Paul B Mahol:
> On 9/3/20, Andreas Rheinhardt <andreas.rheinha...@gmail.com> wrote:
>> Paul B Mahol:
>>> On 9/3/20, Andreas Rheinhardt <andreas.rheinha...@gmail.com> wrote:
>>>> Paul B Mahol:
>>>>> Signed-off-by: Paul B Mahol <one...@gmail.com>
>>>>> ---
>>>>> libavformat/Makefile | 1 +
>>>>> libavformat/allformats.c | 1 +
>>>>> libavformat/moflex.c | 360 +++++++++++++++++++++++++++++++++++++++
>>>>> 3 files changed, 362 insertions(+)
>>>>> create mode 100644 libavformat/moflex.c
>>>>>
>>>>> diff --git a/libavformat/Makefile b/libavformat/Makefile
>>>>> index cbb33fe37c..1e0ac317e5 100644
>>>>> --- a/libavformat/Makefile
>>>>> +++ b/libavformat/Makefile
>>>>> @@ -319,6 +319,7 @@ OBJS-$(CONFIG_MLV_DEMUXER) += mlvdec.o
>>>>> riffdec.o
>>>>> OBJS-$(CONFIG_MM_DEMUXER) += mm.o
>>>>> OBJS-$(CONFIG_MMF_DEMUXER) += mmf.o
>>>>> OBJS-$(CONFIG_MMF_MUXER) += mmf.o rawenc.o
>>>>> +OBJS-$(CONFIG_MOFLEX_DEMUXER) += moflex.o
>>>>> OBJS-$(CONFIG_MOV_DEMUXER) += mov.o mov_chan.o mov_esds.o
>>>>> replaygain.o
>>>>> OBJS-$(CONFIG_MOV_MUXER) += movenc.o av1.o avc.o hevc.o
>>>>> vpcc.o \
>>>>> movenchint.o mov_chan.o
>>>>> rtp.o
>>>>> \
>>>>> diff --git a/libavformat/allformats.c b/libavformat/allformats.c
>>>>> index 0aa9dd7198..28331facb9 100644
>>>>> --- a/libavformat/allformats.c
>>>>> +++ b/libavformat/allformats.c
>>>>> @@ -249,6 +249,7 @@ extern AVInputFormat ff_mlv_demuxer;
>>>>> extern AVInputFormat ff_mm_demuxer;
>>>>> extern AVInputFormat ff_mmf_demuxer;
>>>>> extern AVOutputFormat ff_mmf_muxer;
>>>>> +extern AVInputFormat ff_moflex_demuxer;
>>>>> extern AVInputFormat ff_mov_demuxer;
>>>>> extern AVOutputFormat ff_mov_muxer;
>>>>> extern AVOutputFormat ff_mp2_muxer;
>>>>> diff --git a/libavformat/moflex.c b/libavformat/moflex.c
>>>>> new file mode 100644
>>>>> index 0000000000..989623396f
>>>>> --- /dev/null
>>>>> +++ b/libavformat/moflex.c
>>>>> @@ -0,0 +1,360 @@
>>>>> +/*
>>>>> + * MOFLEX demuxer
>>>>> + * Copyright (c) 2020 Paul B Mahol
>>>>> + *
>>>>> + * This file is part of FFmpeg.
>>>>> + *
>>>>> + * FFmpeg is free software; you can redistribute it and/or
>>>>> + * modify it under the terms of the GNU Lesser General Public
>>>>> + * License as published by the Free Software Foundation; either
>>>>> + * version 2.1 of the License, or (at your option) any later version.
>>>>> + *
>>>>> + * FFmpeg is distributed in the hope that it will be useful,
>>>>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>>>>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>>>>> + * Lesser General Public License for more details.
