summaryrefslogtreecommitdiff
path: root/libavcodec/mjpegdec.c
Commit message (Collapse)AuthorAge
* avcodec/mjpegdec: Remove redundant initializationAndreas Rheinhardt2020-10-09
| | | | | | | | | Now that the correct number of codes is used, it is no longer necessary to initialize the lengths of the codes at all any more as the length of the actually used codes is set later anyway. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec/mjpegdec: Remove use_static from build_vlc()Andreas Rheinhardt2020-10-09
| | | | | | | | | It is always zero; it referred to the INIT_VLC_USE_STATIC flag which has been removed in 595324e143b57a52e2329eb47b84395c70f93087. Reviewed-by: Paul B Mahol <onemda@gmail.com> Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec/mjpegdec: Use correct number of codes when init default VLCsAndreas Rheinhardt2020-10-08
| | | | | | | | | | | | | | | | | | | | | | | | | Commit bbc0d0c1fe2b7ecdc4367295594f084f85ad22f5 made the mjpeg decoder use default Huffman tables when none are given, yet when initializing the default Huffman tables, it did not use the correct number of entries of the arrays used to initialize the tables, but instead it used the biggest entry + 1 (as if it were a continuous array 0..biggest entry). This worked because the ff_init_vlc_sparse() (and its predecessors) always skipped entries with a length of zero and the length of the corresponding elements was always initialized to zero with only the sizes of the actually existing elements being set to a size > 0 lateron. Yet since commit 1249698e1b424cff8e77e6a83cfdbc9d11e01aa7 this is no longer so, as build_vlc() actually read the array containing the values itself. This implies that the wrong length now leads to a read beyond the end of the given array; this could lead to crashs (but usually doesn't); it is detectable by ASAN* and this commit fixes it. *: AddressSanitizer: global-buffer-overflow on address xy ... xy is located 0 bytes to the right of global variable 'avpriv_mjpeg_val_ac_luminance' Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec/mjpegdec: Use correct number of codes for VLC tablesAndreas Rheinhardt2020-10-08
| | | | | | | | | | | | | | | | | | Commit 1249698e1b424cff8e77e6a83cfdbc9d11e01aa7 made ff_mjpeg_decode_dht() call build_vlc() with a wrong (too hight) number of codes. The reason it worked is that the lengths of the extraneous entries is initialized to zero and ff_init_vlc_sparse() ignores codes with a length of zero. But using a too high number of codes was nevertheless bad, because a) the assert in build_vlc() could have been triggered (namely if the real amount of codes is 256) and b) the loop in build_vlc() uses initialized data (leading to Valgrind errors [1]). Furthermore, the old code spend CPU cycles in said loop although the result won't be used anyway. [1]: http://fate.ffmpeg.org/report.cgi?slot=x86_64-archlinux-gcc-valgrind&time=20201008025137 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec/mjpegdec: improve decoding of DNG filesPaul B Mahol2020-10-07
| | | | That have unused symbols coded in DHT.
* avcodec/mjpegdec: Limit bayer to single plane outputting formatMichael Niedermayer2020-07-05
| | | | | | | This reduces the number of paths reachable with DNG and should improve security Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc: Rename hwaccel.h to hwconfig.hMark Thompson2020-04-26
| | | | | This already applied to decoders as well as hwaccels, and adding encoder support was going to make the name even more inaccurate.
