-buffer overflow

Fixes #8275

4 months agoavfilter/vf_avgblur: fix heap-buffer overflow
Paul B Mahol [Tue, 15 Oct 2019 14:31:15 +0000 (16:31 +0200)]
avfilter/vf_avgblur: fix heap-buffer overflow

Fixes #8274

4 months agoavcodec/av1_parse: Use av_fast_realloc() for OBU array
James Almer [Tue, 15 Oct 2019 02:42:01 +0000 (23:42 -0300)]
avcodec/av1_parse: Use av_fast_realloc() for OBU array

Based on commits 22bec0d33f4231487547581a1f77e2e8e6eade88 and
cebb446911fdc6c42d5a480b441b025c399e4a88.

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavcodec/av1_parse: simplify memset call
James Almer [Tue, 15 Oct 2019 02:43:08 +0000 (23:43 -0300)]
avcodec/av1_parse: simplify memset call

Removed (new_size - pkt->nals_allocated) because this value is always 1
during the call.
Based on commit 78b86c30d3860135042505dd4a9cbd95c4e6257d.

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavcodec/h2645_parse: Reset nal_buffer_size on uninit
Andriy Gelman [Tue, 15 Oct 2019 01:45:18 +0000 (21:45 -0400)]
avcodec/h2645_parse: Reset nal_buffer_size on uninit

Without reseting nal_buffer_size, av_fast_realloc will fail if
ff_h2645_packet_split is called with the unitialized pkt as argument.

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoffprobe: fix output of packets_and_frames section in JSON format
James Almer [Fri, 11 Oct 2019 16:36:38 +0000 (13:36 -0300)]
ffprobe: fix output of packets_and_frames section in JSON format

The "type" entry was hardcoded with an trailing comma, even if it was
the only entry in the section.

Fixes ticket #8228.

Signed-off-by: James Almer <jamrial@gmail.com>