>>>>> + *
>>>>> + * You should have received a copy of the GNU Lesser General Public
>>>>> + * License along with FFmpeg; if not, write to the Free Software
>>>>> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
>>>>> 02110-1301 USA
>>>>> + */
>>>>> +
>>>>> +#include "libavcodec/bytestream.h"
>>>>> +
>>>>> +#include "avformat.h"
>>>>> +#include "internal.h"
>>>>> +
>>>>> +typedef struct BitReader {
>>>>> + unsigned last;
>>>>> + unsigned pos;
>>>>> +} BitReader;
>>>>> +
>>>>> +typedef struct MOFLEXDemuxContext {
>>>>> + unsigned size;
>>>>> + int64_t pos;
>>>>> + int64_t ts;
>>>>> + int flags;
>>>>> + int in_block;
>>>>> +
>>>>> + BitReader br;
>>>>> +} MOFLEXDemuxContext;
>>>>> +
>>>>> +static int pop(BitReader *br, AVIOContext *pb)
>>>>> +{
>>>>> + if (avio_feof(pb))
>>>>> + return AVERROR_EOF;
>>>>> +
>>>>> + if ((br->pos & 7) == 0)
>>>>> + br->last = (unsigned)avio_r8(pb) << 24U;
>>>>> + else
>>>>> + br->last <<= 1;
>>>>> +
>>>>> + br->pos++;
>>>>> + return !!(br->last & 0x80000000);
>>>>> +}
>>>>> +
>>>>> +static int pop_int(BitReader *br, AVIOContext *pb, int n)
>>>>> +{
>>>>> + int value = 0;
>>>>> +
>>>>> + for (int i = 0; i < n; i++) {
>>>>> + int ret = pop(br, pb);
>>>>> +
>>>>> + if (ret < 0)
>>>>> + return ret;
>>>>> + value = 2 * value + ret;
>>>>> + }
>>>>> +
>>>>> + return value;
>>>>> +}
>>>>> +
>>>>> +static int pop_length(BitReader *br, AVIOContext *pb)
>>>>> +{
>>>>> + int ret, n = 1;
>>>>> +
>>>>> + while ((ret = pop(br, pb)) == 0)
>>>>> + n++;
>>>>> +
>>>>> + if (ret < 0)
>>>>> + return ret;
>>>>> + return n;
>>>>> +}
>>>>> +
>>>>> +static int read_var_byte(AVFormatContext *s, unsigned *out)
>>>>> +{
>>>>> + AVIOContext *pb = s->pb;
>>>>> + unsigned value = 0, data;
>>>>> +
>>>>> + data = avio_r8(pb);
>>>>> + if (!(data & 0x80)) {
>>>>> + *out = data;
>>>>> + return 0;
>>>>> + }
>>>>> +
>>>>> + value = (data & 0x7F) << 7;
>>>>> + data = avio_r8(pb);
>>>>> + if (!(data & 0x80)) {
>>>>> + value |= data;
>>>>> + *out = value;
>>>>> + return 0;
>>>>> + }
>>>>> +
>>>>> + value = ((data & 0x7F) | value) << 7;
>>>>> + data = avio_r8(pb);
>>>>> + if (!(data & 0x80)) {
>>>>> + value |= data;
>>>>> + *out = value;
>>>>> + return 0;
>>>>> + }
>>>>> +
>>>>> + value = (((data & 0x7F) | value) << 7) | avio_r8(pb);
>>>>> + *out = value;
>>>>> +
>>>>> + return 0;
>>>>> +}
>>>>> +
>>>>> +static int moflex_probe(const AVProbeData *p)
>>>>> +{
>>>>> + GetByteContext gb;
>>>>> + int score = 0;
>>>>> +
>>>>> + bytestream2_init(&gb, p->buf, p->buf_size);
>>>>> +
>>>>> + if (bytestream2_get_be16(&gb) != 0x4C32)
>>>>> + return 0;
>>>>> + score += 10;
>>>>> +
>>>>> + bytestream2_skip(&gb, 10);
>>>>> + if (bytestream2_get_be16(&gb) == 0)
>>>>> + return 0;
>>>>> + score += 5;
>>>>> +
>>>>> + while (bytestream2_get_bytes_left(&gb) > 0) {
>>>>> + int type = bytestream2_get_byte(&gb);
>>>>> + int size = bytestream2_get_byte(&gb);
>>>>> +
>>>>> + if (type == 0) {
>>>>> + score += 5 * (size == 0);
>>>>> + break;
>>>>> + }
>>>>> + if ((type == 1 && size == 12) ||
>>>>> + (type == 2 && size == 6) ||
>>>>> + (type == 3 && size == 13) ||
>>>>> + (type == 4 && size == 2))
>>>>> + score += 20;
>>>>> + bytestream2_skip(&gb, size);
>>>>> + }
>>>>> +
>>>>> + return FFMIN(AVPROBE_SCORE_MAX, score);
>>>>> +}
>>>>> +
>>>>> +static int moflex_read_sync(AVFormatContext *s)
