ffmpeg.git
2 years agoopus_pvq: port to allow for SIMD functions
Rostislav Pehlivanov [Wed, 10 May 2017 05:47:44 +0000 (06:47 +0100)]
opus_pvq: port to allow for SIMD functions

Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2 years agoopusenc: initialize PVQ prng seed
Rostislav Pehlivanov [Wed, 10 May 2017 05:07:46 +0000 (06:07 +0100)]
opusenc: initialize PVQ prng seed

Fixes valgrind warnings, didn't affect anything since it was only used
for resynthesis.

Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2 years agoconfigure: jni no longer requires -ldl
Aman Gupta [Fri, 12 May 2017 18:34:24 +0000 (11:34 -0700)]
configure: jni no longer requires -ldl

This dependency was removed in 33d69a90085d30af8a292d9364b835a26565d6b9.

2 years agoavcodec/svq3: Fix runtime error: left shift of negative value -6
Michael Niedermayer [Mon, 15 May 2017 19:21:20 +0000 (21:21 +0200)]
avcodec/svq3: Fix runtime error: left shift of negative value -6

Fixes: 1604/clusterfuzz-testcase-minimized-5312060206350336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/tiff: reset sampling[] if its invalid
Michael Niedermayer [Mon, 15 May 2017 19:19:06 +0000 (21:19 +0200)]
avcodec/tiff: reset sampling[] if its invalid

Fixes divission by 0
Fixes: clusterfuzz-testcase-minimized-5592896440893440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agomovenc/isom: update vpcC box to version 1.0 of the specification
Hendrik Leppkes [Fri, 21 Apr 2017 23:25:40 +0000 (01:25 +0200)]
movenc/isom: update vpcC box to version 1.0 of the specification

This brings our generation of the vpcC box up to date to version 1.0
of the VP Codec ISO Media File Format Binding.

Specifically, color/transfer properties are now written with values
based on ISO/IEC 23001-8, which is the same reference specification the
AVColor* enumerations are based on.

2 years agoavfilter/vf_deflicker: add bypass option
Paul B Mahol [Mon, 15 May 2017 19:32:44 +0000 (21:32 +0200)]
avfilter/vf_deflicker: add bypass option

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/af_stereotools: introduce different balance modes
Paul B Mahol [Mon, 15 May 2017 17:56:55 +0000 (19:56 +0200)]
avfilter/af_stereotools: introduce different balance modes

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agocompat/cuda/ptx2c: remove bashism and harden against arbitrary input
Timo Rothenpieler [Mon, 15 May 2017 16:05:10 +0000 (18:05 +0200)]
compat/cuda/ptx2c: remove bashism and harden against arbitrary input

2 years agohwcontext_videotoolbox: fix fate-source
wm4 [Mon, 15 May 2017 16:50:04 +0000 (18:50 +0200)]
hwcontext_videotoolbox: fix fate-source

Thanks to James Darnley for figuring out what the hell it wanted.

2 years agoavcodec/Makefile: fix dnxhd parser dependencies
James Almer [Mon, 15 May 2017 16:33:29 +0000 (13:33 -0300)]
avcodec/Makefile: fix dnxhd parser dependencies

Fixes ticket #6391

2 years agoavcodec/h264: add sse2 versions of previous idct functions
James Darnley [Wed, 5 Apr 2017 19:07:47 +0000 (21:07 +0200)]
avcodec/h264: add sse2 versions of previous idct functions

Kaby Lake Pentium:
 - ff_h264_idct_add_8_sse2:    ~1.18x faster than mmxext
 - ff_h264_idct_dc_add_8_sse2: ~1.07x faster than mmxext

2 years agoavcodec/h264: add avx 8-bit h264_idct_dc_add
James Darnley [Thu, 16 Mar 2017 14:07:11 +0000 (15:07 +0100)]
avcodec/h264: add avx 8-bit h264_idct_dc_add

Haswell:
 - 1.02x faster (405±0.7 vs. 397±0.8 decicycles) compared with mmxext

Skylake-U:
 - 1.06x faster (498±1.8 vs. 470±1.3 decicycles) compared with mmxext

2 years agoavcodec/h264: add avx 8-bit h264_idct_add
James Darnley [Thu, 16 Mar 2017 13:59:48 +0000 (14:59 +0100)]
avcodec/h264: add avx 8-bit h264_idct_add

