[FFmpeg-cvslog] avfilter/formats: allow unknown channel layouts by default
ffmpeg | branch: master | Marton Balint | Tue Nov 22 00:40:50
2016 +0100| [7ceb9e6b11824ff18f424a35e41fbddf545d1238] | committer: Marton
Balint
avfilter/formats: allow unknown channel layouts by default
Since the default in the libav fork is to only allow known layouts, making
unknown layouts allowed by default here can be a security risk for filters
directly merged from libav. However, usually it is simple to detect such cases,
use of av_get_channel_layout_nb_channels is a good indicator, so I suggest we
change this regardless.
See http://ffmpeg.org/pipermail/ffmpeg-devel/2016-November/203204.html.
This patch indirectly adds unknown channel layout support for filters where
query_formats is not specified:
abench
afifo
ainterleave
anullsink
apad
aperms
arealtime
aselect
asendcmd
asetnsamples
asetpts
asettb
ashowinfo
azmq
It introduces a query_formats callback for the asyncts filter, which only
supports known channel layouts since it is using libavresample.
And it removes .query_formats callback from filters where it was only there to
support unknown layouts, as this is now the default:
aloop
ametadata
anull
asidedata
asplit
atrim
Acked-by: Nicolas George
Signed-off-by: Marton Balint
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7ceb9e6b11824ff18f424a35e41fbddf545d1238
---
libavfilter/af_anull.c | 1 -
libavfilter/af_asyncts.c | 1 +
libavfilter/f_loop.c | 1 -
libavfilter/f_metadata.c | 1 -
libavfilter/f_sidedata.c | 1 -
libavfilter/formats.c| 6 +++---
libavfilter/formats.h| 12 +---
libavfilter/split.c | 1 -
libavfilter/trim.c | 1 -
9 files changed, 9 insertions(+), 16 deletions(-)
diff --git a/libavfilter/af_anull.c b/libavfilter/af_anull.c
index fff456e..1d0af45 100644
--- a/libavfilter/af_anull.c
+++ b/libavfilter/af_anull.c
@@ -46,7 +46,6 @@ static const AVFilterPad avfilter_af_anull_outputs[] = {
AVFilter ff_af_anull = {
.name = "anull",
.description = NULL_IF_CONFIG_SMALL("Pass the source unchanged to the
output."),
-.query_formats = ff_query_formats_all,
.inputs= avfilter_af_anull_inputs,
.outputs = avfilter_af_anull_outputs,
};
diff --git a/libavfilter/af_asyncts.c b/libavfilter/af_asyncts.c
index 22559a1..a33e0dd 100644
--- a/libavfilter/af_asyncts.c
+++ b/libavfilter/af_asyncts.c
@@ -317,6 +317,7 @@ AVFilter ff_af_asyncts = {
.uninit = uninit,
.priv_size = sizeof(ASyncContext),
.priv_class = &asyncts_class,
+.query_formats = ff_query_formats_all_layouts,
.inputs = avfilter_af_asyncts_inputs,
.outputs = avfilter_af_asyncts_outputs,
};
diff --git a/libavfilter/f_loop.c b/libavfilter/f_loop.c
index 69bfb10..5a32807 100644
--- a/libavfilter/f_loop.c
+++ b/libavfilter/f_loop.c
@@ -233,7 +233,6 @@ AVFilter ff_af_aloop = {
.priv_size = sizeof(LoopContext),
.priv_class= &aloop_class,
.uninit= auninit,
-.query_formats = ff_query_formats_all,
.inputs= ainputs,
.outputs = aoutputs,
};
diff --git a/libavfilter/f_metadata.c b/libavfilter/f_metadata.c
index 24deccf..1f613ec 100644
--- a/libavfilter/f_metadata.c
+++ b/libavfilter/f_metadata.c
@@ -373,7 +373,6 @@ AVFilter ff_af_ametadata = {
.priv_class= &ametadata_class,
.init = init,
.uninit= uninit,
-.query_formats = ff_query_formats_all,
.inputs= ainputs,
.outputs = aoutputs,
.flags = AVFILTER_FLAG_SUPPORT_TIMELINE_GENERIC,
diff --git a/libavfilter/f_sidedata.c b/libavfilter/f_sidedata.c
index 4863cc9..45d246b 100644
--- a/libavfilter/f_sidedata.c
+++ b/libavfilter/f_sidedata.c
@@ -139,7 +139,6 @@ AVFilter ff_af_asidedata = {
.priv_size = sizeof(SideDataContext),
.priv_class= &asidedata_class,
.init = init,
-.query_formats = ff_query_formats_all,
.inputs= ainputs,
.outputs = aoutputs,
.flags = AVFILTER_FLAG_SUPPORT_TIMELINE_GENERIC,
diff --git a/libavfilter/formats.c b/libavfilter/formats.c
index 20f45e3..840780d 100644
--- a/libavfilter/formats.c
+++ b/libavfilter/formats.c
@@ -596,12 +596,12 @@ static int default_query_formats_common(AVFilterContext
*ctx,
int ff_default_query_formats(AVFilterContext *ctx)
{
-return default_query_formats_common(ctx, ff_all_channel_layouts);
+return default_query_formats_common(ctx, ff_all_channel_counts);
}
-int ff_query_formats_all(AVFilterContext *ctx)
+int ff_query_formats_all_layouts(AVFilterContext *ctx)
{
-return default_query_formats_common(ctx, ff_all_channel_counts);
+return default_query_formats_common(ctx, ff_all_channel_layouts);
}
/* internal functions for parsing audio format arguments */
diff --git a/libavfilter/formats.h b/libavfilter/formats.h
index 77981f5..870809b 100644
--- a/libavfilter/formats.h