>>>>> +{
>>>>> + MOFLEXDemuxContext *m = s->priv_data;
>>>>> + AVIOContext *pb = s->pb;
>>>>> +
>>>>> + if (avio_rb16(pb) != 0x4C32) {
>>>>> + if (avio_feof(pb))
>>>>> + return AVERROR_EOF;
>>>>> + avio_seek(pb, -2, SEEK_CUR);
>>>>> + return 1;
>>>>> + }
>>>>> +
>>>>> + avio_skip(pb, 2);
>>>>> + m->ts = avio_rb64(pb);
>>>>> + m->size = avio_rb16(pb) + 1;
>>>>> +
>>>>> + while (!avio_feof(pb)) {
>>>>> + unsigned type, ssize, codec_id = 0;
>>>>> + unsigned codec_type, width = 0, height = 0, sample_rate = 0,
>>>>> channels = 0;
>>>>> + int stream_index = -1;
>>>>> + int format;
>>>>> + AVRational fps;
>>>>> +
>>>>> + read_var_byte(s, &type);
>>>>> + read_var_byte(s, &ssize);
>>>>> +
>>>>> + switch (type) {
>>>>> + case 0:
>>>>> + if (ssize > 0)
>>>>> + avio_skip(pb, ssize);
>>>>> + return 0;
>>>>> + case 2:
>>>>> + codec_type = AVMEDIA_TYPE_AUDIO;
>>>>> + stream_index = avio_r8(pb);
>>>>> + codec_id = avio_r8(pb);
>>>>> + switch (codec_id) {
>>>>> + case 0: codec_id = AV_CODEC_ID_FASTAUDIO; break;
>>>>> + case 1: codec_id = AV_CODEC_ID_ADPCM_IMA_MOFLEX; break;
>>>>> + case 2: codec_id = AV_CODEC_ID_PCM_S16LE; break;
>>>>> + default:
>>>>> + av_log(s, AV_LOG_ERROR, "Unsupported audio codec:
>>>>> %d\n",
>>>>> codec_id);
>>>>> + return AVERROR_PATCHWELCOME;
>>>>> + }
>>>>> + sample_rate = avio_rb24(pb) + 1;
>>>>> + channels = avio_r8(pb) + 1;
>>>>> + break;
>>>>> + case 1:
>>>>> + case 3:
>>>>> + codec_type = AVMEDIA_TYPE_VIDEO;
>>>>> + stream_index = avio_r8(pb);
>>>>> + codec_id = avio_r8(pb);
>>>>> + switch (codec_id) {
>>>>> + case 0: codec_id = AV_CODEC_ID_MOBICLIP; break;
>>>>> + default:
>>>>> + av_log(s, AV_LOG_ERROR, "Unsupported video codec:
>>>>> %d\n",
>>>>> codec_id);
>>>>> + return AVERROR_PATCHWELCOME;
>>>>> + }
>>>>> + fps.num = avio_rb16(pb);
>>>>> + fps.den = avio_rb16(pb);
>>>>> + width = avio_rb16(pb);
>>>>> + height = avio_rb16(pb);
>>>>> + format = AV_PIX_FMT_YUV420P;
>>>>> + avio_skip(pb, type == 3 ? 3 : 2);
>>>>> + break;
>>>>> + case 4:
>>>>> + codec_type = AVMEDIA_TYPE_DATA;
>>>>> + stream_index = avio_r8(pb);
>>>>> + avio_skip(pb, 1);
>>>>> + break;
>>>>> + }
>>>>> +
>>>>> + if (stream_index == s->nb_streams) {
>>>>> + AVStream *st = avformat_new_stream(s, NULL);
>>>>> +
>>>>> + if (!st)
>>>>> + return AVERROR(ENOMEM);
>>>>> +
>>>>> + st->codecpar->codec_type = codec_type;
>>>>> + st->codecpar->codec_id = codec_id;
>>>>> + st->codecpar->width = width;
>>>>> + st->codecpar->height = height;
>>>>> + st->codecpar->sample_rate= sample_rate;
>>>>> + st->codecpar->channels = channels;
>>>>> + st->codecpar->format = format;
>>>>> + st->priv_data = av_packet_alloc();
>>>>> + if (!st->priv_data)
>>>>> + return AVERROR(ENOMEM);
>>>>
>>>> If this allocation fails when reading a packet, you end up with a stream
>>>> without priv_data. If the caller decides to call av_read_frame() again,
>>>> you can get a segfault, because the code for reading a packet presumes
>>>> every stream to have an AVPacket as priv_data.
>>>
>>> No this is huge libavformat bug. NULL pointer dereference when appending
>>> packet.
>>>
>>
>> No it is a bug to call it with pkt == NULL.
>
> Nope my code is correct.
>
> av_append_packet is buggy.
>
No, it's not. (If you think it's buggy, then send a patch for it and see
what others have to say about it.)
