ffmpeg.git
4 months agoavfilter: add anlms filter
Paul B Mahol [Thu, 3 Oct 2019 16:09:59 +0000 (18:09 +0200)]
avfilter: add anlms filter

4 months agodoc/codecs: Update documentation for flags/flags2
Jun Zhao [Fri, 4 Oct 2019 12:43:27 +0000 (20:43 +0800)]
doc/codecs: Update documentation for flags/flags2

Update documentation for flags/flags2

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavc/options_table: Correct the flags for AVCodecContext.flags2
Jun Zhao [Fri, 4 Oct 2019 12:32:00 +0000 (20:32 +0800)]
lavc/options_table: Correct the flags for AVCodecContext.flags2

Correct the flags for AVCodecContext.flags2.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agoavcodec/decode: fix indentation
Jun Zhao [Fri, 4 Oct 2019 12:22:15 +0000 (20:22 +0800)]
avcodec/decode: fix indentation

fix indentation.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Gyan Doshi <ffmpeg@gyani.pro>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agoavutil/common: Fix underflow for ROUNDED_DIV with unsigned integer
Mengye Lv [Wed, 2 Oct 2019 02:30:45 +0000 (10:30 +0800)]
avutil/common: Fix underflow for ROUNDED_DIV with unsigned integer

When used ROUNDED_DIV(a,b), if a is unsigned integer zero, it's
will lead to an underflow issue(it called unsigned integer
wrapping).

Fixes #8062

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Mengye Lv <mengyelv@tencent.com>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agoavformat/matroskadec: don't rescale mastering display values
James Almer [Thu, 3 Oct 2019 23:52:20 +0000 (20:52 -0300)]
avformat/matroskadec: don't rescale mastering display values

Simplifies code.

Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavformat/mpeg: better fix for MLP versus PCM-DVD misdetection
Paul B Mahol [Tue, 1 Oct 2019 09:34:09 +0000 (11:34 +0200)]
avformat/mpeg: better fix for MLP versus PCM-DVD misdetection

4 months agoFATE/dnn: fix stack buffer overflow
Zhao Zhili [Tue, 1 Oct 2019 06:36:49 +0000 (14:36 +0800)]
FATE/dnn: fix stack buffer overflow

Signed-off-by: Pedro Arthur <bygrandao@gmail.com>
4 months agoswscale: Fix AltiVec/VSX build with recent GCC
Daniel Kolesa [Wed, 7 Aug 2019 17:39:07 +0000 (19:39 +0200)]
swscale: Fix AltiVec/VSX build with recent GCC

The argument to vec_splat_u16 must be a literal. By making the
function always inline and marking the arguments const, gcc can
turn those into literals, and avoid build errors like:

swscale_vsx.c:165:53: error: argument 1 must be a 5-bit signed literal

Fixes #7861.

Signed-off-by: Daniel Kolesa <daniel@octaforge.org>
Signed-off-by: Lauri Kasanen <cand@gmx.com>
4 months agoswscale: Replace illegal vector keyword usage in altivec code
Daniel Kolesa [Wed, 7 Aug 2019 17:39:06 +0000 (19:39 +0200)]
swscale: Replace illegal vector keyword usage in altivec code

While this technically compiles in current ffmpeg, this is only
because ffmpeg is compiled in strict ISO C mode, which disables
the builtin 'vector' keyword for AltiVec/VSX. Instead this gets
replaced with a macro inside altivec.h, which defines vector to
be actually __vector, which accepts random types.

Normally, the vector keyword should be used only with plain
scalar non-typedef types, such as unsigned int. But we have the
vec_(s|u)(8|16|32) macros, which can be used in a portable manner,
in util_altivec.h in libavutil.

This is also consistent with other AltiVec/VSX code elsewhere in
the tree.

Fixes #7861.

Signed-off-by: Daniel Kolesa <daniel@octaforge.org>
Signed-off-by: Lauri Kasanen <cand@gmx.com>
4 months agoavformat/matroskadec: Fix demuxing ProRes
Andreas Rheinhardt [Sat, 28 Sep 2019 17:54:25 +0000 (19:54 +0200)]
avformat/matroskadec: Fix demuxing ProRes

The structure of a ProRes frame in mov/mp4 is that of a typical atom:
First a 32 bit BE size field, then a tag detailling the content. Said
size field includes the eight bytes of the atom header.

