| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
Fixes: Timeout
Fixes: 36875/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PICTOR_fuzzer-4842960888922112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
| |
ff_pnm_parser and ff_vp3_parser already hit the current limit;
an addition to the former (to handle pfm) is planned.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Unlike libx264, libx265 does not handle the chroma format check
on its own side, so in order to not write out values which are
supposed to be ignored according to the specification, we limit
the writing out of chroma sample location to 4:2:0 only.
|
| |
|
|
|
|
|
|
| |
Fixes invalid reports of bad lossless crc.
While here make end of stream message into debug level as it is
not really important to user.
Also wait for new major sync frame as invalid concating of files
may produce invalid files, which cause various errors.
|
| |
|
|
| |
Also implement shorten_by in bitstream.
|
| |
|
|
| |
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| |
|
|
| |
Now both current usages utilize an already found descriptor.
|
| | |
|
| |
|
|
| |
Fixes spurious lossless check failures when seeking.
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes: NULL pointer dereference
Fixes: 36342/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-4579188072906752
Fixes: 36344/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-5049579300061184
Fixes: 36345/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-5301149845553152
Fixes: 36374/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-6056312352931840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: Timeout
Fixes: 36262/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-4969052454912000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
| |
Also replace init_get_bits with init_get_bits8().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This results in warnings on compilers which don't support it,
objections were raised during the review process about it but went unnoticed,
and the speed benefit is highly compiler and version specific, and
also not very critical.
We generally hand-write assembly to optimize loops like that, rather
than use compiler magic, and for 40% best case scenario, it's simply
not worth it.
Plus, tree vectorization is still problematic with GCC and disabled by default
for a good reason, so enabling it locally is sketchy.
|
| |
|
|
|
|
| |
As the second argument for init_get_bits(avctx and buf) can be crafted,
a return value check for this function call is necessary,
so replace init_get_bits with init_get_bits8 and add return value check.
|
| |
|
|
|
|
|
|
|
| |
Consider data as invalid if ff_wma_run_level_decode
gets out with an error.
It avoids an unpleasant sound distorsion.
See http://trac.ffmpeg.org/ticket/9358
|
| |
|
|
|
|
|
| |
This way, the calling function can just forward it instead of
making it up.
Signed-off-by: Olivier Crête <olivier.crete@collabora.com>
|
| |
|
|
|
|
|
|
| |
As the second argument for init_get_bits(buf) can be crafted,
a return value check for this function call is necessary.
Also replace init_get_bits with init_get_bits8.
Signed-off-by: Peter Ross <pross@xvid.org>
|
| |
|
|
|
|
|
|
|
|
| |
Do this by allocating AVBSFContext together with the data that is
currently in AVBSFInternal; or rather: Put AVBSFContext at the beginning
of a new structure called FFBSFContext (which encompasses more than just
the internal fields and is a proper context in its own right, hence the
name) and remove the AVBSFInternal altogether.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| |
|
|
|
|
| |
Reordering max_lowres is an ABI break.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| |
|
|
|
|
| |
Fixes regression since 66845cffc3bbb17f91294d15cd6f57f3df3bce97
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
| |
And instead use previous field flag.
Fixes decoding files produced by non-compliant encoders.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This unbreaks the fate-checkasm-hevc_pel test on arm targets.
The assembly assumed that the width passed to the DSP functions is
a multiple of 8, while the checkasm test used other widths too.
This wasn't noticed before, because the hevc_pel checkasm tests
(that were added in 9c513edb7999a35ddcc6e3a8d984a96c8fb492a3 in
January) weren't run as part of fate until in
b492cacffd36ad4cb251ba1f13ac398318ee639a in August.
As this hasn't been an issue in practice with actual full decoding
tests, it seems like the actual decoder doesn't call these functions
with such widths. Therefore, we could alternatively fix the test
to only test things that the real decoder does, and this modification
could be reverted.
Signed-off-by: Martin Storsjö <martin@martin.st>
|
| |
|
|
|
|
| |
reading marker size
Signed-off-by: Shaun Simpson <shauns2029@gmail.com>
|
| |
|
|
|
|
| |
And frames where the end of frame marker is at the end of the buffer.
Signed-off-by: Shaun Simpson <shauns2029@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If slice_type is > 9, the access to ff_h264_golomb_to_pict_type is
out-of-bounds. Fix this by simply setting the slice_type to 0 in this
case.
