| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
For incoming packets from WAV.
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
|
| |
|
|
|
|
|
|
| |
Prefer to error than to create a broken file. Closes ticket #5829.
Effectively disables remuxing adpcm_swf from flv -> wav.
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
|
| | |
|
| |
|
|
|
|
|
| |
Extend aphasemeter to detect out of phase or mono sequences in
stereo streams.
Signed-off-by: Romane Lafon <romane@nomalab.com>
|
| |
|
|
|
|
|
| |
Revert "avcodec/notchlc: Check uncompressed size against input for LZ4"
Found-by: durandal_1707
This reverts commit 51002362c4ed301e54cea1597666cd5cc9a134f3.
|
| |
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 2147483647 + 64 cannot be represented in type 'int'
Fixes: 26218/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CRI_fuzzer-5734075396259840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: out of array write
Fixes: 26242/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CRI_fuzzer-5161495882891264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
| |
6f69f7a8bf6a0d013985578df2ef42ee6b1c7994 introduced this and it was part
of a very large merging of refactoring. Current behaviour is what is
reflected by this indenting change, however my understanding of timing
is such that this correct behaviour.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
| |
Fixes: division by zero
Fixes: 26293/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5176665237618688
Fixes: 26331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5632330364092416
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 536870912 + 1610612736 cannot be represented in type 'int'
Fixes: 26288/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-6194364759670784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 553590816 - -2145378049 cannot be represented in type 'int'
Fixes: 26315/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5938755121446912
Fixes: 26340/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5644316208529408
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: Infinite loop
Fixes: 26381/clusterfuzz-testcase-minimized-ffmpeg_dem_BOA_fuzzer-5745789089087488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: stack buffer overflow (read)
Fixes: 26369/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-5721057325219840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes: OOM
Fixes: 26168/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-6019839015256064
Equation is based on LZ4_COMPRESSBOUND from lz4.h
Suggested-by: Paul
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: signed integer overflow: -1172299744 * 2 cannot be represented in type 'int'
Fixes: 26258/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5672758488596480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
|
| |
ff_h264_chroma422_dc_dequant_idct()
Fixes: signed integer overflow: 241173056 + 1953511200 cannot be represented in type 'int'
Fixes: 26086/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5068366420901888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Check all the six bits, not only the two bits that are set for SPS.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
| |
Introduced in a2b1dd0ce301450a47c972745a6b33c4c273aa5d.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit a2b1dd0ce301450a47c972745a6b33c4c273aa5d added support for
parsing annex B HEVC extradata to extract profile and level information.
Yet it only checks for there to be enough data left for the startcode
and the first byte of the NAL unit header and not for the full NAL unit
header; it simply presumes the second byte of the NAL unit header to be
present and skips it. Then the remaining size of the extradata is calculated
which ends up negative if the second byte of the NAL unit header is not
present. Yet when calling ff_nal_unit_extract_rbsp() it
will be converted to an uint32_t and end up as UINT32_MAX which
will cause mayhem.
This is solved by making sure that there is always enough remaining
extradata that could (pending 0x03 escapes) contain the data that we
are interested in.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 3458015007900000256 + 6425686373040000000 cannot be represented in type 'long'
Fixes: 26430/clusterfuzz-testcase-minimized-ffmpeg_dem_BRSTM_fuzzer-5761175004119040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
|
|
| |
fix ticket: 8904
parse the SPS from extradata and get profile_tier_level
write the profile_tier_level info into CODECS Attribute
HLS CODECS Attribute reference to :https://developer.apple.com/documentation/http_live_streaming/hls_authoring_specification_for_apple_devices/hls_authoring_specification_for_apple_devices_appendixes
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix ticket: 8636
When write keyframe and the keyframe is the frist packet of the segment,
then compute the size of the keyframe which have been write into segment
first packet. and set the start position of the segment, should not use
avio_tell(vs->out) to get the keyframe position, because it can be set
to 0 if close at above of the workflow, that maybe inaccurate, but the
start_pos can be used here, because start_pos is set after write
the previous packet.
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
|
| |
|
|
|
|
|
| |
if the length of the root url is 0, unnecessary process the root_url
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The target duration will be a negative value when there are
some b frames after prevous frame, the pts after current packet
is large than the pts of current packet, so the target duration
will compute as 0.040000 - 0.080000, then the value of the target
duration will be -0.040000. so hls muxer should check the pts after
current packet minus the pts of current packet, hls muxer can split
the stream as a segment if the target duration is neither negative nor
zero, hls muxer cannot split the stream as a segment if the
target duration is either negative or zero then get the next packet
until the target duration is not negative or zero.
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Suggested-by: Zhili Zhao <quinkblack@foxmail.com>
Signed-off-by: liuqi05 <liuqi05@kuaishou.com>
|
| |
|
|
|
| |
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
It makes no sense to call the functions to write styl, hlit or hclr boxes
with a different box name than "styl", "hlit" or "hclr". Therefore this
commit inlines these values in the functions, removes the function
parameter containing the box's name and removes the (non obsolete) box
names from the list of boxes.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mov_text encoder uses an AVBPrint to assemble the subtitles;
yet mov_text subtitles are not pure text; they also have a binary
portion that was mostly handled as follows:
uint32_t size = /* calculation */;
size = AV_RB32(&size);
av_bprint_append_data(bprint, (const char*)&size, 4);
Here AV_RB32() is a no-op on big-endian systems and a LE-BE swap
on little-endian systems, making the output endian-independent.