This header is actually redundant, as the size of the atom is already
known from the containing atom. It is therefore stripped away when muxed
into Matroska and so the Matroska demuxer has to recreate upon demuxing.
But it did not account for the fact that the size field includes the
size of the header and this can lead to problems when a decoder uses the
in-band size field.

Fixes ticket #8210.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavcodec/tiff: Set FF_CODEC_CAP_INIT_CLEANUP
Michael Niedermayer [Wed, 2 Oct 2019 19:14:17 +0000 (21:14 +0200)]
avcodec/tiff: Set FF_CODEC_CAP_INIT_CLEANUP

Fixes: memleaks
Fixes: 17813/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5145600206569472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/vc1_block: Fix invalid left shift in vc1_decode_p_mb()
Michael Niedermayer [Wed, 2 Oct 2019 17:53:44 +0000 (19:53 +0200)]
avcodec/vc1_block: Fix invalid left shift in vc1_decode_p_mb()

Fixes: left shift of negative value -6
Fixes: 17810/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5638541240958976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/wmaprodec: Check if there is a stream
Michael Niedermayer [Wed, 2 Oct 2019 17:26:51 +0000 (19:26 +0200)]
avcodec/wmaprodec: Check if there is a stream

Fixes: null pointer dereference
Fixes: signed integer overflow: 512 * 2147483647 cannot be represented in type 'int'
Fixes: 17809/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA1_fuzzer-5634409947987968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavformat/aiffenc: Remove wrong and redundant check
Andreas Rheinhardt [Wed, 2 Oct 2019 04:04:12 +0000 (06:04 +0200)]
avformat/aiffenc: Remove wrong and redundant check

The check "if (!pb->seekable & AVIO_SEEKABLE_NORMAL)" is wrong, because
! has higher precendence than &. But it is also redundant, because this
part of the code is only ever reached when the AVIO_SEEKABLE_NORMAL flag
is set for pb. So simply remove the check.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Matthieu Bouron <matthieu.bouron@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavformat/aiffenc: Fix potential memleak upon failure
Andreas Rheinhardt [Wed, 2 Oct 2019 04:04:11 +0000 (06:04 +0200)]
avformat/aiffenc: Fix potential memleak upon failure

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Matthieu Bouron <matthieu.bouron@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavformat/aiffenc: Use standard packet list functions
Andreas Rheinhardt [Wed, 2 Oct 2019 04:04:10 +0000 (06:04 +0200)]
avformat/aiffenc: Use standard packet list functions

Up until now, aiffenc didn't rely on the standard functions for adding
an element to a linked list and freeing the list, but instead
reimplemented them. This has been changed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Matthieu Bouron <matthieu.bouron@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agodoc/filters: fix typo
Paul B Mahol [Thu, 3 Oct 2019 15:58:46 +0000 (17:58 +0200)]
doc/filters: fix typo

4 months agoavfilter/vsrc_sierpinski: add triangle type
Paul B Mahol [Thu, 3 Oct 2019 12:21:39 +0000 (14:21 +0200)]
avfilter/vsrc_sierpinski: add triangle type

4 months agoavfilter: add av_cold where it is missing
Paul B Mahol [Thu, 3 Oct 2019 10:09:07 +0000 (12:09 +0200)]
avfilter: add av_cold where it is missing

4 months agoavfilter/f_streamselect: fix memleaks of pad names
Paul B Mahol [Thu, 3 Oct 2019 09:23:23 +0000 (11:23 +0200)]
avfilter/f_streamselect: fix memleaks of pad names

4 months agoavfilter/af_amix: fix filtering if specified weights are negative
Paul B Mahol [Thu, 3 Oct 2019 08:27:56 +0000 (10:27 +0200)]
avfilter/af_amix: fix filtering if specified weights are negative

4 months agoavfilter/setpts: switch to activate
Paul B Mahol [Mon, 30 Sep 2019 11:53:59 +0000 (13:53 +0200)]
avfilter/setpts: switch to activate

Also properly handle EOF timestamps.
Fixes #6833.

4 months agoavcodec/g2meet: Check for end of input in jpg_decode_block()
Michael Niedermayer [Mon, 9 Sep 2019 18:30:32 +0000 (20:30 +0200)]
avcodec/g2meet: Check for end of input in jpg_decode_block()

Fixes: Timeout (100sec -> 0.7sec)
Fixes: 8668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5174143888130048

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/g2meet: Check if adjusted pixel was on the stack
Michael Niedermayer [Mon, 9 Sep 2019 18:05:09 +0000 (20:05 +0200)]
avcodec/g2meet: Check if adjusted pixel was on the stack

This basically checks if a pixel that was coded with prediction
and residual could have been stored using a previous case.
This avoids basically a string of 0 symbols stored in less than
50 bytes to hit a O(n²) codepath.