+++ b/libavfilter/formats.h
@@ -186,15 +186,13 @@ void ff_channel_layouts_changeref(AVFilterChannelL
[FFmpeg-cvslog] avfilter/af_atempo: add support for unknown channel layouts
ffmpeg | branch: master | Marton Balint | Sat Dec 3 20:02:24
2016 +0100| [bffc2bcd753563af7ebbb534b31bab2a2f249cc0] | committer: Marton
Balint
avfilter/af_atempo: add support for unknown channel layouts
Reviewed-by: Nicolas George
Signed-off-by: Marton Balint
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bffc2bcd753563af7ebbb534b31bab2a2f249cc0
---
libavfilter/af_atempo.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/af_atempo.c b/libavfilter/af_atempo.c
index d5d29b3..59b08ec 100644
--- a/libavfilter/af_atempo.c
+++ b/libavfilter/af_atempo.c
@@ -1014,7 +1014,7 @@ static int query_formats(AVFilterContext *ctx)
};
int ret;
-layouts = ff_all_channel_layouts();
+layouts = ff_all_channel_counts();
if (!layouts) {
return AVERROR(ENOMEM);
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avfilter/af_channelmap: add support for unknown input channel layouts
ffmpeg | branch: master | Marton Balint | Sat Dec 3 20:02:47
2016 +0100| [01a19f77caa42a7be5cd40c4b020c550e7065fe0] | committer: Marton
Balint
avfilter/af_channelmap: add support for unknown input channel layouts
Reviewed-by: Nicolas George
Signed-off-by: Marton Balint
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=01a19f77caa42a7be5cd40c4b020c550e7065fe0
---
libavfilter/af_channelmap.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/libavfilter/af_channelmap.c b/libavfilter/af_channelmap.c
index dcae2a2..cdd8a58 100644
--- a/libavfilter/af_channelmap.c
+++ b/libavfilter/af_channelmap.c
@@ -291,7 +291,7 @@ static int channelmap_query_formats(AVFilterContext *ctx)
AVFilterChannelLayouts *channel_layouts = NULL;
int ret;
-layouts = ff_all_channel_layouts();
+layouts = ff_all_channel_counts();
if (!layouts) {
ret = AVERROR(ENOMEM);
goto fail;
@@ -316,7 +316,7 @@ static int channelmap_filter_frame(AVFilterLink *inlink,
AVFrame *buf)
AVFilterContext *ctx = inlink->dst;
AVFilterLink *outlink = ctx->outputs[0];
const ChannelMapContext *s = ctx->priv;
-const int nch_in =
av_get_channel_layout_nb_channels(inlink->channel_layout);
+const int nch_in = inlink->channels;
const int nch_out = s->nch;
int ch;
uint8_t *source_planes[MAX_CH];
@@ -363,7 +363,7 @@ static int channelmap_config_input(AVFilterLink *inlink)
{
AVFilterContext *ctx = inlink->dst;
ChannelMapContext *s = ctx->priv;
-int nb_channels =
av_get_channel_layout_nb_channels(inlink->channel_layout);
+int nb_channels = inlink->channels;
int i, err = 0;
const char *channel_name;
char layout_name[256];
@@ -378,7 +378,7 @@ static int channelmap_config_input(AVFilterLink *inlink)
if (m->in_channel_idx < 0 || m->in_channel_idx >= nb_channels) {
av_get_channel_layout_string(layout_name, sizeof(layout_name),
- 0, inlink->channel_layout);
+ nb_channels, inlink->channel_layout);
if (m->in_channel) {
channel_name = av_get_channel_name(m->in_channel);
av_log(ctx, AV_LOG_ERROR,
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avfilter/af_ashowinfo: properly show input channel layout for unknown channel layouts
ffmpeg | branch: master | Marton Balint | Sat Dec 3 20:06:14 2016 +0100| [df694a5e9d40bdae734c8bb9523c13722b38ebe5] | committer: Marton Balint avfilter/af_ashowinfo: properly show input channel layout for unknown channel layouts Reviewed-by: Nicolas George Signed-off-by: Marton Balint > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=df694a5e9d40bdae734c8bb9523c13722b38ebe5 --- libavfilter/af_ashowinfo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavfilter/af_ashowinfo.c b/libavfilter/af_ashowinfo.c index ba600cb..a81729f 100644 --- a/libavfilter/af_ashowinfo.c +++ b/libavfilter/af_ashowinfo.c @@ -199,7 +199,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *buf) s->plane_checksums[0]; } -av_get_channel_layout_string(chlayout_str, sizeof(chlayout_str), -1, +av_get_channel_layout_string(chlayout_str, sizeof(chlayout_str), av_frame_get_channels(buf), buf->channel_layout); av_log(ctx, AV_LOG_INFO, ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] opus_parser: make ParseContext the first element in OpusParseContext
ffmpeg | branch: master | Andreas Cadhalpun
| Fri Dec 9 00:01:35 2016 +0100| [c085f1a7e1030aabd175c8438dab7ca6fad9e98f] |
committer: Andreas Cadhalpun
opus_parser: make ParseContext the first element in OpusParseContext
ff_parse_close expects priv_data to be the ParseContext directly and
thus doesn't work if it isn't at the beginning of OpusParseContext.
