summaryrefslogtreecommitdiff
path: root/libavcodec/pngdec.c
Commit message (Collapse)AuthorAge
* Avoid calling functions repeatedly via FFMINAndreas Rheinhardt2021-07-18
| | | | Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
* lavc/pngdec: fix updating reference frames for APNG_DISPOSE_OP_BACKGROUNDAnton Khirnov2021-05-14
| | | | | | | | They should be treated the same as APNG_DISPOSE_OP_NONE. Broken in 5663301560. Fixes #9184.
* avcodec: Constify AVCodecsAndreas Rheinhardt2021-04-27
| | | | | | | | | | Given that the AVCodec.next pointer has now been removed, most of the AVCodecs are not modified at all any more and can therefore be made const (as this patch does); the only exceptions are the very few codecs for external libraries that have a init_static_data callback. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
* lavc/pngdec: always create a copy for APNG_DISPOSE_OP_BACKGROUNDAnton Khirnov2021-04-08
| | | | | | | | | | | | Calling av_frame_make_writable() from decoders is tricky, especially when frame threading is used. It is much simpler and safer to just make a private copy of the frame. This is not expected to have a major performance impact, since APNG_DISPOSE_OP_BACKGROUND is not used often and av_frame_make_writable() would typically make a copy anyway. Found-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc/pngdec: use a separate bytestream reader for each chunkAnton Khirnov2021-04-08
| | | | | | This makes sure that reading a truncated chunk will never overflow into the following chunk. It also allows to remove many repeated lines skipping over the trailing crc checksum.
* lavc/pngdec: improve chunk length checkAnton Khirnov2021-04-08
| | | | The length does not cover the chunk type or CRC.
* lavc/pngdec: restructure exporting frame meta/side dataAnton Khirnov2021-04-08
| | | | | | | | | | | | | | | This data cannot be stored in PNGDecContext.picture, because the corresponding chunks may be read after the call to ff_thread_finish_setup(), at which point modifying shared context data is a race. Store intermediate state in the context and then write it directly to the output frame. Fixes exporting frame metadata after 5663301560 Fixes #8972 Found-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* lavc/pngdec: remove unnecessary context variablesAnton Khirnov2021-04-08
| | | | | | Do not store the image buffer pointer/linesize in the context, just access them directly from the frame. Stop assuming that linesize is the same for the current and last frame.
* lavc/pngdec: perform APNG blending in-placeAnton Khirnov2021-04-08
| | | | Saves an allocation+free and two frame copies per each frame.
* avcodec/pngdec: Fix memleak by postponing allocationAndreas Rheinhardt2021-03-19
| | | | | | Fixes Coverity ticket #1322342. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec: Constify some AVPacketsAndreas Rheinhardt2021-03-09
| | | | | Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* pngdec: fix and simplify apng reference handlingAnton Khirnov2021-02-24
| | | | | | | | | Current code is very confused and confusing. It uses two different reference frames - "previous" and "last" - when only one is really necessary. It also confuses the two, leading to incorrect output with APNG_DISPOSE_OP_PREVIOUS mode. Fixes #9017.
* lavc: split LSCR decoder out of PNG decoderAnton Khirnov2021-02-24
| | | | | It shares very little code with pngdec, so keeping them together only makes the code harder to read.
* avcodec/pngdec: fix possible race condition with APNG decodingPaul B Mahol2021-02-13
| | | | Fixes #9017
* avcodec/lscr: stop returning error if size of packet is 2 bytesPaul B Mahol2020-09-16
|
* avcodec/pngdec: Check for fctl after idatMichael Niedermayer2020-07-01
| | | | | | | | Fixes: out of array access Fixes: 23554/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-4796622520451072.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* pngdec: add ability to check chunk CRCLynne2020-05-26
| | | | | | | | By default now, if AV_EF_CRCCHECK or AV_EF_IGNORE_ERR are enabled the decoder will skip the chunk and carry on with the next one. This should make the decoder able to decode more corrupt files because the functions which decode individual chunks will very likely error out if fed invalid data and stop the decoding of the entire image.
* avcodec/pngdec: Check length in fdATMichael Niedermayer2020-05-10
| | | | | | | | Fixes: 21089/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5135981419429888 Fixes: out of array read Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: remove the unnecessary type conversionLimin Wang2020-05-08
| | | | | Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com> Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
* avcodec/pngdec: Pass ret from decode_iccp_chunk()Michael Niedermayer2020-04-20
| | | | | | | Found while reviewing a patch fixing a similar issue Reviewed-by: Anton Khirnov <anton@khirnov.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: set return value on av_stereo3d_create_side_data() failurePeter Ross2020-04-18
| | | | | Signed-off-by: Peter Ross <pross@xvid.org> Reviewed-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* pthread_frame: merge the functionality for normal decoder init and ↵Anton Khirnov2020-04-10
| | | | | | | | | | | | | | | | init_thread_copy The current design, where - proper init is called for the first per-thread context - first thread's private data is copied into private data for all the other threads - a "fixup" function is called for all the other threads to e.g. allocate dynamically allocated data is very fragile and hard to follow, so it is abandoned. Instead, the same init function is used to init each per-thread context. Where necessary, AVCodecInternal.is_copy can be used to differentiate between the first thread and the other ones (e.g. for decoding the extradata just once).
* lavc: replace AVCodecInternal.allocate_progress with an internal capAnton Khirnov2020-04-10
| | | | This is a constant codec property, so a capability flag is more appropriate.