Haswell:
 - 1.11x faster (522±0.4 vs. 469±1.8 decicycles) compared with mmxext

Skylake-U:
 - 1.21x faster (671±5.5 vs. 555±1.4 decicycles) compared with mmxext

2 years agoavcodec/h264: use some 3 operand forms
James Darnley [Thu, 2 Mar 2017 00:48:16 +0000 (01:48 +0100)]
avcodec/h264: use some 3 operand forms

2 years agoavcodec/h264: change RETs into REP_RETs where appropriate
James Darnley [Mon, 27 Feb 2017 20:03:08 +0000 (20:03 +0000)]
avcodec/h264: change RETs into REP_RETs where appropriate

2 years agoavfilter/af_compand: change default attack to 0
Paul B Mahol [Mon, 15 May 2017 12:05:43 +0000 (14:05 +0200)]
avfilter/af_compand: change default attack to 0

Fixes many distortions.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/af_silenceremove: set output timestamps
Paul B Mahol [Mon, 15 May 2017 12:05:17 +0000 (14:05 +0200)]
avfilter/af_silenceremove: set output timestamps

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/scale_cuda: add CUDA scale filter
Yogender Gupta [Wed, 10 May 2017 17:18:16 +0000 (22:48 +0530)]
avfilter/scale_cuda: add CUDA scale filter

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
2 years agobuild: add support for building .cu files via nvcc
Timo Rothenpieler [Thu, 11 May 2017 20:53:41 +0000 (22:53 +0200)]
build: add support for building .cu files via nvcc

Original work by Yogender Gupta <ygupta@nvidia.com>

2 years agoconfigure: add cuda-sdk for things requiring full CUDA sdk
Timo Rothenpieler [Thu, 11 May 2017 20:51:31 +0000 (22:51 +0200)]
configure: add cuda-sdk for things requiring full CUDA sdk

2 years agovideotoolbox: add hwcontext support
wm4 [Mon, 15 May 2017 09:27:24 +0000 (11:27 +0200)]
videotoolbox: add hwcontext support

This adds tons of code for no other benefit than making VideoToolbox
support conform with the new hwaccel API (using hw_device_ctx and
hw_frames_ctx).

Since VideoToolbox decoding does not actually require the user to
allocate frames, the new code does mostly nothing.

One benefit is that ffmpeg_videotoolbox.c can be dropped once generic
hwaccel support for ffmpeg.c is merged from Libav.

Does not consider VDA or VideoToolbox encoding.

Fun fact: the frame transfer functions are copied from vaapi, as the
mapping makes copying generic boilerplate. Mapping itself is not
exported by the VT code, because I don't know how to test.

2 years agolibavcodec/exr : simplify reorder_pixels
Martin Vignali [Fri, 5 May 2017 20:20:58 +0000 (22:20 +0200)]
libavcodec/exr : simplify reorder_pixels

reorder_pixels is call by rle_uncompress and zip_uncompress
with size == uncompress_size

uncompress_size is a multiple of 2 (because exr store data
in half, float, or uint32)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/pixlet: Fixes: runtime error: signed integer overflow: 9203954323419769657...
Michael Niedermayer [Sun, 14 May 2017 15:02:49 +0000 (17:02 +0200)]
avcodec/pixlet: Fixes: runtime error: signed integer overflow: 9203954323419769657 + 29897660706736950 cannot be represented in type 'long'

Fixes: 1569/clusterfuzz-testcase-minimized-6328690508038144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/mpeg4videodec: Clear sprite wraping on unsupported cases in VOP decode
Michael Niedermayer [Sun, 14 May 2017 14:47:13 +0000 (16:47 +0200)]
avcodec/mpeg4videodec: Clear sprite wraping on unsupported cases in VOP decode

Fixes: Integer overflow
Fixes: 1572/clusterfuzz-testcase-minimized-4578773729017856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/ac3dec: Fix: runtime error: index -1 out of bounds for type 'INTFLOAT [2]'
Michael Niedermayer [Sun, 14 May 2017 12:42:45 +0000 (14:42 +0200)]
avcodec/ac3dec: Fix: runtime error: index -1 out of bounds for type 'INTFLOAT [2]'

