summaryrefslogtreecommitdiff
path: root/libavformat
Commit message (Collapse)AuthorAge
* lavf/http: treat 308 as 301Robin Cooksey2021-01-25
| | | | | | | FFmpeg does not support POST, so there is no difference between a 308 and 301 request (see [RFC7538] section 3). Signed-off-by: Josh Dekker <josh@itanimul.li>
* avformat/asfdec_o: Check for EOF in asf_read_marker()Michael Niedermayer2021-01-25
| | | | | | | | Fixes: Timeout Fixes: 26460/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-5710884393189376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/rtpdec: Constify RTPDynamicProtocolHandlersAndreas Rheinhardt2021-01-24
| | | | | | Also constify the list of pointers to said RTPDynamicProtocolHandlers. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/rtpdec: Remove next pointer from Protocol HandlersAndreas Rheinhardt2021-01-24
| | | | | | | | | Forgotten in 61974537610d82bd35b6e3ac91ccd270c6bdc711 (notice that RTPDynamicProtocolHandler is not a public struct, so one can remove the linked-list pointer immediately (unlike in most other patches of this kind)). Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/hlsenc: EXT-X-I-FRAMES-ONLY requires version 4 or higherZhao Zhili2021-01-24
|
* avformat/hls: change sequence number type to int64_tZhao Zhili2021-01-24
| | | | | | | | Fix atoi() overflow for large EXT-X-MEDIA-SEQUENCE. The spec says the type of sequence number is uint64_t. Use int64_t here since current implementation requires it to be signed integer, and hlsenc use int64_t too.
* avformat/swf: add support for reading and writing VP6A and Flash Screen ↵Marton Balint2021-01-23
| | | | | | Video codecs Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/swfenc: add support for muxing png imagesMarton Balint2021-01-23
| | | | Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/swfenc: fix generation of FileAttributes tagMarton Balint2021-01-23
| | | | Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/flvdec: Use av_sat_add64() for pts computationMichael Niedermayer2021-01-23
| | | | | | | | Fixes: signed integer overflow: -9223372036854767583 + -65536 cannot be represented in type 'long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_FLV_fuzzer-6734549467922432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/utils: Check dts - (1<<pts_wrap_bits) overflowMichael Niedermayer2021-01-23
| | | | | | | | Fixes: signed integer overflow: -9223372036842389247 - 2147483648 cannot be represented in type 'long long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_FLV_fuzzer-4845007531671552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/bfi: Check chunk_headerMichael Niedermayer2021-01-23
| | | | | | | | Fixes: signed integer overflow: -2147483648 - 3 cannot be represented in type 'int' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_BFI_fuzzer-6665764123836416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/ads: Check sizeMichael Niedermayer2021-01-23
| | | | | | | | Fixes: signed integer overflow: -2147483616 - 64 cannot be represented in type 'int' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_ADS_fuzzer-6617769344892928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/iff: Check block align also for ID_MAUDMichael Niedermayer2021-01-23
| | | | | | | | | Fixes: Timeout & OOM Fixes: 28701/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-5185094964871168 Fixes: 29116/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-4874284795297792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/fitsdec: Better size checksMichael Niedermayer2021-01-23
| | | | | | | | | | Fixes: out of array access Fixes: 26819/clusterfuzz-testcase-minimized-ffmpeg_dem_FITS_fuzzer-5634559355650048 Fixes: 26820/clusterfuzz-testcase-minimized-ffmpeg_dem_FITS_fuzzer-5760774955597824 Fixes: 27379/clusterfuzz-testcase-minimized-ffmpeg_dem_FITS_fuzzer-5129775942991872.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mxfdec: Fix integer overflow in next position in mxf_read_local_tags()Michael Niedermayer2021-01-23
| | | | | | | | Fixes: signed integer overflow: 9223372036854775723 + 8192 cannot be represented in type 'long' Fixes: 29072/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4812604904177664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/async: Use AVERROR macroLimin Wang2021-01-22
| | | | Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
* avformat/avidec: dv does not support palettesMichael Niedermayer2021-01-21
| | | | | | | | Fixes: memleak Fixes: 26937/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5763003338981376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/dhav: Break out of infinite dhav search loopMichael Niedermayer2021-01-21
| | | | | | | | Fixes: Infinite loop Fixes: 26922/clusterfuzz-testcase-minimized-ffmpeg_dem_DHAV_fuzzer-5794549613723648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libavformat/utils: consider avio_size() failure in ffio_limit()Michael Niedermayer2021-01-21
| | | | | | | | Fixes: Timeout (>20sec -> 3ms) Fixes: 26918/clusterfuzz-testcase-minimized-ffmpeg_dem_THP_fuzzer-5750425191710720 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/nistspheredec: Check bits_per_coded_sample and channelsMichael Niedermayer2021-01-21