Fixes: Timeout (too slow to wait -> immediately)
Fixes: 8668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-4895946310680576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_elbg: stop leaking frame on error
Paul B Mahol [Wed, 2 Oct 2019 08:54:45 +0000 (10:54 +0200)]
avfilter/vf_elbg: stop leaking frame on error

4 months agoavformat/electronicarts: If no packet has been read at the end do not treat it as...
Michael Niedermayer [Mon, 30 Sep 2019 21:42:41 +0000 (23:42 +0200)]
avformat/electronicarts: If no packet has been read at the end do not treat it as if theres a packet

Fixes: Assertion failure
Fixes: 17770/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5700606668308480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agolavc/x264: Use FF_CODEC_CAP_INIT_THREADSAFE if x264 is new.
Carl Eugen Hoyos [Sun, 25 Aug 2019 14:12:28 +0000 (16:12 +0200)]
lavc/x264: Use FF_CODEC_CAP_INIT_THREADSAFE if x264 is new.

Usage of strtok() was removed from x264, see also b02490a4

4 months agolavfi/movie: Use filter thread count for decoding threads.
Carl Eugen Hoyos [Sun, 25 Aug 2019 16:42:02 +0000 (18:42 +0200)]
lavfi/movie: Use filter thread count for decoding threads.

Fixes ticket #7542.

4 months agocmdutils: trailing options may be ignored
Lou Logan [Fri, 27 Sep 2019 20:19:24 +0000 (12:19 -0800)]
cmdutils: trailing options may be ignored

Signed-off-by: Lou Logan <lou@lrcd.com>
Signed-off-by: mypopy <mypopy@gmail.com>
4 months agoavfilter/vf_drawbox: implement process_command
Paul B Mahol [Tue, 1 Oct 2019 18:17:50 +0000 (20:17 +0200)]
avfilter/vf_drawbox: implement process_command

4 months agoavfilter/vf_drawbox: reduce code duplication
Paul B Mahol [Tue, 1 Oct 2019 17:22:17 +0000 (19:22 +0200)]
avfilter/vf_drawbox: reduce code duplication

4 months agolavf/avio: Print https warning also for avio_find_protocol_name().
Carl Eugen Hoyos [Wed, 25 Sep 2019 09:32:57 +0000 (11:32 +0200)]
lavf/avio: Print https warning also for avio_find_protocol_name().

Helps to fix ticket #8197.

4 months agoavfilter/f_streamselect: add check case when nothing is done
Paul B Mahol [Tue, 1 Oct 2019 16:46:20 +0000 (18:46 +0200)]
avfilter/f_streamselect: add check case when nothing is done

Fixes #7955.

4 months agoavfilter/vsink_nullsink: cosmetics
Paul B Mahol [Tue, 1 Oct 2019 12:57:41 +0000 (14:57 +0200)]
avfilter/vsink_nullsink: cosmetics

4 months agoavfilter/copy: add forgotten check
Paul B Mahol [Tue, 1 Oct 2019 12:55:43 +0000 (14:55 +0200)]
avfilter/copy: add forgotten check

4 months agoavfilter/asink_anullsink: cosmetics
Paul B Mahol [Tue, 1 Oct 2019 12:38:58 +0000 (14:38 +0200)]
avfilter/asink_anullsink: cosmetics

4 months agoavfilter/vf_copy: check for error cases and handle them
Paul B Mahol [Tue, 1 Oct 2019 11:45:29 +0000 (13:45 +0200)]
avfilter/vf_copy: check for error cases and handle them

4 months agoavfilter/af_acopy: check for error cases and handle them
Paul B Mahol [Tue, 1 Oct 2019 11:42:18 +0000 (13:42 +0200)]
avfilter/af_acopy: check for error cases and handle them

4 months agoavfilter/vf_showpalette: fix small cosmetics issue
Paul B Mahol [Tue, 1 Oct 2019 11:24:35 +0000 (13:24 +0200)]
avfilter/vf_showpalette: fix small cosmetics issue

4 months agoavfilter/vf_alphamere: use the name 's' for the pointer to the private context
Paul B Mahol [Tue, 1 Oct 2019 11:17:43 +0000 (13:17 +0200)]
avfilter/vf_alphamere: use the name 's' for the pointer to the private context

This is shorter and consistent across filters.