Yet this is ugly and unclean: On LE systems, the variable size from
the snippet above won't contain the correct value any more. Furthermore,
using this pattern leads to lots of small writes to the AVBPrint.
This commit therefore changes this to using a temporary buffer instead:
uint8_t buf[4];
AV_WB32(buf, /* size calculation */);
av_bprint_append_data(bprint, buf, 4);
This method also allows to use bigger buffers holding more than one
element, saving calls to av_bprint_append_data() and reducing codesize.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
| |
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Up until now, the mov_text encoder used the dynamic array API for its
list of style attributes; it used the (horrible) av_dynarray_add() which
works with an array of pointers; on error it frees its array but not
the buffers referenced by the pointers said array contains. It also
returns no error code, encouraging not to check for errors.
These properties imply that this function may only be used if the buffers
referenced by the list either need not be freed at all or if they are
freed by other means (i.e. if the list contains non-ownership pointers).
In this case, the style attributes are owned by the pointers of the
dynamic list. Ergo the old style attributes leak on a subsequent
reallocation failure. But given that the (re)allocation isn't checked
for success, the style attribute intended to be added to the list also
leaks because the only pointer to it gets overwritten in the belief that
it is now owned by the list.
This commit fixes this by switching to av_fast_realloc() and an array
containing the styles directly instead of pointers to individually
allocated style attributes. The current style attributes are now no longer
individually allocated, instead they are part of the context.
Furthermore, av_fast_realloc() allows to easily distinguish between
valid and allocated elements, thereby allowing to reuse the array
(which up until now has always been freed after processing an
AVSubtitleRect).
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes segfaults in the absence of fonts; this can happen because the
file didn't contain any or because the allocation of the font-string
failed.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Otherwise the mov_text encoder can segfault when given subtitles with more
than one AVSubtitleRect if one of the first nb_rects - 1 rects contained
a style attribute.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Background colour was never initialized if no style was available.
Use a sane default of zero (i.e. completely transparent).
Fixes Coverity issue #1461471.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
They are no longer needed.
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TensorFlow C library accepts config for session options to
set different parameters for the inference. This patch exports
this interface.
The config is a serialized tensorflow.ConfigProto proto, so we need
two steps to use it:
1. generate the serialized proto with python (see script example below)
the output looks like: 0xab...cd
where 0xcd is the least significant byte and 0xab is the most significant byte.
2. pass the python script output into ffmpeg with
dnn_processing=options=sess_config=0xab...cd
The following script is an example to specify one GPU. If the system contains
3 GPU cards, the visible_device_list could be '0', '1', '2', '0,1' etc.
'0' does not mean physical GPU card 0, we need to try and see.
And we can also add more opitions here to generate more serialized proto.
script example to generate serialized proto which specifies one GPU:
import tensorflow as tf
gpu_options = tf.GPUOptions(visible_device_list='0')
config = tf.ConfigProto(gpu_options=gpu_options)
s = config.SerializeToString()
b = ''.join("%02x" % int(ord(b)) for b in s[::-1])
print('0x%s' % b)
|
| |
|
|
| |
process.
|
| |
|
|
|
| |
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
| |
Improves readability.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
| |
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
| |
style_active doesn't do anything any more: It is already assured
that style_active is one when one reaches the end of a style.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The checks for whether a style should be opened/closed at the current
character position are as follows: A variable entry contained the index
of the currently active or potentially next active style. If the current
character position coincided with the start of style[entry], the style
was activated; this was followed by a check whether the current
character position coincided with the end of style[entry]; if so, the
style was deactivated and entry incremented. Afterwards the char was
processed.
The order of the checks leads to problems in case the endChar of style A
coincides with the startChar of the next style (say B): Style B was never
opened. When we are at said common position, the currently active style
is A and so the start pos check does not succeed; but the end pos check
does and it closes the currently active style A and increments entry.
At the next iteration of the loop, the current character position is
bigger than the start position of style B (which is style[entry]) and
therefore the style is not activated.
The solution is of course to first check for whether a style needs to be
closed (and increment entry if it does) before checking whether the next
style needs to be opened.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
They would either lead to unnecessary ASS tags being emitted (namely
tags that are reset immediately thereafter) or would lead to problems
when parsing: e.g. if a zero-length style immediately follows another
style, the current code will end the preceding style and set the
zero-length style as the next potentially active style, but it is only
tested for activation when the next character is parsed at which point
the current offset is already greater than both the starting as well
as the end offset of the empty style. It will therefore neither be
opened nor closed and all subsequent styles will be ignored.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Up until now, the 3GPP Timed Text decoder used av_dynarray_add()
for a list of style entries. Said entries are individually allocated
and owned by the pointers in the dynamic array and are therefore
unsuitable for av_dynarray_add() which simply frees the array,
but not the entries on error. In this case the intended new entry
also leaks because it has been forgotten to free it.
This commit fixes this. It is now allocated in one go and not
reallocated multiple times (and it won't be overallocated any more).
After all, the final number of elements (pending errors) is already
known in advance.
Furthermore, the style entries are now the entries of the new array,
i.e. they are no longer allocated separately. This also removes one
level of indirection.
Reviewed-by: Philip Langdale <philipl@overt.org>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
|