It seems dual mono with a LFE channel is not forbidden

Fixes: 1570/clusterfuzz-testcase-minimized-6455337349545984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/hqxdsp: Fix runtime error: signed integer overflow: -196264 * 11585 cannot...
Michael Niedermayer [Sun, 14 May 2017 12:06:56 +0000 (14:06 +0200)]
avcodec/hqxdsp: Fix runtime error: signed integer overflow: -196264 * 11585 cannot be represented in type 'int'

Fixes: 1568/clusterfuzz-testcase-minimized-5944868608147456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/g723_1dec: Fix LCG type
Michael Niedermayer [Sun, 14 May 2017 12:00:42 +0000 (14:00 +0200)]
avcodec/g723_1dec: Fix LCG type

Fixes: 1567/clusterfuzz-testcase-minimized-5693653555085312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavfilter/af_compand: fix default companding to avoid clipping
Paul B Mahol [Sun, 14 May 2017 09:59:04 +0000 (11:59 +0200)]
avfilter/af_compand: fix default companding to avoid clipping

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavcodec/ffv1dec: Fix runtime error: signed integer overflow: 1550964438 + 1550964438...
Michael Niedermayer [Sat, 13 May 2017 21:24:04 +0000 (23:24 +0200)]
avcodec/ffv1dec: Fix runtime error: signed integer overflow: 1550964438 + 1550964438 cannot be represented in type 'int'

Fixes: 1559/clusterfuzz-testcase-minimized-5048096079740928
Fixes: 1560/clusterfuzz-testcase-minimized-6011037813833728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/webp: Fix signedness in prefix_code check
Michael Niedermayer [Sat, 13 May 2017 21:21:24 +0000 (23:21 +0200)]
avcodec/webp: Fix signedness in prefix_code check

Fixes: out of array read
Fixes: 1557/clusterfuzz-testcase-minimized-6535013757616128

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/svq3: Fix runtime error: signed integer overflow: 169 * 12717677 cannot be...
Michael Niedermayer [Sat, 13 May 2017 21:16:44 +0000 (23:16 +0200)]
avcodec/svq3: Fix runtime error: signed integer overflow: 169 * 12717677 cannot be represented in type 'int'

Fixes: 1556/clusterfuzz-testcase-minimized-5027865978470400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/mlpdec: Check that there is enough data for headers
Michael Niedermayer [Sat, 13 May 2017 21:13:38 +0000 (23:13 +0200)]
avcodec/mlpdec: Check that there is enough data for headers

Fixes: out of array access
Fixes: 1541/clusterfuzz-testcase-minimized-6403410590957568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/ac3dec: Keep track of band structure
Michael Niedermayer [Sat, 13 May 2017 17:28:01 +0000 (19:28 +0200)]
avcodec/ac3dec: Keep track of band structure

It is needed in some corner cases that seem not to be forbidden
Fixes: out of array index
Fixes: 1538/clusterfuzz-testcase-minimized-4696904925446144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/webp: Add missing input padding
Michael Niedermayer [Sat, 13 May 2017 16:27:27 +0000 (18:27 +0200)]
avcodec/webp: Add missing input padding

Fixes: 1536/clusterfuzz-testcase-minimized-5973925404082176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1
Michael Niedermayer [Sat, 13 May 2017 16:13:48 +0000 (18:13 +0200)]
avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1

Fixes: 1535/clusterfuzz-testcase-minimized-5826695535788032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/aacsbr_template: Do not change bs_num_env before its checked
Michael Niedermayer [Fri, 12 May 2017 02:12:15 +0000 (04:12 +0200)]
avcodec/aacsbr_template: Do not change bs_num_env before its checked

Fixes: 1489/clusterfuzz-testcase-minimized-5075102901207040
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/wavpack: Fix runtime error: signed integer overflow: 2147483642 + 512 cannot...
Michael Niedermayer [Wed, 10 May 2017 21:28:21 +0000 (23:28 +0200)]
avcodec/wavpack: Fix runtime error: signed integer overflow: 2147483642 + 512 cannot be represented in type 'int'