* avcodec: Replace get_bits_long() by get_bits() where possibleMichael Niedermayer2019-12-31
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Unify switch statementsAndreas Rheinhardt2019-09-18
| | | | | | | | | This has been forgotten in d5a3a20d. Found via PVS-Studio (see ticket #8156). Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Restore non bayer checks in ljpeg_decode_rgb_scan()Michael Niedermayer2019-09-13
| | | | | | | | | Fixes: out of array write Fixes: 17088/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5654877765632000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Only allow 0x11110000 pix_fmt_id for bayer modeMichael Niedermayer2019-09-13
| | | | | | | | | | | Fixes: NULL pointer dereference Fixes: assertion failure Fixes: 17003/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5696929253556224 Fixes: 17039/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5651008134316032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc/mjpegdec: Skip unknown APPx marker on bayer imagesNick Renieris2019-09-02
| | | | | | | | Samples: - Embedded JPEG images in the DNG images here: https://www.photographyblog.com/previews/pentax_k1_photos Signed-off-by: Nick Renieris <velocityra@gmail.com>
* lavc/mjpegdec: Enable decoding of single-component bayer imagesNick Renieris2019-09-02
| | | | | | | | | Also, ensure no false positives when determining DNG bayer images, by setting them in tiff.c instead of relying on a heuristic. There's no way to determine this just from the JPEG data, so we have to pass this information from outside the MJPEG decoder. Signed-off-by: Nick Renieris <velocityra@gmail.com>
* lavc/mjpegdec: Decode Huffman-coded lossless JPEGs embedded in DNGsNick Renieris2019-09-02
| | | | | | | | | | | Main image data in DNGs is usually comprised of tiles, each of which is a Huffman-encoded lossless JPEG. Tested for ljpeg regressions with: `ffmpeg -f lavfi -i testsrc=d=1 -vcodec ljpeg test.avi` `ffmpeg test.avi out.avi` The modified code in ljpeg_decode_rgb_scan runs without issues. Signed-off-by: Nick Renieris <velocityra@gmail.com>
* lavc/mjpegdec: make code alignedZhong Li2019-07-01
| | | | | Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Zhong Li <zhong.li@intel.com>
* lavc/mjpegdec: replace number with marker nameZhong Li2019-07-01
| | | | | | Make it easier to read. Signed-off-by: Zhong Li <zhong.li@intel.com>
* avcodec/mjpegdec: Check for non ls PAL8Michael Niedermayer2019-06-12
| | | | | | | | Fixes: Null-dereference READ in av_malloc Fixes: 15002/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5643474625363968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Fix stereo3d memleakMichael Niedermayer2019-02-25
| | | | | | | Fixes: 12937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5714945346371584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Fix indention of ljpeg_decode_yuv_scan()Michael Niedermayer2018-12-19
| | | | | Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: verify SOF len field validityMichael Niedermayer2018-12-19
| | | | | Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc/mjpegdec: Interpret three-component Adobe transform 0 also as RGB.Carl Eugen Hoyos2018-12-18
| | | | | | While there, make a comparison with "RGB" more readable. Fixes ticket #7625.
* mjpegdec: Fill raw huffman tables with default values tooMark Thompson2018-11-18
| | | | | | These may be used by hwaccel decoders when the standard tables are not otherwise available. At the same time, clean up that code into an array so it's a little less repetitive.
* mjpeg: Use profile names in the encoder and decoderVittorio Giovara2018-11-05
|
* lavc/mjpegdec: Support 2:3 subsampling.Carl Eugen Hoyos2018-10-18
| | | | Fixes ticket #7495.
* avcodec/mjpegdec: simplify rgb index remapingMichael Niedermayer2018-09-12
|
* avcodec/mjpegdec: Check for odd progressive RGBMichael Niedermayer2018-07-08
| | | | | | | | Fixes: out of array access Fixes: 9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5684770334834688 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan()Michael Niedermayer2018-06-23
| | | | | | | | Fixes: Timeout Fixes: 8648/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5108395525799936 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan()Michael Niedermayer2018-06-06
| | | | | | | | Fixes: signed integer overflow: 32768 + 2147450880 cannot be represented in type 'int' Fixes: 7885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5298834394578944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Check input buffer size.Michael Niedermayer2018-04-12
| | | | | | | | Fixes: Timeout Fixes: 6381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5665032743419904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/nvdec: Implement mjpeg nvdec hwaccelPhilip Langdale2018-02-21
|
* vaapi: Add MJPEG decode hwaccelMark Thompson2018-02-21
|
* mjpegdec: Add hwaccel hooksMark Thompson2018-02-21
| | | | | Also adds some extra fields to the main context structure that may be needed by a hwaccel decoder.