4 months agoavcodec/dxv: Check op_offset in dxv_decompress_yo()
Michael Niedermayer [Mon, 30 Sep 2019 06:02:11 +0000 (08:02 +0200)]
avcodec/dxv: Check op_offset in dxv_decompress_yo()

Fixes: signed integer overflow: -2147483648 - 8 cannot be represented in type 'int'
Fixes: 17745/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXV_fuzzer-5734628463214592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/utils: Check sample_rate before opening the decoder
Michael Niedermayer [Fri, 27 Sep 2019 10:31:39 +0000 (12:31 +0200)]
avcodec/utils: Check sample_rate before opening the decoder

Fixes: signed integer overflow: 2 * -1306460384 cannot be represented in type 'int'
Fixes: 17685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_fuzzer-5747390337777664
Fixes: 17688/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INTERPLAY_ACM_fuzzer-5739287210885120
Fixes: 17699/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INTERPLAY_ACM_fuzzer-5678394531905536
Fixes: 17738/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5763415733174272
Fixes: 17746/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_RDFT_fuzzer-5703008159006720

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/aptx: Fix multiple shift anomalies
Michael Niedermayer [Fri, 27 Sep 2019 16:36:16 +0000 (18:36 +0200)]
avcodec/aptx: Fix multiple shift anomalies

Fixes: left shift of negative value -24576
Fixes: 17719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APTX_fuzzer-5710508002377728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_photosensitivity: fix memleak
Paul B Mahol [Mon, 30 Sep 2019 18:37:25 +0000 (20:37 +0200)]
avfilter/vf_photosensitivity: fix memleak

4 months agolibavfilter: add photosensitivity filter
Vladimir Panteleev [Fri, 8 Mar 2019 06:47:42 +0000 (06:47 +0000)]
libavfilter: add photosensitivity filter

4 months agoavfilter: add scroll video filter
Paul B Mahol [Sun, 29 Sep 2019 10:43:32 +0000 (12:43 +0200)]
avfilter: add scroll video filter

4 months agoavfilter/af_join: cosmetics
Paul B Mahol [Mon, 30 Sep 2019 14:52:52 +0000 (16:52 +0200)]
avfilter/af_join: cosmetics

4 months agoavfilter/af_join: use av_asprintf()
Paul B Mahol [Mon, 30 Sep 2019 14:45:31 +0000 (16:45 +0200)]
avfilter/af_join: use av_asprintf()

4 months agoavfilter/split: use av_asprintf()
Paul B Mahol [Mon, 30 Sep 2019 14:39:39 +0000 (16:39 +0200)]
avfilter/split: use av_asprintf()

4 months agoavfilter/trim: drop all audio frames instead of asserting
Paul B Mahol [Mon, 30 Sep 2019 10:57:26 +0000 (12:57 +0200)]
avfilter/trim: drop all audio frames instead of asserting

4 months agoavfilter/f_metadata: do not memleak expr
Paul B Mahol [Mon, 30 Sep 2019 10:24:06 +0000 (12:24 +0200)]
avfilter/f_metadata: do not memleak expr

4 months agoavfilter/f_metadata: add ends_with() function for comparing ends of strings
Paul B Mahol [Mon, 30 Sep 2019 10:13:46 +0000 (12:13 +0200)]
avfilter/f_metadata: add ends_with() function for comparing ends of strings

4 months agolavf/utils: support duration estimate method dump
Jun Zhao [Sun, 29 Sep 2019 03:58:43 +0000 (11:58 +0800)]
lavf/utils: support duration estimate method dump

add new function duration_estimate_name to dump duration estimate
method, it's will help to debug some duration issue.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavf/utils: Cosmetics: fix indentation for estimate_timings
Jun Zhao [Sat, 28 Sep 2019 03:01:54 +0000 (11:01 +0800)]
lavf/utils: Cosmetics: fix indentation for estimate_timings

fix indentation for estimate_timings when dump start_time/duartion.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavf/utils: correct the duration estimation method for nut demuxer
Jun Zhao [Sat, 28 Sep 2019 02:45:31 +0000 (10:45 +0800)]
lavf/utils: correct the duration estimation method for nut demuxer

in fact, nut demuxer use the PTS for duration estimation.

Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavf/nutdec: add logging context to log
Jun Zhao [Sat, 28 Sep 2019 02:21:11 +0000 (10:21 +0800)]
lavf/nutdec: add logging context to log

Add logging context to log, it's will help debuging.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agolavf/utils: change the log level to warning if can't get duration
Jun Zhao [Thu, 26 Sep 2019 05:16:24 +0000 (13:16 +0800)]
lavf/utils: change the log level to warning if can't get duration

change the log level to warning if can't get duration, it's will help
to debug some duration issue

Signed-off-by: vacingfang <vacingfang@tencent.com>
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
4 months agotools/target_dec_fuzzer: Adjust VP7 threshold
Michael Niedermayer [Sat, 28 Sep 2019 23:53:43 +0000 (01:53 +0200)]
tools/target_dec_fuzzer: Adjust VP7 threshold

Fixes: Timeout (110sec -> 10sec)
Fixes: 17705/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP7_fuzzer-5765834135306240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/qtrleenc: fix undefined behaviour
Paul B Mahol [Wed, 25 Sep 2019 15:18:32 +0000 (17:18 +0200)]
avcodec/qtrleenc: fix undefined behaviour

Fixes #7991.

4 months agodoc/examples/muxing: fix underflow in duration of encoded streams
Paul B Mahol [Fri, 27 Sep 2019 09:41:38 +0000 (11:41 +0200)]
doc/examples/muxing: fix underflow in duration of encoded streams

Now they are exactly 10 seconds long.

Fixes #5684.

4 months agoavcodec/cbs_av1: Make overread check more robust
Andreas Rheinhardt [Wed, 18 Sep 2019 03:26:01 +0000 (05:26 +0200)]
avcodec/cbs_av1: Make overread check more robust

When performing a comparison of a signed int and an unsigned int, the
signed int is first converted to an unsigned int, so that negative
values are being treated as big, positive values. This can become a
problem in an overread check, namely when an overread already happened.
So change the type of the variable containing the amount of bits that
need to be left to signed.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavcodec/cbs_h2645: Fix potential out-of-bounds array access
Andreas Rheinhardt [Wed, 18 Sep 2019 03:25:58 +0000 (05:25 +0200)]
avcodec/cbs_h2645: Fix potential out-of-bounds array access

The maximum allowed index for an array access is FF_ARRAY_ELEMS - 1; yet
the current code allowed FF_ARRAY_ELEMS. This wasn't dangerous in practice,
as parameter sets with invalid ids were already filtered out during
reading.

Found via PVS-Studio (see ticket #8156).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavcodec/fitsdec: fix use of uninitialised values
James Almer [Sun, 29 Sep 2019 02:11:06 +0000 (23:11 -0300)]
avcodec/fitsdec: fix use of uninitialised values

header.data_max and header.data_min are not necessarely set on all decoding scenarios.

Fixes a Valgrind reported regression since cfa193779103c97bbfc28273a0ab12c114b6786d.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
4 months agoavformat/utils: Remove unnecessary initializations
Andreas Rheinhardt [Fri, 20 Sep 2019 20:39:16 +0000 (22:39 +0200)]
avformat/utils: Remove unnecessary initializations

Up until now, read_frame_internal always initialized the packet it
received. But since the recent changes to ff_read_packet, this is no
longer needed: If the parsing queue is initially empty upon entering
read_frame_internal, the packet will now either contain content upon
success or be blank upon failure of ff_read_packet. If the parsing
queue is initially not empty, the packet will be overwritten with the
oldest one from the parsing queue.

Similarly, it is unnecessary to initialize ret in read_frame_internal.

In parse_packet, it is easily possible to only initialize the packet
used as temporary storage for the output if said packet is used at all;
furthermore, this packet doesn't need to be zero-initialized, because
av_init_packet will initialize every field except size and data and
those fields will be set by av_parser_parse2.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavformat/utils: Improve parsing packets
Andreas Rheinhardt [Fri, 20 Sep 2019 20:39:15 +0000 (22:39 +0200)]
avformat/utils: Improve parsing packets

Up until now, parse_packet() used a stack packet in case the stream is
flushed. But using such a packet is unnecessary as there is an AVPacket
readily available, it just needs to be used. Whether flushing is intended
or not will now be signalled by an explicit parameter rather than by
whether the packet parameter is NULL. This removes a few checks in
parse_packet(), gets rid of the initialization of the stack packet and
also reduces usage of sizeof(AVPacket) in libavformat.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavformat/utils: Avoid copying packets unnecessarily
Andreas Rheinhardt [Fri, 20 Sep 2019 20:39:14 +0000 (22:39 +0200)]
avformat/utils: Avoid copying packets unnecessarily