Fixed: 1453/clusterfuzz-testcase-minimized-5024976874766336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/scpr: Fix multiple runtime error: index 256 out of bounds for type 'unsigned...
Michael Niedermayer [Sat, 13 May 2017 13:39:32 +0000 (15:39 +0200)]
avcodec/scpr: Fix multiple runtime error: index 256 out of bounds for type 'unsigned int [256]'

Fixes: 1519/clusterfuzz-testcase-minimized-5286680976162816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/h264_cavlc: Fix runtime error: index -1 out of bounds for type 'VLC [15]
Michael Niedermayer [Sat, 13 May 2017 13:30:28 +0000 (15:30 +0200)]
avcodec/h264_cavlc: Fix runtime error: index -1 out of bounds for type 'VLC [15]

Fixes: 1513/clusterfuzz-testcase-minimized-6246484833992704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/mlp: Fix multiple runtime error: left shift of negative value -1
Michael Niedermayer [Sat, 13 May 2017 12:39:26 +0000 (14:39 +0200)]
avcodec/mlp: Fix multiple runtime error: left shift of negative value -1

Fixes: 1512/clusterfuzz-testcase-minimized-4713846423945216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavfilter: don't anonymously typedef structs
Paul B Mahol [Fri, 12 May 2017 18:00:49 +0000 (20:00 +0200)]
avfilter: don't anonymously typedef structs

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agox86/float_dsp: remove usage of integer instructions
James Almer [Sat, 13 May 2017 02:31:30 +0000 (23:31 -0300)]
x86/float_dsp: remove usage of integer instructions

2 years agoavcodec/rangecoder: Fix range coder corner case handling
Michael Niedermayer [Fri, 12 May 2017 23:45:29 +0000 (01:45 +0200)]
avcodec/rangecoder: Fix range coder corner case handling

Fixes: 1511/clusterfuzz-testcase-minimized-5906663800307712

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/dds: Fix runtime error: left shift of 210 by 24 places cannot be represented...
Michael Niedermayer [Fri, 12 May 2017 23:35:56 +0000 (01:35 +0200)]
avcodec/dds: Fix runtime error: left shift of 210 by 24 places cannot be represented in type 'int'

Fixes: 1510/clusterfuzz-testcase-minimized-5826231746428928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/rscc: Check pixel_size for overflow
Michael Niedermayer [Fri, 12 May 2017 23:31:19 +0000 (01:31 +0200)]
avcodec/rscc: Check pixel_size for overflow

Fixes: 1509/clusterfuzz-testcase-minimized-5129419876204544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/fmvc: Check nb_blocks
Michael Niedermayer [Fri, 12 May 2017 23:22:27 +0000 (01:22 +0200)]
avcodec/fmvc: Check nb_blocks

Fixes: out of array read
Fixes: 1508/clusterfuzz-testcase-minimized-5011336327069696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/hq_hqadsp: Fix runtime error: signed integer overflow: 80359 * 30274 cannot...
Michael Niedermayer [Fri, 12 May 2017 23:12:35 +0000 (01:12 +0200)]
avcodec/hq_hqadsp: Fix runtime error: signed integer overflow: 80359 * 30274 cannot be represented in type 'int'

Fixes: 1507/clusterfuzz-testcase-minimized-4955228300378112

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/cavsdec: Fix runtime error: signed integer overflow: 31 + 2147483640 cannot...
Michael Niedermayer [Fri, 12 May 2017 22:42:29 +0000 (00:42 +0200)]
avcodec/cavsdec: Fix runtime error: signed integer overflow: 31 + 2147483640 cannot be represented in type 'int'

Fixes: 1506/clusterfuzz-testcase-minimized-5401272918212608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/xpmdec: Fix multiple pointer/memory issues
Michael Niedermayer [Thu, 11 May 2017 00:38:33 +0000 (02:38 +0200)]
avcodec/xpmdec: Fix multiple pointer/memory issues

Most of these were found through code review in response to
fixing 1466/clusterfuzz-testcase-minimized-5961584419536896
There is thus no testcase for most of this.
The initial issue was Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agolibavcodec/exr : cosmetics variable name
Martin Vignali [Sat, 25 Mar 2017 12:05:45 +0000 (13:05 +0100)]
libavcodec/exr : cosmetics variable name

rename tile variable to better follow ffmpeg coding style

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/avpacket: allow only one element per type in packet side data
James Almer [Fri, 12 May 2017 16:45:44 +0000 (13:45 -0300)]
avcodec/avpacket: allow only one element per type in packet side data

It was never meant to do otherwise, as av_packet_get_side_data() returns the first
entry it finds of a given type.