* avcodec/pngdec: Check amount decodedMichael Niedermayer2020-02-03
| | | | | | | | | | | Fixes: Timeout (70sec -> 243ms) Fixes: 16097/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5664690889293824 Fixes: 16927/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5170612070252544 Fixes: 16927/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5706325622784000 Fixes: 18705/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5650989302677504 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: add logging context to logSteven Liu2019-10-08
| | | | | Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
* avcodec/pngdec: Optimize has_trns codeMichael Niedermayer2019-09-02
| | | | | | | | | | | | | add inner loop specialisations for 2 bpp and 4 bpp These are all cases for which i found testsamples. 30M cycles -> 5M cycles Testcase: fate-rgbapng-4816 Testcase: 16097/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5664690889293824 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: consider chunk size in minimal size checkMichael Niedermayer2019-08-11
| | | | | | | | | | assuming each block contains an empty chunk there has to be at least 8 bytes extra. Fixes: 15327/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LSCR_fuzzer-5676669303521280 Fixes: Timeout (11->5sec) Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: Check that previous_picture has same w/h/formatMichael Niedermayer2019-07-13
| | | | | | | | | Fixes: out of array access Fixes: 15540/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5684905029140480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: Check input spaceMichael Niedermayer2019-06-25
| | | | | | | | Fixes: Timeout (33sec -> 78ms) Fixes: 14668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LSCR_fuzzer-5767073352908800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: Check nb_blocksMichael Niedermayer2019-05-25
| | | | | | | | | Fixes: Timeout (23sec -> 0.5sec) Fixes: 14329/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LSCR_fuzzer-5679252923482112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec: add LSCR decoderPaul B Mahol2019-04-13
| | | | Fixes #4711.
* avcodec/pngdec: Check compression methodMichael Niedermayer2018-11-16
| | | | | | | | | | method 0 (inflate/deflate) is the only specified in the specification and the only supported Fixes: Timeout Fixes: 10976/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5729372588736512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc/pngdec: Replace the number by macro for bprint initJun Zhao2018-06-17
| | | | | | Replace the number by macro for bprint init. Signed-off-by: Jun Zhao <mypopydev@gmail.com>
* Merge commit '9f5b77c16f4da6248b57f0601364d9c762c620c2'James Almer2017-11-11
|\ | | | | | | | | | | | | * commit '9f5b77c16f4da6248b57f0601364d9c762c620c2': png: Report more details regarding unsupported pixel formats Merged-by: James Almer <jamrial@gmail.com>
| * png: Report more details regarding unsupported pixel formatsLuca Barbato2017-08-21
| |
| * avcodec: Mark some codecs with threadsafe init as suchDerek Buitenhuis2017-02-09
| | | | | | | | | | Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
| * Use correct printf conversion specifiers for POSIX integer typesDiego Biurrun2016-12-23
| |
* | lavc/pngdec: fix av_bprint_finalize() usage.Nicolas George2017-11-09
| |
* | pngdec: expose gAMA and cHRM chunks as side/meta dataRostislav Pehlivanov2017-11-09
| | | | | | | | Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
* | pngdec: check for bprint finalization sucess on icc data parsingRostislav Pehlivanov2017-11-09
| | | | | | | | | | | | It can fail in case of OOM. Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
* | avcodec/pngdec: Clean up on av_frame_ref() failureMichael Niedermayer2017-09-20
| | | | | | | | | | | | | | | | | | Fixes: memleak Fixes: 3203/clusterfuzz-testcase-minimized-4514553595428864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec/pngdec: Fix () placementMichael Niedermayer2017-08-22
| | | | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | pngdec: fix potential memory leakRostislav Pehlivanov2017-07-26
| | | | | | | | | | | | Fixes CID1412026. Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
* | pngdec: decode and expose iCCP chunks as side dataRostislav Pehlivanov2017-07-25
| | | | | | | | Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
* | avcodec/pngdec: Use ff_set_dimensions()Michael Niedermayer2017-05-04
| | | | | | | | | | | | | | | | Fixes OOM Fixes: 1314/clusterfuzz-testcase-minimized-4621997222920192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec: do not use AVFrame accessorMuhammad Faiz2017-04-23
| | | | | | | | | | Reviewed-by: wm4 <nfxjfg@googlemail.com> Signed-off-by: Muhammad Faiz <mfcc64@gmail.com>
* | png: set AVFrame flags/fields before calling setup_finished().Ronald S. Bultje2017-04-03
| | | | | | | | | | | | | | | | | | | | | | Fixes tsan warnings in fate-apng: WARNING: ThreadSanitizer: data race (pid=51230) Read of size 4 at 0x7d50000042fc by main thread (mutexes: write M1000): #0 frame_copy_props frame.c:302 (ffmpeg:x86_64+0x1019a35d6) [..] Previous write of size 4 at 0x7d50000042fc by thread T1 (mutexes: write M997): #0 decode_idat_chunk pngdec.c:708 (ffmpeg:x86_64+0x100f5562a)
* | png: split header state and data state in two separate variables.Ronald S. Bultje2017-04-03
| | | | | | | | | | | | | | | | | | | | | | Fixes a reported (but false) race condition in tsan for fate-apng: WARNING: ThreadSanitizer: data race (pid=6274) Read of size 4 at 0x7d680001ec78 by main thread (mutexes: write M1338): #0 update_thread_context src/libavcodec/pngdec.c:1456 (ffmpeg+0x000000dacf0c) [..] Previous write of size 4 at 0x7d680001ec78 by thread T1 (mutexes: write M1335): #0 decode_idat_chunk src/libavcodec/pngdec.c:737 (ffmpeg+0x000000dae951)
* | lavc: use av_fourcc2str() where appropriateClément Bœsch2017-03-29
| |
* | avcodec/pngdec: Fix runtime error: left shift of 152 by 24 places cannot be ↵Michael Niedermayer2017-02-25
| | | | | | | | | | | | | | | | | | represented in type 'int' Fixes: 666/clusterfuzz-testcase-6581447227867136 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-23 18:23:15 +0000