Reviewed-by: Hendrik Leppkes
Signed-off-by: Andreas Cadhalpun
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c085f1a7e1030aabd175c8438dab7ca6fad9e98f
---
libavcodec/opus_parser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/opus_parser.c b/libavcodec/opus_parser.c
index c30fd7b..893573e 100644
--- a/libavcodec/opus_parser.c
+++ b/libavcodec/opus_parser.c
@@ -31,10 +31,10 @@
#include "parser.h"
typedef struct OpusParseContext {
+ParseContext pc;
OpusContext ctx;
OpusPacket pkt;
int extradata_parsed;
-ParseContext pc;
int ts_framing;
} OpusParseContext;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] opus_parser: fix leaking channel_maps on error
ffmpeg | branch: master | Andreas Cadhalpun
| Fri Dec 9 00:00:18 2016 +0100| [7d3baebe408cb7377dbb6fa1a7fd285e8e366440] |
committer: Andreas Cadhalpun
opus_parser: fix leaking channel_maps on error
Make ff_opus_parse_extradata free allocated memory on error instead of
expecting callers to free it in that case.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7d3baebe408cb7377dbb6fa1a7fd285e8e366440
---
libavcodec/opus.c| 1 +
libavcodec/opusdec.c | 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/opus.c b/libavcodec/opus.c
index 08d94b6..1eeb92c 100644
--- a/libavcodec/opus.c
+++ b/libavcodec/opus.c
@@ -403,6 +403,7 @@ av_cold int ff_opus_parse_extradata(AVCodecContext *avctx,
} else if (idx >= streams + stereo_streams) {
av_log(avctx, AV_LOG_ERROR,
"Invalid channel map for output channel %d: %d\n", i, idx);
+av_freep(&s->channel_maps);
return AVERROR_INVALIDDATA;
}
diff --git a/libavcodec/opusdec.c b/libavcodec/opusdec.c
index ec793c6..329f784 100644
--- a/libavcodec/opusdec.c
+++ b/libavcodec/opusdec.c
@@ -646,7 +646,6 @@ static av_cold int opus_decode_init(AVCodecContext *avctx)
/* find out the channel configuration */
ret = ff_opus_parse_extradata(avctx, c);
if (ret < 0) {
-av_freep(&c->channel_maps);
av_freep(&c->fdsp);
return ret;
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
Re: [FFmpeg-cvslog] avfilter/vf_hwupload_cuda: Add min/max limits for the 'device' option
2016-12-08 11:28 GMT+01:00 Srinath K R : > ffmpeg | branch: release/3.1 | Srinath K R | Sat Dec 3 > 17:26:40 2016 +0530| [8a4b18c639b536d08926c96810a4d9628f422c9d] | committer: > Timo Rothenpieler > > avfilter/vf_hwupload_cuda: Add min/max limits for the 'device' option Please backport regression and security fixes. Be careful with bug fixes in general, they tend to introduce regressions. New features are generally not acceptable imo. Carl Eugen ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] configure: Require bit_depth field for VAAPI VP9 decode hwaccel
ffmpeg | branch: master | Mark Thompson | Thu Dec 8 19:29:14 2016 +| [db7271bff2a6ad1890c9fd95e8126082bbeab9c7] | committer: Mark Thompson configure: Require bit_depth field for VAAPI VP9 decode hwaccel libva versions from 1.6.0 to 1.6.2 do not include it, and therefore cannot work with VP9 profile >= 2. Fixes ticket #6003. > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=db7271bff2a6ad1890c9fd95e8126082bbeab9c7 --- configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure b/configure index 21ec552..810e7ab 100755 --- a/configure +++ b/configure @@ -2689,7 +2689,7 @@ vp9_dxva2_hwaccel_deps="dxva2 DXVA_PicParams_VP9" vp9_dxva2_hwaccel_select="vp9_decoder" vp9_mediacodec_decoder_deps="mediacodec" vp9_mediacodec_hwaccel_deps="mediacodec" -vp9_vaapi_hwaccel_deps="vaapi VADecPictureParameterBufferVP9" +vp9_vaapi_hwaccel_deps="vaapi VADecPictureParameterBufferVP9_bit_depth" vp9_vaapi_hwaccel_select="vp9_decoder" wmv3_crystalhd_decoder_select="crystalhd" wmv3_d3d11va_hwaccel_select="vc1_d3d11va_hwaccel" @@ -5610,7 +5610,7 @@ check_type "windows.h d3d11.h" "ID3D11VideoContext" check_type "d3d9.h dxva2api.h" DXVA2_ConfigPictureDecode -D_WIN32_WINNT=0x0602 check_type "va/va.h" "VAPictureParameterBufferHEVC" -check_type "va/va.h" "VADecPictureParameterBufferVP9" +check_struct "va/va.h" "VADecPictureParameterBufferVP9" bit_depth check_type "va/va.h va/va_vpp.h" "VAProcPipelineParameterBuffer" check_type "va/va.h va/va_enc_h264.h" "VAEncPictureParameterBufferH264" check_type "va/va.h va/va_enc_hevc.h" "VAEncPictureParameterBufferHEVC" ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] libavcodec/tests: Add avpacket test to .gitignore
ffmpeg | branch: master | Derek Buitenhuis | Fri Dec 9 15:22:52 2016 +| [51c673a0d703d2daa359ed6c9b87e5f75e2dbec2] | committer: Derek Buitenhuis libavcodec/tests: Add avpacket test to .gitignore Signed-off-by: Derek Buitenhuis > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=51c673a0d703d2daa359ed6c9b87e5f75e2dbec2 --- libavcodec/tests/.gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/tests/.gitignore b/libavcodec/tests/.gitignore index d8ab947..0ab0296 100644 --- a/libavcodec/tests/.gitignore +++ b/libavcodec/tests/.gitignore @@ -1,4 +1,5 @@ /avfft +/avpacket /cabac /dct /fft ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] [ffmpeg-web] branch master updated. bfe73eb web/security: Add CVEs found on the oss security list and some forgotten ones