Based on code from libavformat's av_stream_add_side_data().

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2 years agoavfilter/aeval: remove comment that was left from some other file
Paul B Mahol [Fri, 12 May 2017 19:47:36 +0000 (21:47 +0200)]
avfilter/aeval: remove comment that was left from some other file

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/aeval: free input frame on error
Paul B Mahol [Fri, 12 May 2017 19:42:21 +0000 (21:42 +0200)]
avfilter/aeval: free input frame on error

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/af_astats: add RMS difference too
Paul B Mahol [Fri, 12 May 2017 16:13:17 +0000 (18:13 +0200)]
avfilter/af_astats: add RMS difference too

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavfilter/vf_pad: revert part of 57c3670896c69714ca
Paul B Mahol [Fri, 12 May 2017 15:37:20 +0000 (17:37 +0200)]
avfilter/vf_pad: revert part of 57c3670896c69714ca

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavcodec/vp8dsp: vp7_luma_dc_wht_c: Fix multiple runtime error: signed integer overflo...
Michael Niedermayer [Wed, 10 May 2017 12:50:40 +0000 (14:50 +0200)]
avcodec/vp8dsp: vp7_luma_dc_wht_c: Fix multiple runtime error: signed integer overflow: -1366381240 + -1262413604 cannot be represented in type 'int'

Fixes: 1440/clusterfuzz-testcase-minimized-5785716111966208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/avcodec: Limit the number of side data elements per packet
Michael Niedermayer [Thu, 11 May 2017 11:01:36 +0000 (13:01 +0200)]
avcodec/avcodec: Limit the number of side data elements per packet

Fixes: 1293/clusterfuzz-testcase-minimized-6054752074858496

See: [FFmpeg-devel] [PATCH] avcodec/avcodec: Limit the number of side data elements per packet

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/texturedsp: Fix runtime error: left shift of 255 by 24 places cannot be repre...
Michael Niedermayer [Fri, 12 May 2017 11:15:33 +0000 (13:15 +0200)]
avcodec/texturedsp: Fix runtime error: left shift of 255 by 24 places cannot be represented in type 'int'

Fixes: 1505/clusterfuzz-testcase-minimized-4561688818876416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/g723_1dec: Fix runtime error: left shift of negative value -1
Michael Niedermayer [Fri, 12 May 2017 11:13:46 +0000 (13:13 +0200)]
avcodec/g723_1dec: Fix runtime error: left shift of negative value -1

Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -17047030 cannot...
Michael Niedermayer [Fri, 12 May 2017 11:05:46 +0000 (13:05 +0200)]
avcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -17047030 cannot be represented in type 'int'

Fixes: 1503/clusterfuzz-testcase-minimized-5369271855087616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavfilter: add acopy filter
Paul B Mahol [Tue, 9 May 2017 20:58:56 +0000 (22:58 +0200)]
avfilter: add acopy filter

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavcodec/diracdec: Fix Assertion frame->buf[0] failed at libavcodec/decode.c:610
Michael Niedermayer [Thu, 11 May 2017 21:24:23 +0000 (23:24 +0200)]
avcodec/diracdec: Fix Assertion frame->buf[0] failed at libavcodec/decode.c:610

Fixes: 1487/clusterfuzz-testcase-minimized-6288036495097856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/mss3: Fix runtime error: signed integer overflow: -2146318336 - 2139696256...
Michael Niedermayer [Thu, 11 May 2017 21:06:50 +0000 (23:06 +0200)]
avcodec/mss3: Fix runtime error: signed integer overflow: -2146318336 - 2139696256 cannot be represented in type 'int'