This is completely inconsequential because the value is only being used
to being used as an offset in the calculation of the film grain seed
value, a corruption of which is practically invisible.
Fixes coverity ticket #1490802
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
| |
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
threads
Some frame threaded decoders set it, but this information never reached the
caller in frame threading scenarios.
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Because we need access to ref frames without film grain applied, we have
to add an extra AVFrame to H264Picture to avoid messing with the
original. This requires some amount of overhead to make the reference
moves work out, but it allows us to benefit from frame multithreading
for film grain application "for free".
Unfortunately, this approach requires twice as much RAM to be constantly
allocated for ref frames, due to the need for an extra buffer per
H264Picture. In theory, we could get away with freeing up this memory as
soon as it's no longer needed (since ref frames do not need film grain
buffers any longer), but trying to call ff_thread_release_buffer() from
output_frame() conflicts with possible later accesses to that same frame
and I'm not sure how to synchronize that well.
Tested on all three cases of (no fg), (fg present but exported) and (fg
present and not exported), with and without threading.
Co-authored-by: James Almer <jamrial@gmail.com>
Signed-off-by: Niklas Haas <git@haasn.dev>
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This could arguably also be a vf, but I decided to put it here since
decoders are technically required to apply film grain during the output
step, and I would rather want to avoid requiring users insert the
correct film grain synthesis filter on their own.
The code, while in C, is written in a way that unrolls/vectorizes fairly
well under -O3, and is reasonably cache friendly. On my CPU, a single
thread pushes about 400 FPS at 1080p.
Apart from hand-written assembly, one possible avenue of improvement
would be to change the access order to compute the grain row-by-row
rather than in 8x8 blocks. This requires some redundant PRNG calls, but
would make the algorithm more cache-oblivious.
The implementation has been written to the wording of SMPTE RDD 5-2006
as faithfully as I can manage. However, apart from passing a visual
inspection, no guarantee of correctness can be made due to the lack of
any publicly available reference implementation against which to
compare it.
Signed-off-by: Niklas Haas <git@haasn.dev>
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From SMPTE RDD 5-2006, the grain seed is to be computed from the
following definition of `pic_offset`:
> When decoding H.264 | MPEG-4 AVC bitstreams, pic_offset is defined as
> follows:
> - pic_offset = PicOrderCnt(CurrPic) + (PicOrderCnt_offset << 5)
> where:
> - PicOrderCnt(CurrPic) is the picture order count of the current frame,
> which shall be derived from [the video stream].
>
> - PicOrderCnt_offset is set to idr_pic_id on IDR frames. idr_pic_id
> shall be read from the slice header of [the video stream]. On non-IDR I
> frames, PicOrderCnt_offset is set to 0. A frame shall be classified as I
> frame when all its slices are I slices, which may be optionally
> designated by setting primary_pic_type to 0 in the access delimiter NAL
> unit. Otherwise, PicOrderCnt_offset it not changed. PicOrderCnt_offset is
> updated in decoding order.
Co-authored-by: James Almer <jamrial@gmail.com>
Signed-off-by: Niklas Haas <git@haasn.dev>
Signed-off-by: James Almer <jamrial@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
this prevents some mismatches in config values for realtime and all
intra modes, avoiding failures like:
[libaom-av1 @ ...] Failed to initialize encoder: Invalid parameter
[libaom-av1 @ ...] Additional information: g_lag_in_frames out of
range [..0]
Signed-off-by: James Zern <jzern@google.com>
|
| |
|
|
|
|
|
| |
This is needed by the AV1-Annex B and AV1-OBU demuxers.