Up until now, read_frame_internal in avformat/utils.c uses a spare
packet on the stack that serves no real purpose: At no point in this
function is there a need for another packet besides the packet destined
for output:
1. If the packet doesn't need a parser, but is output as is, the content
of the spare packet (that at this point contains a freshly read packet)
is simply copied into the output packet (via simple assignment, not
av_packet_move_ref, thereby confusing ownership).
2. If the packet needs parsing, the spare packet will be reset after
parsing and any packets resulting from the packet read will be put into
a packet list; the output packet is not used here at all.
3. If the stream should be discarded, the spare packet will be
unreferenced; the output packet is not used here at all either.

Therefore the spare packet and the copies can be removed in principle.
In practice, one more thing needs to be taken care of: If ff_read_packet
failed, the output packet was not affected, now it is. But given that
ff_read_packet returns a blank (as if reset via av_packet_unref) packet
on failure, there is no problem from this side either.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavformat/utils: Don't create unnecessary references
Andreas Rheinhardt [Sat, 28 Sep 2019 02:42:24 +0000 (04:42 +0200)]
avformat/utils: Don't create unnecessary references

When AVFMT_FLAG_GENPTS is set, av_read_frame would put a reference to a
packet in the packet list (via av_packet_ref) and then immediately
thereafter unreference the original packet. This has been changed to
move the reference instead.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavformat/utils: Fix memleaks II
Andreas Rheinhardt [Fri, 20 Sep 2019 20:39:12 +0000 (22:39 +0200)]
avformat/utils: Fix memleaks II

Up until now, avformat_find_stream_info had a potential for memleaks:
When everything was fine, it read packets and (depending upon whether
AVFMT_FLAG_NOBUFFER was set) put them in a packet list or unreferenced
them when they were no longer needed. But upon failure, said packets
would leak if they were not already on the packet list. This patch fixes
this.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agoavformat/utils: Don't initialize in loops
Andreas Rheinhardt [Fri, 20 Sep 2019 20:39:11 +0000 (22:39 +0200)]
avformat/utils: Don't initialize in loops

Since the recent changes to ff_packet_list_put, the source packet will
be automatically reset when the reference is moved to the packet list,
so that it is unnecessary to reinitialize the packet in the loops in
parse_packet and ff_read_packet; initializing once at the beginning is
enough.

This also fixes a potential, but currently unexisting problem: If the
raw packet buffer was initially not empty and probe_codec() failed,
then the packet returned would not be initialized. But given that
probe_codec() currently can't fail (always returns 0) this was not an
acute danger.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 months agodoc/filters: add more advanced silenceremove example
Paul B Mahol [Sat, 28 Sep 2019 21:04:07 +0000 (23:04 +0200)]
doc/filters: add more advanced silenceremove example

4 months agoavfilter/fifo: use the name 's' for the pointer to the private context
Paul B Mahol [Sat, 28 Sep 2019 20:06:50 +0000 (22:06 +0200)]
avfilter/fifo: use the name 's' for the pointer to the private context

This is shorter and consistent across filters.

4 months agoavfilter/fifo: cosmetics
Paul B Mahol [Sat, 28 Sep 2019 19:57:52 +0000 (21:57 +0200)]
avfilter/fifo: cosmetics

4 months agoavfilter/vf_framerate: remove duplicate code with macro-based function
Limin Wang [Tue, 24 Sep 2019 10:18:09 +0000 (18:18 +0800)]
avfilter/vf_framerate: remove duplicate code with macro-based function

Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
4 months agoavfilter/vf_framerate: refine the filter_slice code for better readiablity
Limin Wang [Tue, 24 Sep 2019 10:18:08 +0000 (18:18 +0800)]
avfilter/vf_framerate: refine the filter_slice code for better readiablity

Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
4 months agoavfilter/vf_framerate: limit the scene level max range
Limin Wang [Tue, 24 Sep 2019 10:18:07 +0000 (18:18 +0800)]
avfilter/vf_framerate: limit the scene level max range

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
4 months agoavcodec/motionpixels: Mark 2 functions as always_inline
Michael Niedermayer [Sun, 11 Aug 2019 20:28:09 +0000 (22:28 +0200)]
avcodec/motionpixels: Mark 2 functions as always_inline