Fix is similar to rac_get_model_sym()
Fixes: 1483/clusterfuzz-testcase-minimized-6386507814273024
Fixes: 1485/clusterfuzz-testcase-minimized-6639880215986176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/golomb: Fix runtime error: left shift of 1 by 31 places cannot be represented...
Michael Niedermayer [Thu, 11 May 2017 19:42:45 +0000 (21:42 +0200)]
avcodec/golomb: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'

Fixes: 1481/clusterfuzz-testcase-minimized-5264379509473280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/msmpeg4dec: Check for cbpy VLC errors
Michael Niedermayer [Thu, 11 May 2017 17:10:16 +0000 (19:10 +0200)]
avcodec/msmpeg4dec: Check for cbpy VLC errors

Fixes: runtime error: left shift of negative value -1
Fixes: 1480/clusterfuzz-testcase-minimized-5188321007370240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/cllc: Check num_bits
Michael Niedermayer [Thu, 11 May 2017 16:39:33 +0000 (18:39 +0200)]
avcodec/cllc: Check num_bits

Fixes: runtime error: shift exponent -2 is negative
Fixes: 1479/clusterfuzz-testcase-minimized-6638493360979968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/cllc: Factor VLC_BITS/DEPTH out, do not use repeated literal numbers
Michael Niedermayer [Thu, 11 May 2017 16:35:24 +0000 (18:35 +0200)]
avcodec/cllc: Factor VLC_BITS/DEPTH out, do not use repeated literal numbers

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agodoc/libav-merge: mention the skipped AVFrame crop fields usage commits
James Almer [Thu, 11 May 2017 17:03:41 +0000 (14:03 -0300)]
doc/libav-merge: mention the skipped AVFrame crop fields usage commits

2 years agoMerge commit '1202b712690c14f0efb06e4ad8b06c5b3df6822a'
James Almer [Thu, 11 May 2017 17:02:45 +0000 (14:02 -0300)]
Merge commit '1202b712690c14f0efb06e4ad8b06c5b3df6822a'

* commit '1202b712690c14f0efb06e4ad8b06c5b3df6822a':
  theora: export cropping information instead of handling it internally
  h264dec: export cropping information instead of handling it internally
  h264dec: be more explicit in handling container cropping
  hevcdec: export cropping information instead of handling it internally

This commit is a noop.

This changes the cropping behavior, when it's supposedly only meant to move
it outside of the decoder.
See https://ffmpeg.org/pipermail/ffmpeg-devel/2017-May/211239.html for the
discussion about it.

Merged-by: James Almer <jamrial@gmail.com>
2 years agoavcodec/scpr: Check y in first line loop in decompress_i()
Michael Niedermayer [Thu, 11 May 2017 13:29:31 +0000 (15:29 +0200)]
avcodec/scpr: Check y in first line loop in decompress_i()

Fixes: out of array access
Fixes: 1478/clusterfuzz-testcase-minimized-5285486908145664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/dvbsubdec: Check entry_id
Michael Niedermayer [Thu, 11 May 2017 13:18:50 +0000 (15:18 +0200)]
avcodec/dvbsubdec: Check entry_id

Fixes: randomly writing over the array end
Fixes: 1473/clusterfuzz-testcase-minimized-5768907824562176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/aacdec_fixed: Fix multiple shift exponent 33 is too large for 32-bit type...
Michael Niedermayer [Thu, 11 May 2017 13:13:53 +0000 (15:13 +0200)]
avcodec/aacdec_fixed: Fix multiple shift exponent 33 is too large for 32-bit type 'int'

Fixes: 1471/clusterfuzz-testcase-minimized-6376460543590400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/mimic: Fix runtime error: index 96 out of bounds for type 'const int8_t ...
Michael Niedermayer [Thu, 11 May 2017 13:07:28 +0000 (15:07 +0200)]
avcodec/mimic: Fix runtime error: index 96 out of bounds for type 'const int8_t [64]'

Fixes: 1468/clusterfuzz-testcase-minimized-5235964056174592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agolavc/mediacodec_wrapper: fix local reference leaks
Matthieu Bouron [Wed, 10 May 2017 13:59:41 +0000 (15:59 +0200)]
lavc/mediacodec_wrapper: fix local reference leaks