>>
>>>>
>>>>> +
>>>>> + if (sample_rate)
>>>>> + avpriv_set_pts_info(st, 63, 1, sample_rate);
>>>>> + else
>>>>> + avpriv_set_pts_info(st, 63, fps.den, fps.num);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + return 0;
>>>>> +}
>>>>> +
>>>>> +static int moflex_read_header(AVFormatContext *s)
>>>>> +{
>>>>> + int ret;
>>>>> +
>>>>> + ret = moflex_read_sync(s);
>>>>> + if (ret < 0)
>>>>> + return ret;
>>>>> +
>>>>> + s->ctx_flags |= AVFMTCTX_NOHEADER;
>>>>> + avio_seek(s->pb, 0, SEEK_SET);
>>>>> +
>>>>> + return 0;
>>>>> +}
>>>>> +
>>>>> +static int moflex_read_packet(AVFormatContext *s, AVPacket *pkt)
>>>>> +{
>>>>> + MOFLEXDemuxContext *m = s->priv_data;
>>>>> + AVIOContext *pb = s->pb;
>>>>> + BitReader *br = &m->br;
>>>>> + int ret;
>>>>> +
>>>>> + while (!avio_feof(pb)) {
>>>>> + if (!m->in_block) {
>>>>> + m->pos = avio_tell(pb);
>>>>> +
>>>>> + ret = moflex_read_sync(s);
>>>>> + if (ret < 0)
>>>>> + return ret;
>>>>> +
>>>>> + m->flags = avio_r8(pb);
>>>>> + if (m->flags & 2)
>>>>> + avio_skip(pb, 2);
>>>>> + }
>>>>> +
>>>>> + while ((avio_tell(pb) < m->pos + m->size) && !avio_feof(pb) &&
>>>>> avio_r8(pb)) {
>>>>> + int stream_index, bits, pkt_size, endframe;
>>>>> + AVPacket *packet;
>>>>> +
>>>>> + m->in_block = 1;
>>>>> +
>>>>> + avio_seek(pb, -1, SEEK_CUR);
>>>>> + br->pos = br->last = 0;
>>>>> +
>>>>> + bits = pop_length(br, pb);
>>>>> + if (bits < 0)
>>>>> + return bits;
>>>>> + stream_index = pop_int(br, pb, bits);
>>>>> + if (stream_index < 0)
>>>>> + return stream_index;
>>>>> + if (stream_index >= s->nb_streams)
>>>>> + return AVERROR_INVALIDDATA;
>>>>> +
>>>>> + endframe = pop(br, pb);
>>>>> + if (endframe < 0)
>>>>> + return endframe;
>>>>> + if (endframe) {
>>>>> + bits = pop_length(br, pb);
>>>>> + if (bits < 0)
>>>>> + return bits;
>>>>> + pop_int(br, pb, bits);
>>>>> + pop(br, pb);
>>>>> + bits = pop_length(br, pb);
>>>>> + if (bits < 0)
>>>>> + return bits;
>>>>> + pop_int(br, pb, bits * 2 + 26);
>>>>> + }
>>>>> +
>>>>> + pkt_size = pop_int(br, pb, 13) + 1;
>>>>> + packet = s->streams[stream_index]->priv_data;
>>>>> +
>>>>> + ret = av_append_packet(pb, packet, pkt_size);
>>>>> + if (endframe) {
>>>>> + av_packet_move_ref(pkt, packet);
>>>>> + pkt->pos = m->pos;
>>>>> + pkt->stream_index = stream_index;
>>>>> + pkt->flags |= AV_PKT_FLAG_KEY;
>>>>> + return ret;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + m->in_block = 0;
>>>>> +
>>>>> + if (m->flags % 2 == 0)
>>>>> + avio_seek(pb, m->pos + m->size, SEEK_SET);
>>>>> + }
>>>>> +
>>>>> + return AVERROR_EOF;
>>>>> +}
>>>>> +
>>>>> +static int moflex_read_close(AVFormatContext *s)
>>>>> +{
>>>>> + for (int i = 0; i < s->nb_streams; i++) {
>>>>> + AVPacket *packet = s->streams[i]->priv_data;
>>>>> +
>>>>> + av_packet_free(&packet);
>>>>> + s->streams[i]->priv_data = 0;
>>>>> + }
>>>>> +
>>>>> + return 0;
>>>>> +}
>>>>> +
>>>>> +AVInputFormat ff_moflex_demuxer = {
>>>>> + .name = "moflex",
>>>>> + .long_name = NULL_IF_CONFIG_SMALL("MobiClip MOFLEX"),
>>>>> + .priv_data_size = sizeof(MOFLEXDemuxContext),
>>>>> + .read_probe = moflex_probe,
>>>>> + .read_header = moflex_read_header,
>>>>> + .read_packet = moflex_read_packet,
>>>>> + .read_close = moflex_read_close,
>>>>> + .extensions = "moflex",
>>>>> + .flags = AVFMT_GENERIC_INDEX,
>>>>> +};
>>>>>
>>>>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