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| |
|
|
|
|
|
|
| |
Fixes: Timeout
Fixes: 35401/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5714401821851648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: out of array read
Fixes: 36341/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6737583085322240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
| |
Fixes: out of array read
Fixes: 36331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-5140494328922112.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Benchmarks: A53 A72
pred8x8_dc_10_c: 64.2 49.5
pred8x8_dc_10_neon: 62.0 53.7
pred8x8_dc_128_10_c: 26.0 14.0
pred8x8_dc_128_10_neon: 30.7 17.5
pred8x8_horizontal_10_c: 60.0 27.7
pred8x8_horizontal_10_neon: 38.0 34.0
pred8x8_left_dc_10_c: 42.5 27.5
pred8x8_left_dc_10_neon: 51.0 41.2
pred8x8_mad_cow_dc_0l0_10_c: 55.7 37.2
pred8x8_mad_cow_dc_0l0_10_neon: 50.2 35.2
pred8x8_mad_cow_dc_0lt_10_c: 89.2 67.0
pred8x8_mad_cow_dc_0lt_10_neon: 52.2 46.7
pred8x8_mad_cow_dc_l0t_10_c: 74.7 51.0
pred8x8_mad_cow_dc_l0t_10_neon: 50.5 45.2
pred8x8_mad_cow_dc_l00_10_c: 58.0 38.0
pred8x8_mad_cow_dc_l00_10_neon: 42.5 37.5
pred8x8_plane_10_c: 354.0 288.7
pred8x8_plane_10_neon: 141.0 101.2
pred8x8_top_dc_10_c: 44.5 30.5
pred8x8_top_dc_10_neon: 40.0 31.0
pred8x8_vertical_10_c: 27.5 14.5
pred8x8_vertical_10_neon: 21.0 17.5
pred16x16_plane_10_c: 1242.0 1070.5
pred16x16_plane_10_neon: 324.0 196.7
Signed-off-by: Mikhail Nitenko <mnitenko@gmail.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Benchmarks: A53 A72
h264_h_loop_filter_chroma422_10bpp_c: 282.7 114.2
h264_h_loop_filter_chroma422_10bpp_neon: 109.5 78.5
h264_h_loop_filter_chroma_10bpp_c: 165.0 81.5
h264_h_loop_filter_chroma_10bpp_neon: 120.0 76.7
h264_h_loop_filter_chroma_intra422_10bpp_c: 323.7 124.2
h264_h_loop_filter_chroma_intra422_10bpp_neon: 155.0 102.7
h264_h_loop_filter_chroma_intra_10bpp_c: 121.0 49.5
h264_h_loop_filter_chroma_intra_10bpp_neon: 79.7 53.7
h264_h_loop_filter_chroma_mbaff422_10bpp_c: 188.5 75.0
h264_h_loop_filter_chroma_mbaff422_10bpp_neon: 120.0 75.5
h264_h_loop_filter_chroma_mbaff_intra422_10bpp_c: 116.7 46.0
h264_h_loop_filter_chroma_mbaff_intra422_10bpp_neon: 79.7 53.7
h264_h_loop_filter_chroma_mbaff_intra_10bpp_c: 63.0 27.2
h264_h_loop_filter_chroma_mbaff_intra_10bpp_neon: 48.5 34.0
h264_v_loop_filter_chroma_10bpp_c: 258.7 135.5
h264_v_loop_filter_chroma_10bpp_neon: 71.2 51.0
h264_v_loop_filter_chroma_intra_10bpp_c: 158.0 70.7
h264_v_loop_filter_chroma_intra_10bpp_neon: 48.7 31.5
Signed-off-by: Mikhail Nitenko <mnitenko@gmail.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
|
| |
|
|
|
|
|
|
| |
transpose_4x8H was declared in vp9lpf_16bpp_neon, however this macro is
not unique to vp9 and could be used elsewhere.
Signed-off-by: Mikhail Nitenko <mnitenko@gmail.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use an uint32_t for the NAL unit size of an AVC H.264 NAL unit instead
of an int as a left shift of a signed value is undefined behaviour
if the result doesn't fit into the target type.
Also make the log message never output negative lengths.
Fixes: left shift of 16711968 by 8 places cannot be represented in type 'int'
Fixes: 36601/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6581933285965824
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes https://trac.ffmpeg.org/ticket/8903
relevant https://github.com/msys2/MINGW-packages/discussions/9258
Signed-off-by: Christopher Degawa <ccom@randomderp.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Unlike libx264, libx265 does not have a separate "unspecified"/"auto"
default for color range, so we do always have to specify it.
Thus, we are required to handle the RGB case on the libavcodec
side to enable the correct value to be written out in in case
of RGB content with unspecified color range being received.
In other words:
1. If the user has set color range specifically, follow that.
2. If the user has not set color range specifically, set full
range by default in case of RGB and YUVJ pixel formats.
|
| |
|
|
|
|
|
|
|
| |
By default the x264 full range flag is set to -1. By not setting
it to something else, we can let libx264 handle the RGB case.
Additionally, change the preference order to user-specified range
first, and then any fall-back logic left for the YUVJ pix_fmts.
Fixes the capture part of #9374
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Fixes: MemLeak
Fixes: 8281
Fixes: PoC_option158.jpg
Fixes: CVE-2020-22037
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