Reviewed-by: Clément Bœsch <u@pkh.me>
2 years agolavc/ffjni: fix local reference leak
Matthieu Bouron [Wed, 10 May 2017 13:57:57 +0000 (15:57 +0200)]
lavc/ffjni: fix local reference leak

Reviewed-by: Clément Bœsch <u@pkh.me>
2 years agolavc/aarch64/simple_idct: fix iOS build without gas-preprocessor
Matthieu Bouron [Fri, 28 Apr 2017 19:58:55 +0000 (21:58 +0200)]
lavc/aarch64/simple_idct: fix iOS build without gas-preprocessor

Separates macro arguments with commas and passes .4H/.8H as macro
arguments instead of 4H/8H (the later form being interpreted as an
hexadecimal value).

Fixes ticket #6324.

Suggested-by: Martin Storsjö <martin@martin.st>
2 years agocmdutils_opencl: Fix read of uinitialized cl_mem
Michael Niedermayer [Mon, 17 Apr 2017 01:25:13 +0000 (03:25 +0200)]
cmdutils_opencl: Fix read of uinitialized cl_mem

Fixes CID1396856, CID1396860, CID1396861

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agocmdutils_opencl: Fix read of uninitialized pointer
Michael Niedermayer [Mon, 17 Apr 2017 01:23:55 +0000 (03:23 +0200)]
cmdutils_opencl: Fix read of uninitialized pointer

Fixes: CID1396856

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/aacdec_fixed: Fix various integer overflows
Michael Niedermayer [Sat, 6 May 2017 20:09:59 +0000 (22:09 +0200)]
avcodec/aacdec_fixed: Fix various integer overflows

Fixes: 1377/clusterfuzz-testcase-minimized-5487049807233024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoffprobe: discard non-selected streams
Clément Bœsch [Tue, 9 May 2017 08:57:12 +0000 (10:57 +0200)]
ffprobe: discard non-selected streams

2 years agoavformat/hlsenc: move old_filename free operation earlier
Steven Liu [Thu, 11 May 2017 02:15:08 +0000 (10:15 +0800)]
avformat/hlsenc: move old_filename free operation earlier

Suggested-by: Aaron Levinson <alevinsn@aracnet.com>
Reviewed-by: Aaron Levinson <alevinsn@aracnet.com>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
2 years agoavcodec/mpeg12dec: Fixes runtime error: division by zero
Michael Niedermayer [Wed, 10 May 2017 22:49:31 +0000 (00:49 +0200)]
avcodec/mpeg12dec: Fixes runtime error: division by zero

Fixes: 1464/clusterfuzz-testcase-minimized-4925445571084288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/pixlet: Fix runtime error: signed integer overflow: 436207616 * -516023054526...
Michael Niedermayer [Wed, 10 May 2017 21:48:30 +0000 (23:48 +0200)]
avcodec/pixlet: Fix runtime error: signed integer overflow: 436207616 * -5160230545260541 cannot be represented in type 'long'

Fixes: 1462/clusterfuzz-testcase-minimized-6558894463647744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/webp: Always set pix_fmt
Michael Niedermayer [Wed, 10 May 2017 16:37:49 +0000 (18:37 +0200)]
avcodec/webp: Always set pix_fmt

Fixes: out of array access
Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632
Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavfilter/vf_uspp: Fix currently unused input frame dimensions
Michael Niedermayer [Wed, 10 May 2017 19:54:31 +0000 (21:54 +0200)]
avfilter/vf_uspp: Fix currently unused input frame dimensions

Found-by: Nicolas
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/truemotion1: Fix multiple runtime error: left shift of negative value -1
Michael Niedermayer [Wed, 10 May 2017 17:09:31 +0000 (19:09 +0200)]
avcodec/truemotion1: Fix multiple runtime error: left shift of negative value -1

Fixes: 1446/clusterfuzz-testcase-minimized-5577409124368384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/eatqi: Fix runtime error: signed integer overflow: 4466147 * 1075 cannot...
Michael Niedermayer [Wed, 10 May 2017 17:02:05 +0000 (19:02 +0200)]
avcodec/eatqi: Fix runtime error: signed integer overflow: 4466147 * 1075 cannot be represented in type 'int'

