| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
| |
Do this by allocating AVStream together with the data that is
currently in AVStreamInternal; or rather: Put AVStream at the
beginning of a new structure called FFStream (which encompasses
more than just the internal fields and is a proper context in its own
right, hence the name) and remove AVStreamInternal altogether.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
|
|
|
|
|
| |
Propagate the error it returned instead.
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: -682581959642593728 * 16 cannot be represented in type 'long'
Fixes: 37883/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5311691517198336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: -635424002382840000 * 16 cannot be represented in type 'long'
Fixes: 33612/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5704741108711424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
| |
This is possible now that the next-API is gone.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
|
|
|
|
|
|
| |
Fixes: memleak
Fixes: 28686/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5822961932173312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
|
| |
Fixes: Timeout
Fixes: 29550/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5094307193290752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 999999999 * 8 cannot be represented in type 'int'
Fixes: 30048/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5864289917337600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
| |
Those are private fields, no reason to have them exposed in a public
header. Since there are some (semi-)public fields located after these,
even though this section is supposed to be private, keep some dummy
padding there until the next major bump to preserve ABI compatibility.
|
|
|
|
|
|
|
|
| |
Fixes: signed integer overflow: 1394614304 * 2 cannot be represented in type 'int'
Fixes: 23491/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5697377020411904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
|
|
|
|
|
| |
Fixes: null pointer dereference
Fixes: 20768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5638648978735104.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
| |
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
|
|
|
|
|
| |
Reviewed-by: Lauri Kasanen
Reviewed-by: Tomas Härdin
|
|
|
|
|
|
| |
Fixes #6805.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
|
|
|
|
|
|
|
| |
Fixes: loop.mv
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|\
| |
| |
| |
| |
| |
| | |
* commit '83548fe894cdb455cc127f754d09905b6d23c173':
lavf: fix usage of AVIOContext.seekable
Merged-by: James Almer <jamrial@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
It is supposed to be a flag. The only currently defined value is
AVIO_SEEKABLE_NORMAL, but other ones may be added in the future.
However all the current lavf code treats this field as a bool (mainly
for historical reasons).
Change all those cases to properly check for AVIO_SEEKABLE_NORMAL.
|
| |
| |
| |
| |
| |
| |
| | |
A negative sample rate doesn't make sense and triggers assertions in
av_rescale_rnd.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '9200514ad8717c63f82101dc394f4378854325bf':
lavf: replace AVStream.codec with AVStream.codecpar
This has been a HUGE effort from:
- Derek Buitenhuis <derek.buitenhuis@gmail.com>
- Hendrik Leppkes <h.leppkes@gmail.com>
- wm4 <nfxjfg@googlemail.com>
- Clément Bœsch <clement@stupeflix.com>
- James Almer <jamrial@gmail.com>
- Michael Niedermayer <michael@niedermayer.cc>
- Rostislav Pehlivanov <atomnuker@gmail.com>
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, AVStream contains an embedded AVCodecContext instance, which
is used by demuxers to export stream parameters to the caller and by
muxers to receive stream parameters from the caller. It is also used
internally as the codec context that is passed to parsers.
In addition, it is also widely used by the callers as the decoding (when
demuxer) or encoding (when muxing) context, though this has been
officially discouraged since Libav 11.
There are multiple important problems with this approach:
- the fields in AVCodecContext are in general one of
* stream parameters
* codec options
* codec state
However, it's not clear which ones are which. It is consequently
unclear which fields are a demuxer allowed to set or a muxer allowed to
read. This leads to erratic behaviour depending on whether decoding or
encoding is being performed or not (and whether it uses the AVStream
embedded codec context).
- various synchronization issues arising from the fact that the same
context is used by several different APIs (muxers/demuxers,
parsers, bitstream filters and encoders/decoders) simultaneously, with
there being no clear rules for who can modify what and the different
processes being typically delayed with respect to each other.
- avformat_find_stream_info() making it necessary to support opening
and closing a single codec context multiple times, thus
complicating the semantics of freeing various allocated objects in the
codec context.
Those problems are resolved by replacing the AVStream embedded codec
context with a newly added AVCodecParameters instance, which stores only
the stream parameters exported by the demuxers or read by the muxers.
|
| |
| |
| |
| | |
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This check is redundant with the previous commit but it provides
better error messages and feedback while the previous commit
ensures that var_read_string() doesnt return uninitialized arrays
if it itself is feeded with an invalid size possibly through a
different future codepath.
Fixes: asan_heap-oob_49b1e5_12_011.movie
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
| |
| |
| |
| |
| |
| |
| | |
Fixes out of array read
Fixes: asan_heap-oob_49b1e5_12_011.movie
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* commit '55ddd700c67529ff2c6c4e976673f1341bba7a82':
Silicon Graphics Movie demuxer
Conflicts:
Changelog
libavformat/mvdec.c
libavformat/version.h
See: 6fb40779cd3457a819e20d6db91a142c47cad3c2
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
| |
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
|
|
|
|
| |
Signed-off-by: Paul B Mahol <onemda@gmail.com>
|
|
|
|
|
|
|
| |
Prevent null pointer dereference
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
|
|
|
| |
fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
|
|
|
| |
Fixes division by 0
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
| |
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
|
|
|
| |
Fixes division by 0
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
| |
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
Signed-off-by: Peter Ross <pross@xvid.org>
|