The branch, master has been updated via bfe73ebe61fd2f7c8293743dd73a5d983c669d41 (commit) from 07127e905489dcc22eb1cb27ec58464b1fc38ccf (commit) - Log - commit bfe73ebe61fd2f7c8293743dd73a5d983c669d41 Author: Michael Niedermayer AuthorDate: Sat Dec 10 16:57:38 2016 +0100 Commit: Michael Niedermayer CommitDate: Sat Dec 10 17:06:06 2016 +0100 web/security: Add CVEs found on the oss security list and some forgotten ones Signed-off-by: Michael Niedermayer diff --git a/src/security b/src/security index e6a69ae..87ceb74 100644 --- a/src/security +++ b/src/security @@ -8,17 +8,40 @@ Fixes following vulnerabilities: CVE-2016-5199, 347cb14b7cba7560e53f4434b419b9d8800253e7 +CVE-2016-7122, e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43 +CVE-2016-7450, a5af1240fce845f645440364c1335e0f8e44ee6c +CVE-2016-7502, 0e318f110bcd6bb8e7de9127f2747272e60f48d7 +CVE-2016-7555, b98dafe04564d5fe3e5bf5073d871dd93a4a62de +CVE-2016-7562, 69449da436169e7facaa6d1f3bcbc41cf6ce2754 +CVE-2016-7785, 14bac7e00d72eac687612d9b125e585011a56d4f +CVE-2016-7905, 2679ad4773aa356e7c3da5c68bc81f02a194617f +CVE-2016-8595, 987690799dd86433bf98b897aaa4c8d93ade646d FFmpeg 3.1 +3.1.5 + +Fixes following vulnerabilities: + + +CVE-2016-8595, 08eef74a39d73bec80d4a12f0eaca6a3602a2024 / 987690799dd86433bf98b897aaa4c8d93ade646 + + 3.1.4 Fixes following vulnerabilities: CVE-2016-5199, 7a3dc2f7b6c2fbe62aeed7839e736db395a6f76a / 347cb14b7cba7560e53f4434b419b9d8800253e7 +CVE-2016-7122, ed38046c5c2e3b310980be32287179895c83e0d8 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43 +CVE-2016-7450, ac8ac46641adef208485baebc3734463bf0bd266 / a5af1240fce845f645440364c1335e0f8e44ee6c +CVE-2016-7502, 9d738e6968757d4e70c8e07e0b720ac0004accc4 / 0e318f110bcd6bb8e7de9127f2747272e60f48d7 +CVE-2016-7555, 8834e080c20d3d23c3ffe779371359f9b9b835ec / b98dafe04564d5fe3e5bf5073d871dd93a4a62de +CVE-2016-7562, 496267f8e9ec218351e4359e1fde48722d4fc804 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754 +CVE-2016-7785, c8c5f66b42edc37474baa5cb51460cbf6f33075b / 14bac7e00d72eac687612d9b125e585011a56d4f +CVE-2016-7905, 622ccbd8ab894e3ac6cdf607e3d4f39e406786e9 / 2679ad4773aa356e7c3da5c68bc81f02a194617f 3.1.3 @@ -55,6 +78,12 @@ Fixes following vulnerabilities: CVE-2016-5199, 9259b7f38e008720096532cd4e666a9889f3c578 / 347cb14b7cba7560e53f4434b419b9d8800253e7 +CVE-2016-7450, 9357aa67572ce630267144ecd923c643a0982617 / a5af1240fce845f645440364c1335e0f8e44ee6c +CVE-2016-7502, 63f951601e75051085b85e8034989ee8a7dcff1d / 0e318f110bcd6bb8e7de9127f2747272e60f48d7 +CVE-2016-7555, fb7617df4eb13659fa20cb535888c10eac0fdb77 / b98dafe04564d5fe3e5bf5073d871dd93a4a62de +CVE-2016-7562, e5bf7ab3e7c6432da47958105ac59ee2681d3198 / 69449da436169e7facaa6d1f3bcbc41cf6ce2754 +CVE-2016-7785, 77d5a237ef6803e3b5a138fdee10bf1f62e4a7d7 / 14bac7e00d72eac687612d9b125e585011a56d4f +CVE-2016-7905, 8c43f320574d201fe1b696b133c08368f5f18508 / 2679ad4773aa356e7c3da5c68bc81f02a194617f 3.0.3 @@ -64,11 +93,23 @@ Fixes following vulnerabilities: CVE-2016-6164, a5680d83af26d4e6cfb9fe2eb8f51247bf36a41f / 8a3221cc67a516dfc1700bdae3566ec52c7ee823 CVE-2016-6881, ca92adafb0effac6c51a12f90a593ba7e8b3ee90 / a453bbb68f3eec202673728988bba3bc76071761 +CVE-2016-7122, 1d90326f95a791db515f69a01a5f6ef867896d15 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43 FFmpeg 2.8 +2.8.9 + +Fixes following vulnerabilities: + + +CVE-2016-7502, 69b00a7fb6faa1b19b5687a5762ff4f94d5ff9aa / 0e318f110bcd6bb8e7de9127f2747272e60f48d7 +CVE-2016-7785, a772613100514842008271c8d0e5d63a6979f9bf / 14bac7e00d72eac687612d9b125e585011a56d4f +CVE-2016-7905, 239f75d6c3dfbe4def80a12913d5737dd5a5bbcc / 2679ad4773aa356e7c3da5c68bc81f02a194617f +CVE-2016-7562, ab737ab31d4f126ed5a13a6a0498824141925108 / 69449da436169e7facaa6d1f3bcbc41cf6ce275 + + 2.8.8 Fixes following vulnerabilities: @@ -76,6 +117,8 @@ Fixes following vulnerabilities: CVE-2016-6164, 054db631200c9940bc72e4dec2cb3c75e613abaf / 8a3221cc67a516dfc1700bdae3566ec52c7ee823 CVE-2016-6881, e965fedf7e94b7e50cd11be00fa729ee8faeb21b / a453bbb68f3eec202673728988bba3bc76071761 +CVE-2016-7122, 8ddeae57ae727966ac7588cf34ff56558fe3ffd1 / e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43 +CVE-2016-7450, f8dcc9e7189709c68829b0fa7a98941fdf916d68 / a5af1240fce845f645440364c1335e0f8e44ee6c 2.8.6 --- Summary of changes: src/security | 43 +++ 1 file changed, 43 insertions(+) hooks/post-receive -- ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] configure: enable autodetected libraries after option parsing
ffmpeg | branch: master | Andreas Cadhalpun | Wed Nov 30 23:49:35 2016 +0100| [4c455664930470727000c7a8b2d550ec29f512e3] | committer: Andreas Cadhalpun configure: enable autodetected libraries after option parsing And only enable them, if they haven't been disabled. This is needed for the following patch. Signed-off-by: Andreas Cadhalpun > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4c455664930470727000c7a8b2d550ec29f512e3 --- configure | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/configure b/configure index 50877bb..04fa06c 100755 --- a/configure +++ b/configure @@ -3238,15 +3238,6 @@ enable valgrind_backtrace sws_max_filter_size_default=256 set_default sws_max_filter_size -# Enable platform codecs by default. -enable audiotoolbox - -# Enable hwaccels by default. -enable d3d11va dxva2 vaapi vda vdpau videotoolbox_hwaccel xvmc -enable xlib - -enable cuda cuvid nvenc vda_framework videotoolbox videotoolbox_encoder - # build settings SHFLAGS='-shared -Wl,-soname,$$(@F)' LIBPREF="lib" @@ -3492,6 +3483,15 @@ for e in $env; do eval "export $e" done +# Enable platform codecs by default. +enable_weak audiotoolbox + +# Enable hwaccels by default. +enable_weak d3d11va dxva2 vaapi vda vdpau videotoolbox_hwaccel xvmc +enable_weak xlib + +enable_weak cuda cuvid nvenc vda_framework videotoolbox videotoolbox_encoder + disabled logging && logfile=/dev/null # Disable all the library-specific components if the library itself ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] configure: enable sdl if sdl2 is enabled
ffmpeg | branch: master | Andreas Cadhalpun
| Wed Nov 30 23:47:54 2016 +0100| [c50d591ce2a6dc9d0c31fb651edeb167add7c3fc] |
committer: Andreas Cadhalpun
configure: enable sdl if sdl2 is enabled
sdl is supposed to be an alias, so it should have the same value.