Fixes: Timeout (30sec -> 25sec)
Fixes: 17050/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer-5719149803732992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/ituh263dec: Make the condition for the studio slice start code match between...
Michael Niedermayer [Sat, 14 Sep 2019 16:31:40 +0000 (18:31 +0200)]
avcodec/ituh263dec: Make the condition for the studio slice start code match between ff_h263_resync() and ff_mpeg4_decode_studio_slice_header()

If they mismatch an infinite loop can occur
Fixes: Timeout (infinite loop)
Fixes: 17043/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5695051748868096

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/ralf: Fix integer overflow in decode_channel()
Michael Niedermayer [Sat, 14 Sep 2019 12:26:49 +0000 (14:26 +0200)]
avcodec/ralf: Fix integer overflow in decode_channel()

Fixes: signed integer overflow: -1094995519 * 64 cannot be represented in type 'int'
Fixes: 17030/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5640695838146560

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agovcodec/vc1: compute rangex/y only for P/B frames
Michael Niedermayer [Tue, 10 Sep 2019 18:20:31 +0000 (20:20 +0200)]
vcodec/vc1: compute rangex/y only for P/B frames

Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 16976/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4847262047404032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/vc1_pred: Fix invalid shifts in scaleforopp()
Michael Niedermayer [Tue, 10 Sep 2019 16:57:25 +0000 (18:57 +0200)]
avcodec/vc1_pred: Fix invalid shifts in scaleforopp()

Fixes: left shift of negative value -2
Fixes: 16964/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5757853565976576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/vc1_block: Fix invalid shift with rangeredfrm
Michael Niedermayer [Tue, 10 Sep 2019 15:39:45 +0000 (17:39 +0200)]
avcodec/vc1_block: Fix invalid shift with rangeredfrm

Fixes: left shift of negative value -7
Fixes: 16959/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-5200360825683968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/vc1: Check for excessive resolution
Michael Niedermayer [Thu, 8 Aug 2019 17:30:50 +0000 (19:30 +0200)]
avcodec/vc1: Check for excessive resolution

Fixes: overflow in aspect ratio calculation
Fixes: signed integer overflow: 393215 * 14594 cannot be represented in type 'int'
Fixes: 15728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5661588893204480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/vc1: check REFDIST
Michael Niedermayer [Sat, 31 Aug 2019 20:00:35 +0000 (22:00 +0200)]
avcodec/vc1: check REFDIST

"9.1.1.43 P Reference Distance (REFDIST)"
"The value of REFDIST shall be less than, or equal to, 16."

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/apedec: Allocate decoded_buffer after successful ff_get_buffer()
Michael Niedermayer [Mon, 2 Sep 2019 22:02:53 +0000 (00:02 +0200)]
avcodec/apedec: Allocate decoded_buffer after successful ff_get_buffer()

We need to reset samples in this case to avoid being stuck with incorrect
samples value.

Fixes: OOM
Fixes: Timeout
Fixes: 16627/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5638059583864832
Fixes: 17089/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5672188463546368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/apedec: Fix several integer overflows in predictor_update_filter() and do_app...
Michael Niedermayer [Mon, 2 Sep 2019 20:59:55 +0000 (22:59 +0200)]
avcodec/apedec: Fix several integer overflows in predictor_update_filter() and do_apply_filter()

Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: signed integer overflow: -14527961 - 2147483425 cannot be represented in type 'int'
Fixes: 16380/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5645957131141120
Fixes: 16968/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5716169901735936
Fixes: 17074/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5198710497083392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/hevc_cabac: Tighten the limit on k in ff_hevc_cu_qp_delta_abs()
Michael Niedermayer [Mon, 9 Sep 2019 21:23:20 +0000 (23:23 +0200)]
avcodec/hevc_cabac: Tighten the limit on k in ff_hevc_cu_qp_delta_abs()

Values larger would fail subsequent tests.