Fixes: 1443/clusterfuzz-testcase-minimized-4826998612426752

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/dss_sp: Fix runtime error: signed integer overflow: 2147481189 + 4096 cannot...
Michael Niedermayer [Wed, 10 May 2017 16:51:58 +0000 (18:51 +0200)]
avcodec/dss_sp: Fix runtime error: signed integer overflow: 2147481189 + 4096 cannot be represented in type 'int'

Fixes: 1441/clusterfuzz-testcase-minimized-6223152357048320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavfilter/af_afir: workaround nonsense limitation in vector_fmul_scalar()
Paul B Mahol [Wed, 10 May 2017 18:07:30 +0000 (20:07 +0200)]
avfilter/af_afir: workaround nonsense limitation in vector_fmul_scalar()

Signed-off-by: Paul B Mahol <onemda@gmail.com>
2 years agoavcodec/hevc_sei: remove bugus debug message
James Almer [Wed, 10 May 2017 17:58:46 +0000 (14:58 -0300)]
avcodec/hevc_sei: remove bugus debug message

Also Change the active_parameter_sets function name to one more in line
with the rest of the file.

Signed-off-by: James Almer <jamrial@gmail.com>
2 years agoavcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message
James Almer [Sat, 6 May 2017 23:31:45 +0000 (20:31 -0300)]
avcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message

The code was skipping the entire reported SEI message size regardless of
the amount of bits read.
While in theory safe for NALU where the picture timing SEI message is alone
or at the end as we're using the checked bitstream reader, it isn't in any
other situation, where every SEI message in the NALU after the picture
timing one would potentially fail to parse.

Change the function name to one more in line with the rest of file, and
remove the bogus "Skipped SEI" debug message while at it.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2 years agoavformat/wavdec: Check chunk_size
李赞 [Wed, 10 May 2017 12:55:34 +0000 (14:55 +0200)]
avformat/wavdec: Check chunk_size

Fixes integer overflow and out of array access

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/cavs: Check updated MV
Michael Niedermayer [Wed, 10 May 2017 12:41:23 +0000 (14:41 +0200)]
avcodec/cavs: Check updated MV

Fixes: runtime error: signed integer overflow: 251 + 2147483647 cannot be represented in type 'int'
Fixes: 1438/clusterfuzz-testcase-minimized-4917542646710272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoavcodec/y41pdec: Fix width in input buffer size check
Michael Niedermayer [Wed, 10 May 2017 12:33:27 +0000 (14:33 +0200)]
avcodec/y41pdec: Fix width in input buffer size check

Fixes: out of array read
Fixes: 1437/clusterfuzz-testcase-minimized-4569970002362368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agoffmpeg: add enc_time_base option
erankor [Wed, 3 May 2017 08:50:15 +0000 (11:50 +0300)]
ffmpeg: add enc_time_base option

add a per-stream option for setting the encoder timebase.
the following values are allowed:
0 - for video, use 1/frame_rate, for audio use 1/sample_rate (this is
  the default)
-1 - match the input timebase (when possible)
>0 - set the timebase to provided number

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agofate/exr : add test for Y, b44A negative half, and datawindow != displaywindow
Martin Vignali [Mon, 1 May 2017 12:14:57 +0000 (14:14 +0200)]
fate/exr : add test for Y, b44A negative half, and datawindow != displaywindow

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agolibavformat/tcp: fix return code for tcp_accept
Simon Thelen [Sat, 8 Apr 2017 12:21:28 +0000 (14:21 +0200)]
libavformat/tcp: fix return code for tcp_accept

ff_accept can return AVERROR(ETIMEDOUT) and errno will be 0 (or
undefined), return ret instead and return ff_neterror() in
ff_poll_interrupt instead of AVERROR(errno) to parse WSAGetLastError on
Windows.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agodoc/codecs: Change common boolean parameters listed to "bool"
Michael Niedermayer [Wed, 10 May 2017 01:08:46 +0000 (03:08 +0200)]
doc/codecs: Change common boolean parameters listed to "bool"

Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2 years agodoc/codecs: Add missing documentation for apply_cropping
Michael Niedermayer [Tue, 9 May 2017 15:23:35 +0000 (17:23 +0200)]
doc/codecs: Add missing documentation for apply_cropping

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>