Signed-off-by: Andreas Cadhalpun
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c50d591ce2a6dc9d0c31fb651edeb167add7c3fc
---
configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure b/configure
index 810e7ab..50877bb 100755
--- a/configure
+++ b/configure
@@ -5894,7 +5894,7 @@ if ! disabled sdl2; then
sdl2_libs="$sdl2_libs -mconsole"
fi
fi
-enabled sdl2 && add_cflags $sdl2_cflags && add_extralibs $sdl2_libs
+enabled sdl2 && enable sdl && add_cflags $sdl2_cflags && add_extralibs
$sdl2_libs
disabled securetransport || { check_func SecIdentityCreate
"-Wl,-framework,CoreFoundation -Wl,-framework,Security" &&
check_lib2 "Security/SecureTransport.h Security/Security.h"
"SSLCreateContext SecItemImport" "-Wl,-framework,CoreFoundation
-Wl,-framework,Security" &&
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] configure: fail if autodetect-libraries are requested but not found
ffmpeg | branch: master | Andreas Cadhalpun
| Wed Nov 30 23:50:17 2016 +0100| [8aad209c13c2a66a9256e37d7f44b5f9f19b13b2] |
committer: Andreas Cadhalpun
configure: fail if autodetect-libraries are requested but not found
Signed-off-by: Andreas Cadhalpun
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8aad209c13c2a66a9256e37d7f44b5f9f19b13b2
---
Changelog | 1 +
configure | 78 +--
2 files changed, 57 insertions(+), 22 deletions(-)
diff --git a/Changelog b/Changelog
index 603c009..37fbb36 100644
--- a/Changelog
+++ b/Changelog
@@ -7,6 +7,7 @@ version :
- Pro-MPEG CoP #3-R2 FEC protocol
- premultiply video filter
- Support for spherical videos
+- configure now fails if autodetect-libraries are requested but not found
version 3.2:
- libopenmpt demuxer
diff --git a/configure b/configure
index 04fa06c..2fd6daf 100755
--- a/configure
+++ b/configure
@@ -597,6 +597,13 @@ popvar(){
done
}
+request(){
+for var in $*; do
+eval ${var}_requested=yes
+eval $var=
+done
+}
+
enable(){
set_all yes $*
}
@@ -653,6 +660,11 @@ enable_deep_weak(){
done
}
+requested(){
+test "${1#!}" = "$1" && op='=' || op=!=
+eval test "x\$${1#!}_requested" $op "xyes"
+}
+
enabled(){
test "${1#!}" = "$1" && op='=' || op=!=
eval test "x\$${1#!}" $op "xyes"
@@ -724,9 +736,9 @@ do_check_deps(){
[ -n "$dep_ifa" ] && { enabled_all $dep_ifa && enable_weak $cfg; }
[ -n "$dep_ifn" ] && { enabled_any $dep_ifn && enable_weak $cfg; }
-enabled_all $dep_all || disable $cfg
-enabled_any $dep_any || disable $cfg
-disabled_any $dep_sel && disable $cfg
+enabled_all $dep_all || { disable $cfg && requested $cfg && die
"ERROR: $cfg requested, but not all dependencies are satisfied: $dep_all"; }
+enabled_any $dep_any || { disable $cfg && requested $cfg && die
"ERROR: $cfg requested, but not any dependency is satisfied: $dep_any"; }
+disabled_any $dep_sel && { disable $cfg && requested $cfg && die
"ERROR: $cfg requested, but some selected dependency is unsatisfied: $dep_sel";
}
if enabled $cfg; then
enable_deep $dep_sel
@@ -1481,10 +1493,25 @@ EXAMPLE_LIST="
transcode_aac_example
transcoding_example
"
+EXTERNAL_AUTODETECT_LIBRARY_LIST="
+bzlib
+iconv
+libxcb
+libxcb_shm
+libxcb_shape
+libxcb_xfixes
+lzma
+schannel
+sdl
+sdl2
+securetransport
+xlib
+zlib
+"
EXTERNAL_LIBRARY_LIST="
+$EXTERNAL_AUTODETECT_LIBRARY_LIST
avisynth
-bzlib
chromaprint
crystalhd
decklink
@@ -1492,7 +1519,6 @@ EXTERNAL_LIBRARY_LIST="
gcrypt
gmp
gnutls
-iconv
jni
ladspa
libass
@@ -1545,42 +1571,26 @@ EXTERNAL_LIBRARY_LIST="
libx264
libx265
libxavs
-libxcb
-libxcb_shm
-libxcb_shape
-libxcb_xfixes
libxvid
libzimg
libzmq
libzvbi
-lzma
mediacodec
netcdf
openal
opencl
opengl
openssl
-schannel
-sdl
-sdl2
-securetransport
videotoolbox
x11grab
-xlib
-zlib
"
-
-HWACCEL_LIBRARY_LIST="
+HWACCEL_AUTODETECT_LIBRARY_LIST="
audiotoolbox
cuda
cuvid
d3d11va
dxva2
-libmfx
-libnpp
-mmal
nvenc
-omx
vaapi
vda
vdpau
@@ -1588,6 +1598,14 @@ HWACCEL_LIBRARY_LIST="
xvmc
"
+HWACCEL_LIBRARY_LIST="
+$HWACCEL_AUTODETECT_LIBRARY_LIST
+libmfx
+libnpp
+mmal
+omx
+"
+
DOCUMENT_LIST="
doc
htmlpages
@@ -1684,6 +1702,12 @@ ATOMICS_LIST="
atomics_win32
"
+AUTODETECT_LIBS="
+$EXTERNAL_AUTODETECT_LIBRARY_LIST
+$HWACCEL_AUTODETECT_LIBRARY_LIST
+$THREADS_LIST
+"
+
ARCH_LIST="
aarch64
alpha
@@ -3483,6 +3507,11 @@ for e in $env; do
eval "export $e"
done
+# Mark specifically enabled, but normally autodetected libraries as requested.
+for lib in $AUTODETECT_LIBS; do
+enabled $lib && request $lib
+done
+
# Enable platform codecs by default.
enable_weak audiotoolbox
@@ -6399,6 +6428,11 @@ if disabled stdatomic_h; then
fi
fi
+# Check if requested libraries were found.