Fixes: signed integer overflow: 5 + 2147483646 cannot be represented in type 'int'
Fixes: 16966/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5695709549953024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_xbr: Fix left shift of negative number
Andreas Rheinhardt [Sat, 28 Sep 2019 02:25:56 +0000 (04:25 +0200)]
avfilter/vf_xbr: Fix left shift of negative number

Affected every usage of vf_xbr, e.g. the FATE-tests filter-2xbr,
filter-3xbr, filter-4xbr.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavfilter/vf_hqx: Fix undefined left shifts of negative numbers
Andreas Rheinhardt [Sat, 28 Sep 2019 02:25:57 +0000 (04:25 +0200)]
avfilter/vf_hqx: Fix undefined left shifts of negative numbers

Affected every usage of this filter; in particular, it affected the
FATE-tests filter-2xbr, filter-3xbr and filter-4xbr.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/jpeg2000dwt: Fix undefined shifts of negative numbers
Andreas Rheinhardt [Sat, 28 Sep 2019 02:26:10 +0000 (04:26 +0200)]
avcodec/jpeg2000dwt: Fix undefined shifts of negative numbers

Affected the vsynth*-jpeg2000 and the vsynth*-jpeg2000-97 FATE tests
(where * ranges over { 1, 2, 3, _lena }) as well as ticket #7983.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/ituh263dec: Fix undefined left shift of negative number
Andreas Rheinhardt [Sat, 28 Sep 2019 02:26:07 +0000 (04:26 +0200)]
avcodec/ituh263dec: Fix undefined left shift of negative number

Fixes ticket #8160.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/dnxhdenc: Fix undefined left shifts of negative numbers
Andreas Rheinhardt [Sat, 28 Sep 2019 02:26:06 +0000 (04:26 +0200)]
avcodec/dnxhdenc: Fix undefined left shifts of negative numbers

Affected 61 FATE-tests: 60 vsynth tests and lavf-mxf_opatom.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoswscale/utils: Fix invalid left shifts of negative numbers
Andreas Rheinhardt [Sat, 28 Sep 2019 02:26:02 +0000 (04:26 +0200)]
swscale/utils: Fix invalid left shifts of negative numbers

Affected the FATE-tests vsynth_lena-dv-411, vsynth1-dv-411,
vsynth2-dv-411 and hevc-paramchange-yuv420p.yuv420p10.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/ffv1enc: Fix out-of-bounds-array access
Andreas Rheinhardt [Sat, 28 Sep 2019 02:26:01 +0000 (04:26 +0200)]
avcodec/ffv1enc: Fix out-of-bounds-array access

libavcodec/ffv1enc.c accessed an array of uint8_t [32] via array[0][j]
in order to loop over all the uint8_t in this array of arrays. Of course
this implied an out-of-bounds access for array[0] and UBSan complained
about this. So replace this with nested loops; furthermore, factor this
out into a function of its own to easily break out of the nested loops.

This affected the FATE-tests vsynth1-ffv1, vsynth1-ffv1-v3-yuv420p,
vsynth1-ffv1-v3-yuv422p10, vsynth1-ffv1-v3-yuv444p16,
vsynth1-ffv1-v3-bgr0, vsynth1-ffv1-ffv1-v3-rgb48 as well as the
corresponding vsynth2-*, vsynth3-* and the vsynth_lena-* tests.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoswscale/x86/swscale: Fix undefined left shifts of negative numbers
Andreas Rheinhardt [Sat, 28 Sep 2019 02:25:58 +0000 (04:25 +0200)]
swscale/x86/swscale: Fix undefined left shifts of negative numbers

This affected many FATE-tests: The number of failing tests went down
from 663 to 344. (Both numbers exclude tests that failed because of
unaligned accesses in code that is inside #if HAVE_FAST_UNALIGNED.)

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoffmpeg_opt: remove errant space
Lou Logan [Fri, 27 Sep 2019 23:17:15 +0000 (15:17 -0800)]
ffmpeg_opt: remove errant space

Signed-off-by: Lou Logan <lou@lrcd.com>
4 months agodoc/ffmpeg: -timelimit is in user time
Lou Logan [Thu, 26 Sep 2019 18:18:57 +0000 (10:18 -0800)]
doc/ffmpeg: -timelimit is in user time

Signed-off-by: Lou Logan <lou@lrcd.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
4 months agoavcodec/nvenc: make use of new GetLastErrorString function
Timo Rothenpieler [Fri, 27 Sep 2019 17:09:11 +0000 (19:09 +0200)]
avcodec/nvenc: make use of new GetLastErrorString function

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
4 months agoavcodec/nvenc: pass CUstream to nvenc when available
Timo Rothenpieler [Fri, 27 Sep 2019 16:30:10 +0000 (18:30 +0200)]
avcodec/nvenc: pass CUstream to nvenc when available

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
4 months agoavcodec/nvenc: add multiple reference frames support
Roman Arzumanyan [Fri, 27 Sep 2019 15:56:11 +0000 (17:56 +0200)]
avcodec/nvenc: add multiple reference frames support

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>