| | | | | | | | Fixes: signed integer overflow: 80 * 92233009 cannot be represented in type 'int' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_NISTSPHERE_fuzzer-6669100654919680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/paf: Do not zero allocated tables which are immedeately filledMichael Niedermayer2021-01-21
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/asfdec_o: Check size vs. offset in detect_unknown_subobject()Michael Niedermayer2021-01-20
| | | | | | | | | | | Fixes: signed integer overflow: 2314885530818453566 + 7503032301549264928 cannot be represented in type 'long' Fixes: 26639/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-6024222100684800 Alternatively this could be ignored but then the end condition of the loop would be hard to reach as avio_tell() is int64_t Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/utils: check for integer overflow in av_get_frame_filename2()Michael Niedermayer2021-01-20
| | | | | | | | Fixes: signed integer overflow: 317316873 * 10 cannot be represented in type 'int' Fixes: 24708/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5731180885049344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* All: update names in copyright headersrcombs2021-01-20
|
* avformat/id3v2: Check against max compression ratio before allocationMichael Niedermayer2021-01-19
| | | | | | | | Fixes: Timeout (>10sec -> 12ms) Fixes: 27612/clusterfuzz-testcase-minimized-ffmpeg_dem_PCM_S24BE_fuzzer-6605893000757248 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/avidec: Use av_sat_sub64() in check_stream_max_drift()Michael Niedermayer2021-01-19
| | | | | | | | | Fixes: signed integer overflow: 8833900919969684211 - -9223372036854775808 cannot be represented in type 'long' Fixes: 26726/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5669377724383232 Fixes: 27587/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6294562263531520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Check a.size before computing next_root_atomMichael Niedermayer2021-01-19
| | | | | | | | Fixes: signed integer overflow: 64 + 9223372036854775799 cannot be represented in type 'long' Fixes: 27563/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6244650163372032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/sbgdec: Reduce the amount of floating point in str_to_time()Michael Niedermayer2021-01-19
| | | | | | | | | Fixes: 1e+75 is outside the range of representable values of type 'long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6626834808700928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Nicolas George <george@nsup.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/rtsp: correctly set media control uri with mpegtstpol2021-01-17
| | | | | | | | | | | | | | | | Fixes #1941 Currently the media control uri is not correctly assigned when mpegts is signalled in the media description. The code checks whether at least one AVStream has been setup before assigning to the media's uri. With mpegts the AVStreams are setup when parsing packets and so the media's uri is skipped. This is fixed by using rt->nb_rtsp_streams in the check which counts all medias in the sdp. Reviewed-by: Andriy Gelman <andriy.gelman@gmail.com> Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
* avformat/hlsenc: reindent the codeLimin Wang2021-01-16
| | | | Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
* avformat/udp: add memory alloc checksLimin Wang2021-01-16
| | | | | Reviewed-by: Marton Balint <cus@passwd.hu> Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
* avformat/udp: return the error code instead of generic EIOLimin Wang2021-01-16
| | | | | Reviewed-by: Marton Balint <cus@passwd.hu> Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
* movenc: Present durations in mvhd/tkhd/mdhd as they are after editsMartin Storsjö2021-01-15
| | | | | | | | | | | | | | | | | | | | | If the edit lists remove parts of the output timeline, or add a delay to it, this should be included in the mvhd/tkhd/mdhd durations, which should correspond to the edit lists. For tracks starting with pts < 0, the edit list trims out the segment before pts=0. For tracks starting with pts > 0, a delay element is added in the edit list, delaying the start of the track data. In both cases, the practical effect is that the post-edit output is as if the track had started with pts = 0. Thus calculate the range from pts=0 to end_pts, for the purposes of mvhd/tkhd/mdhd, unless edit lists explicitly are disabled. mov_write_edts_tag needs to operate on the actual pts duration of the track samples, not the duration that already takes the edit list effect into account. Signed-off-by: Martin Storsjö <martin@martin.st>
* avformat/dhav: Fix incorrect non-DHAV chunk skipping logicIdan Freiberg2021-01-14
| | | | | | | | | | DAV files may contain a variable length padding in between chunks filled with 0xff bytes. The current skipping logic is incorrect as it may skip over DHAV chunks not appearing sequentially in the file. We now look for the 'DHAV' tag using a byte-by-byte search in order to handle such situations. Also the dhav->last_good_pos field will not be updated while skipping unrecognized data.