+for lib in $AUTODETECT_LIBS; do
+requested $lib && ! enabled $lib && die "ERROR: $lib requested but not
found";
+done
+
enabled zlib && add_cppflags -DZLIB_CONST
# conditional library dependencies, in linking order
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avutil: Add av_image_check_size2()
ffmpeg | branch: master | Michael Niedermayer | Sat
Dec 10 21:05:14 2016 +0100| [f542b152aa2086b30d1089162d79f5c136905c0c] |
committer: Michael Niedermayer
avutil: Add av_image_check_size2()
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f542b152aa2086b30d1089162d79f5c136905c0c
---
doc/APIchanges | 3 +++
libavutil/imgutils.c | 29 -
libavutil/imgutils.h | 14 ++
libavutil/version.h | 2 +-
4 files changed, 42 insertions(+), 6 deletions(-)
diff --git a/doc/APIchanges b/doc/APIchanges
index 0cdb4cf..fbeae7a 100644
--- a/doc/APIchanges
+++ b/doc/APIchanges
@@ -15,6 +15,9 @@ libavutil: 2015-08-28
API changes, most recent first:
+2016-12-10 - xxx - lavu xx.xx.100- imgutils.h
+ Add av_image_check_size2()
+
2016-xx-xx - xxx - lavc 57.67.100 / 57.29.0 - avcodec.h
Add AV_PKT_DATA_SPHERICAL packet side data to export AVSphericalMapping
information from containers.
diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c
index 37808e5..cc410ab 100644
--- a/libavutil/imgutils.c
+++ b/libavutil/imgutils.c
@@ -248,19 +248,38 @@ static const AVClass imgutils_class = {
.parent_log_context_offset = offsetof(ImgUtils, log_ctx),
};
-int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx)
{
ImgUtils imgutils = {
.class = &imgutils_class,
.log_offset = log_offset,
.log_ctx= log_ctx,
};
+int64_t stride = av_image_get_linesize(pix_fmt, w, 0);
+if (stride <= 0)
+stride = 8LL*w;
+stride += 128*8;
-if ((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/8)
-return 0;
+if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX ||
stride*(uint64_t)(h+128) >= INT_MAX) {
+av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w,
h);
+return AVERROR(EINVAL);
+}
-av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h);
-return AVERROR(EINVAL);
+if (max_pixels < INT64_MAX) {
+if (w*(int64_t)h > max_pixels) {
+av_log(&imgutils, AV_LOG_ERROR,
+"Picture size %ux%u exceeds specified max pixel count
%"PRId64", see the documentation if you wish to increase it\n",
+w, h, max_pixels);
+return AVERROR(EINVAL);
+}
+}
+
+return 0;
+}
+
+int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+{
+return av_image_check_size2(w, h, INT64_MAX, AV_PIX_FMT_NONE, log_offset,
log_ctx);
}
int av_image_check_sar(unsigned int w, unsigned int h, AVRational sar)
diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h
index 23282a3..19f34de 100644
--- a/libavutil/imgutils.h
+++ b/libavutil/imgutils.h
@@ -192,6 +192,20 @@ int av_image_copy_to_buffer(uint8_t *dst, int dst_size,
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx);
/**
+ * Check if the given dimension of an image is valid, meaning that all
+ * bytes of the image can be addressed with a signed int.
+ *
+ * @param w the width of the picture
+ * @param h the height of the picture
+ * @param max_pixels the maximum number of pixels the user wants to accept
+ * @param pix_fmt the pixel format, can be AV_PIX_FMT_NONE if unknown.
+ * @param log_offset the offset to sum to the log level for logging with
log_ctx
+ * @param log_ctx the parent logging context, it may be NULL
+ * @return >= 0 if valid, a negative error code otherwise
+ */
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx);
+
+/**
* Check if the given sample aspect ratio of an image is valid.
*
* It is considered invalid if the denominator is 0 or if applying the ratio
diff --git a/libavutil/version.h b/libavutil/version.h
index 301c11b..9f8c4c2 100644
--- a/libavutil/version.h
+++ b/libavutil/version.h
@@ -79,7 +79,7 @@
*/
#define LIBAVUTIL_VERSION_MAJOR 55
-#define LIBAVUTIL_VERSION_MINOR 42
+#define LIBAVUTIL_VERSION_MINOR 43
#define LIBAVUTIL_VERSION_MICRO 100
#define LIBAVUTIL_VERSION_INT AV_VERSION_INT(LIBAVUTIL_VERSION_MAJOR, \
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] fate: add av_image_check_size() test
ffmpeg | branch: master | Michael Niedermayer | Sat
Dec 10 21:39:56 2016 +0100| [1b39a30247111d854ce296d9fb4539e5840a9ae4] |
committer: Michael Niedermayer
fate: add av_image_check_size() test
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1b39a30247111d854ce296d9fb4539e5840a9ae4
---
libavutil/Makefile | 1 +
libavutil/tests/imgutils.c | 37 +++
tests/fate/libavutil.mak | 4
tests/ref/fate/imgutils| 55 ++
4 files changed, 97 insertions(+)
diff --git a/libavutil/Makefile b/libavutil/Makefile
index 6474a30..a8c0882 100644
--- a/libavutil/Makefile
+++ b/libavutil/Makefile
@@ -202,6 +202,7 @@ TESTPROGS = adler32
\
float_dsp \
hash\
hmac\
+imgutils\
lfg \
lls \
log \
diff --git a/libavutil/tests/imgutils.c b/libavutil/tests/imgutils.c
new file mode 100644
index 000..e51ecc6
--- /dev/null
+++ b/libavutil/tests/imgutils.c
@@ -0,0 +1,37 @@
+/*
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "libavutil/imgutils.c"
+
+#undef printf
+
+int main(void)
+{
+int i;
+int64_t x, y;
+
+for (y = -1; y= 0);
+}
+printf("\n");
+}
+
+return 0;
+}
diff --git a/tests/fate/libavutil.mak b/tests/fate/libavutil.mak
index 0ab6fc5..82fe9a2 100644
--- a/tests/fate/libavutil.mak
+++ b/tests/fate/libavutil.mak
@@ -88,6 +88,10 @@ FATE_LIBAVUTIL += fate-hmac
fate-hmac: libavutil/tests/hmac$(EXESUF)
fate-hmac: CMD = run libavutil/tests/hmac
+FATE_LIBAVUTIL += fate-imgutils