* lavc/mjpeg: Add profiles for MJPEG using SOF marker codesMark Thompson2018-02-21
| | | | | | This is needed by later hwaccel code to tell which encoding process was used for a particular frame, because hardware decoders may only support a subset of possible methods.
* avcodec/mjpegdec: Fix integer overflow in DC dequantizationMichael Niedermayer2018-01-27
| | | | | | | | Fixes: runtime error: signed integer overflow: -65535 * 65312 cannot be represented in type 'int' Fixes: 4900/clusterfuzz-testcase-minimized-5769019744321536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec: remove remaining uses of avcodec_get_chroma_sub_sampleMartin Vignali2017-11-06
| | | | | | Replace them with av_pix_fmt_get_chroma_sub_sample. Signed-off-by: James Almer <jamrial@gmail.com>
* avcodec/exif: remove GetByteContext usage from avpriv_exif_decode_ifd()James Almer2017-10-26
| | | | | | | This prevents potential ABI issues with GetByteContext. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
* mjpeg: Add support for ICC side dataDerek Buitenhuis2017-08-25
| | | | | | | | JPEGs store embedded profiles under the APP2 marker, signified with a "ICC_PROFILE" null-terminated string header, and can be split across multiple APP2 markers, out of order. Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* avcodec/mjpegdec: Clip DC also on the negative side.Michael Niedermayer2017-07-12
| | | | | | | | Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot be represented in type 'int' Fixes: 2533/clusterfuzz-testcase-minimized-5372857678823424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Check that reference frame matches the current frameMichael Niedermayer2017-06-05
| | | | | | | | Fixes: out of array read Fixes: 2097/clusterfuzz-testcase-minimized-5036861833609216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Fix runtime error: signed integer overflow: -32767 * ↵Michael Niedermayer2017-05-22
| | | | | | | | | 130560 cannot be represented in type 'int' Fixes: 1724/clusterfuzz-testcase-minimized-4842395432648704 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mjpegdec: Fix runtime error: signed integer overflow: -24543 * ↵Michael Niedermayer2017-05-04
| | | | | | | | | 2031616 cannot be represented in type 'int' Fixes: 943/clusterfuzz-testcase-5114865297391616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec: do not use AVFrame accessorMuhammad Faiz2017-04-23
| | | | | Reviewed-by: wm4 <nfxjfg@googlemail.com> Signed-off-by: Muhammad Faiz <mfcc64@gmail.com>
* lavc/mjpegdec: allow failure while decoding APPClément Bœsch2017-04-07
| | | | | | Fix decoding frame.jpg from ticket #267 Regression since 9c7ee3749 / 212c6a1d7
* Merge commit '212c6a1d70df011b6f2a2aa02f7677503287bd00'Clément Bœsch2017-04-07
|\ | | | | | | | | | | | | * commit '212c6a1d70df011b6f2a2aa02f7677503287bd00': mjpegdec: Check return values of functions that may fail Merged-by: Clément Bœsch <u@pkh.me>
| * mjpegdec: Check return values of functions that may failDiego Biurrun2016-11-29
| |
* | Merge commit '67deba8a416d818f3d95aef0aa916589090396e2'Clément Bœsch2017-03-31
|\| | | | | | | | | | | | | * commit '67deba8a416d818f3d95aef0aa916589090396e2': Use avpriv_report_missing_feature() where appropriate Merged-by: Clément Bœsch <cboesch@gopro.com>
| * Use avpriv_report_missing_feature() where appropriateDiego Biurrun2016-11-08
| |
* | lavc: fix usages of av_get_codec_tag_string()Clément Bœsch2017-03-29
| |
* | avcodec/mjpegdec: quant_matrixes can be up to 65535, use uint16_tMichael Niedermayer2017-03-20
| | | | | | | | | | | | | | | | Fixes invalid shift Fixes: 870/clusterfuzz-testcase-5649105424482304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec/mjpegdec: Check quant_matrixes values for being non zeroMichael Niedermayer2017-03-20
| | | | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-30 08:10:43 +0000