* avformat/allformats: test pointer to be usedAlexisWilke2021-01-12
| | | | | | | | Two tests check the opposite pointer before using it. If only one of these is set to a valid pointer, one of these functions will crash, the other will ignore the pointer. Signed-off-by: James Almer <jamrial@gmail.com>
* avformat/mxfdec: Free all types for both DescriptorsMichael Niedermayer2021-01-11
| | | | | | | | | Fixes: memleak Fixes: 26352/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5201158714687488 Suggested-by: Tomas Härdin <tjoppen@acc.umu.se> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/utils: wrap_timestamp() is only needed for less than 64 bitsMichael Niedermayer2021-01-11
| | | | | | | | | Fixes: shift exponent 64 is too large for 64-bit type 'unsigned long long' Fixes: 26497/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5690188355076096 Fixes: 26903/clusterfuzz-testcase-minimized-ffmpeg_dem_LUODAT_fuzzer-5641466929741824 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/aaxdec: Check string before strcmp()Michael Niedermayer2021-01-11
| | | | | | | | Fixes: NULL ptr dereference Fixes: 26508/clusterfuzz-testcase-minimized-ffmpeg_dem_AAX_fuzzer-5694725249826816 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* uavformat/rsd: check for EOF in extradataMichael Niedermayer2021-01-11
| | | | | | | | Fixes: OOM Fixes: 26503/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-6530816735444992 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat: remove some mpegts details from AVStreamMarton Balint2021-01-09
| | | | | | | | | | | | | | | | These fields were added to support -merge_pmt_versions, but the mpegts demuxer is also keeping track its programs internally, so that should be a better place to handle it. Also it is not a very good idea to keep fields like program_num or pmt_stream_idx in an AVStream, because a single stream can be part of multiple programs, multiple PMTs, so the stream attributes can refer to any program the stream is part of. Since they are not part of public API, lets simply remove them, or rather replace them with placeholders for ABI compatibility with libavdevice. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/mpegts: use stream index based lookup with merge_pmt_versions if ↵Marton Balint2021-01-09
| | | | | | | | | | | | | | stream identifier matches multiple streams Also make sure we are checking the old state of the streams because otherwise some streams might already have the newly parsed stream identifiers which corrupts matching. Fixes streams having the same identifier mixed up on pmt version change. Fixes ticket #9006. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/mpegts: only clear programs which no longer exist or have a new PMTMarton Balint2021-01-09
| | | | | | | | | | | Otherwise there can be a small period when the programs only contain the PMT pid. Also make sure skip_clear only affects AVProgram clear, and that pmt_pid is always kept as the first entry of the PID list of the programs. Also reject PMTs for programs on the wrong PID. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/mpegts: rework clearing and adding pid to programMarton Balint2021-01-09
| | | | | | And use better function names. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/mpegts: never discard PAT pidMarton Balint2021-01-09
| | | | | | | | PID 0 was removed from the pid list when then PMT was parsed, it is better to explictly avoid it from being discarded instead of keeing it in the list of every program. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/utils: do not overwrite already existing program with defaults in ↵Marton Balint2021-01-09
| | | | | | | | | av_new_program av_new_program returns the existing program if that already exists, in that case it makes no sense to overwrite existing attributes. Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/mov: adjust skip_samples according to seek timestampMatthieu Bouron2021-01-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently skip_samples is set to start_pad if sample_time is lesser or equal to 0. This can cause issues if the stream starts with packets that have negative pts. Calling avformat_seek_file() with ts set to 0 on such streams makes the mov demuxer return the right corresponding packets (near the 0 timestamp) but set skip_samples to start_pad which is incorrect as the audio decoder will discard the returned samples according to skip_samples from the first packet it receives (which has its timestamp near 0). For example, considering the following audio stream with start_pad=1344: [PKT pts=-1344] [PKT pts=-320] [PKT pts=704] [PKT pts=1728] [...] Calling avformat_seek_file() with ts=0 makes the next call to av_read_frame() return the packet with pts=-320 and a skip samples side data set to 1344 (start_pad). This makes the audio decoder incorrectly discard (1344 - 320) samples. This commit makes the move demuxer adjust skip_samples according to the stream start_pad, seek timestamp and first sample timestamp. The above example will now result in av_read_frame() still returning the packet with pts=-320 but with a skip samples side data set to 320 (src_pad - (seek_timestamp - first_timestamp)). This makes the audio decoder only discard 320 samples (from pts=-320 to pts=0). Signed-off-by: Marton Balint <cus@passwd.hu>
* avformat/dhav: Check position for overflowMichael Niedermayer2021-01-08
| | | | | | | | Fixes: signed integer overflow: 9223372036854775807 + 32768 cannot be represented in type 'long' Fixes: 27744/clusterfuzz-testcase-minimized-ffmpeg_dem_DHAV_fuzzer-5179319491756032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/utils: Change compute_chapters_end() from O(n²) to O(n log n)Michael Niedermayer2021-01-08
| | | | | | | | Fixes: Timeout (49sec -> 9sec) Fixes: 27427/clusterfuzz-testcase-minimized-ffmpeg_dem_FFMETADATA_fuzzer-5140589838073856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/hashenc: Deduplicate (stream)hash optionsAndreas Rheinhardt2021-01-08
| | | | | | Also saves relocations. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-14 02:09:39 +0000