+fate-imgutils: libavutil/tests/imgutils$(EXESUF)
+fate-imgutils: CMD = run libavutil/tests/imgutils
+
FATE_LIBAVUTIL += fate-md5
fate-md5: libavutil/tests/md5$(EXESUF)
fate-md5: CMD = run libavutil/tests/md5
diff --git a/tests/ref/fate/imgutils b/tests/ref/fate/imgutils
new file mode 100644
index 000..aba4822
--- /dev/null
+++ b/tests/ref/fate/imgutils
@@ -0,0 +1,55 @@
+000
+000
+0011000
+0011000
+0011000
+0011000
+0011000
+0011000
+0011000
+0011000
+001
+001
+000
+000
+0011100
+0011000
+0011000
+001
+000
+0011100
+0011000
+001
+000
+0011100
+0011000
+001
+000
+0011100
+0011000
+001
+000
+001110
[FFmpeg-cvslog] avcodec: Add max_pixels options
ffmpeg | branch: master | Michael Niedermayer | Sat
Dec 10 21:40:44 2016 +0100| [2f07830e69bd14eaba348eb739b9503e7eb7cd4b] |
committer: Michael Niedermayer
avcodec: Add max_pixels options
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f07830e69bd14eaba348eb739b9503e7eb7cd4b
---
doc/codecs.texi | 4
libavcodec/avcodec.h | 8
libavcodec/options_table.h | 1 +
libavcodec/utils.c | 12 ++--
tests/ref/fate/api-mjpeg-codec-param | 2 ++
tests/ref/fate/api-png-codec-param | 2 ++
6 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/doc/codecs.texi b/doc/codecs.texi
index ca7c523..9a3a56d 100644
--- a/doc/codecs.texi
+++ b/doc/codecs.texi
@@ -1272,6 +1272,10 @@ ffprobe -dump_separator "
" -i ~/videos/matrixbench_mpeg2.mpg
@end example
+@item max_pixels @var{integer} (@emph{decoding/encoding,video})
+Maximum number of pixels per image. This value can be used to avoid out of
+memory failures due to large images.
+
@end table
@c man end CODEC OPTIONS
diff --git a/libavcodec/avcodec.h b/libavcodec/avcodec.h
index 7ac2ada..02234ae 100644
--- a/libavcodec/avcodec.h
+++ b/libavcodec/avcodec.h
@@ -3570,6 +3570,14 @@ typedef struct AVCodecContext {
*/
int trailing_padding;
+/**
+ * The number of pixels per image to maximally accept.
+ *
+ * - decoding: set by user
+ * - encoding: set by user
+ */
+int64_t max_pixels;
+
} AVCodecContext;
AVRational av_codec_get_pkt_timebase (const AVCodecContext *avctx);
diff --git a/libavcodec/options_table.h b/libavcodec/options_table.h
index ee79859..3fe7925 100644
--- a/libavcodec/options_table.h
+++ b/libavcodec/options_table.h
@@ -570,6 +570,7 @@ static const AVOption avcodec_options[] = {
{"codec_whitelist", "List of decoders that are allowed to be used",
OFFSET(codec_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, A|V|S|D },
{"pixel_format", "set pixel format", OFFSET(pix_fmt), AV_OPT_TYPE_PIXEL_FMT,
{.i64=AV_PIX_FMT_NONE}, -1, INT_MAX, 0 },
{"video_size", "set video size", OFFSET(width), AV_OPT_TYPE_IMAGE_SIZE,
{.str=NULL}, 0, INT_MAX, 0 },
+{"max_pixels", "Maximum number of pixels", OFFSET(max_pixels),
AV_OPT_TYPE_INT64, {.i64 = INT_MAX }, 0, INT_MAX, A|V|S|D|E },
{NULL},
};
diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index 89a12c6..44ecc09 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
@@ -209,7 +209,7 @@ void avcodec_set_dimensions(AVCodecContext *s, int width,
int height)
int ff_set_dimensions(AVCodecContext *s, int width, int height)
{
-int ret = av_image_check_size(width, height, 0, s);
+int ret = av_image_check_size2(width, height, s->max_pixels,
AV_PIX_FMT_NONE, 0, s);
if (ret < 0)
width = height = 0;
@@ -904,7 +904,7 @@ static int get_buffer_internal(AVCodecContext *avctx,
AVFrame *frame, int flags)
int ret;
if (avctx->codec_type == AVMEDIA_TYPE_VIDEO) {
-if ((ret = av_image_check_size(avctx->width, avctx->height, 0, avctx))
< 0 || avctx->pix_fmt<0) {
+if ((ret = av_image_check_size2(avctx->width, avctx->height,
avctx->max_pixels, AV_PIX_FMT_NONE, 0, avctx)) < 0 || avctx->pix_fmt<0) {
av_log(avctx, AV_LOG_ERROR, "video_get_buffer: image parameters
invalid\n");
return AVERROR(EINVAL);
}
@@ -1338,8 +1338,8 @@ int attribute_align_arg avcodec_open2(AVCodecContext
*avctx, const AVCodec *code
}
if ((avctx->coded_width || avctx->coded_height || avctx->width ||
avctx->height)
-&& ( av_image_check_size(avctx->coded_width, avctx->coded_height, 0,
avctx) < 0
- || av_image_check_size(avctx->width, avctx->height, 0,
avctx) < 0)) {
+&& ( av_image_check_size2(avctx->coded_width, avctx->coded_height,
avctx->max_pixels, AV_PIX_FMT_NONE, 0, avctx) < 0
+ || av_image_check_size2(avctx->width, avctx->height,
avctx->max_pixels, AV_PIX_FMT_NONE, 0, avctx) < 0)) {
av_log(avctx, AV_LOG_WARNING, "Ignoring invalid width/height
values\n");
ff_set_dimensions(avctx, 0, 0);
}
@@ -1982,7 +1982,7 @@ int attribute_align_arg
avcodec_encode_video2(AVCodecContext *avctx,
return 0;
}
-if (av_image_check_size(avctx->width, avctx->height, 0, avctx))
+if (av_image_check_size2(avctx->width, avctx->height, avctx->max_pixels,
AV_PIX_FMT_NONE, 0, avctx))
return AVERROR(EINVAL);
if (frame && frame->format == AV_PIX_FMT_NONE)
@@ -2233,7 +2233,7 @@ int attribute_align_arg
avcodec_decode_video2(AVCodecContext *avctx, AVFrame *pi
}
*got_picture_ptr = 0;
-if ((avctx->coded_width || avctx->coded_height) &&
av_image_check_size(avctx->coded_width, avctx->coded_height, 0, avctx))
+if ((avctx->coded_width || avctx->coded_height) &&
av_image_check_size2(avctx->coded_wid
[FFmpeg-cvslog] avutil/tests: run the cpu_init.c test conditionally on HAVE_THREADS
ffmpeg | branch: master | Wan-Teh Chang | Tue
Dec 6 11:00:02 2016 -0800| [3703f1e24540a5ef132e7b2a9c0ded7e4531] |
committer: James Almer
avutil/tests: run the cpu_init.c test conditionally on HAVE_THREADS
Suggested by Diego Biurrun and James Almer.
Signed-off-by: Wan-Teh Chang
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3703f1e24540a5ef132e7b2a9c0ded7e4531
---
libavutil/Makefile | 2 +-
libavutil/tests/cpu_init.c | 7 ---
tests/fate/libavutil.mak | 2 +-
3 files changed, 2 insertions(+), 9 deletions(-)
diff --git a/libavutil/Makefile b/libavutil/Makefile
index a8c0882..9841645 100644
--- a/libavutil/Makefile
+++ b/libavutil/Makefile
@@ -190,7 +190,6 @@ TESTPROGS = adler32
\
camellia\
color_utils \
cpu \
-cpu_init\
crc \
des \
dict\
@@ -226,6 +225,7 @@ TESTPROGS = adler32
\
tea \
TESTPROGS-$(HAVE_LZO1X_999_COMPRESS) += lzo
+TESTPROGS-$(HAVE_THREADS) += cpu_init
TOOLS = crypto_bench ffhash ffeval ffescape
diff --git a/libavutil/tests/cpu_init.c b/libavutil/tests/cpu_init.c
index 87c6002..a379e47 100644
--- a/libavutil/tests/cpu_init.c
+++ b/libavutil/tests/cpu_init.c
@@ -24,12 +24,9 @@
#include
#include
-#include "config.h"
-
#include "libavutil/cpu.h"
#include "libavutil/thread.h"
-#if HAVE_PTHREADS
static void *thread_main(void *arg)
{
int *flags = arg;
@@ -37,12 +34,9 @@ static void *thread_main(void *arg)
*flags = av_get_cpu_flags();
return NULL;
}
-#endif
-
int main(void)
{
-#if HAVE_PTHREADS
int cpu_flags1;
int cpu_flags2;
int ret;
@@ -66,7 +60,6 @@ int main(void)
return 2;
if (cpu_flags1 != cpu_flags2)
return 3;
-#endif
return 0;
}
diff --git a/tests/fate/libavutil.mak b/tests/fate/libavutil.mak
index 82fe9a2..06f968c 100644
--- a/tests/fate/libavutil.mak
+++ b/tests/fate/libavutil.mak
@@ -44,7 +44,7 @@ fate-cpu: libavutil/tests/cpu$(EXESUF)
fate-cpu: CMD = runecho libavutil/tests/cpu $(CPUFLAGS:%=-c%) $(THREADS:%=-t%)
fate-cpu: REF = /dev/null
-FATE_LIBAVUTIL += fate-cpu_init
+FATE_LIBAVUTIL-$(HAVE_THREADS) += fate-cpu_init
fate-cpu_init: libavutil/tests/cpu_init$(EXESUF)
fate-cpu_init: CMD = run libavutil/tests/cpu_init
fate-cpu_init: REF = /dev/null
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avutil/cpu_init: remove unnecessary arguments to the main() function
ffmpeg | branch: master | Wan-Teh Chang | Tue
Dec 6 11:00:01 2016 -0800| [8986885801fbd6e7d5440c8e5cb03d5d2745298c] |
committer: James Almer
avutil/cpu_init: remove unnecessary arguments to the main() function
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8986885801fbd6e7d5440c8e5cb03d5d2745298c
---
libavutil/tests/cpu_init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavutil/tests/cpu_init.c b/libavutil/tests/cpu_init.c
index 5a5ecda..87c6002 100644
--- a/libavutil/tests/cpu_init.c
+++ b/libavutil/tests/cpu_init.c
@@ -40,7 +40,7 @@ static void *thread_main(void *arg)
#endif
-int main(int argc, char **argv)
+int main(void)
{
#if HAVE_PTHREADS
int cpu_flags1;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] ffplay: fix sws_scale possible out of bounds array access
ffmpeg | branch: master | Marton Balint | Sat Dec 10 12:46:54
2016 +0100| [1f3910262e1b9091f597ebbb710b478d40319986] | committer: Marton
Balint
ffplay: fix sws_scale possible out of bounds array access
As I used simple RGBA formats for subtitles and for the video texture if
avfilter is disabled I kind of assumed that sws_scale won't access data
pointers and strides above index 0, but apparently that is not the case.
Fixes Coverity CID 1396737, 1396738, 1396739, 1396740.
Reviewed-by: Michael Niedermayer
Signed-off-by: Marton Balint
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1f3910262e1b9091f597ebbb710b478d40319986
---
ffplay.c | 16
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/ffplay.c b/ffplay.c
index bb781a2..911fd7f 100644
--- a/ffplay.c
+++ b/ffplay.c
@@ -883,11 +883,11 @@ static int upload_texture(SDL_Texture *tex, AVFrame
*frame, struct SwsContext **
frame->width, frame->height, frame->format, frame->width,
frame->height,
AV_PIX_FMT_BGRA, sws_flags, NULL, NULL, NULL);
if (*img_convert_ctx != NULL) {
-uint8_t *pixels;
-int pitch;
-if (!SDL_LockTexture(tex, NULL, (void **)&pixels, &pitch)) {
+uint8_t *pixels[4];
+int pitch[4];
+if (!SDL_LockTexture(tex, NULL, (void **)pixels, pitch)) {
sws_scale(*img_convert_ctx, (const uint8_t * const
*)frame->data, frame->linesize,
- 0, frame->height, &pixels, &pitch);
+ 0, frame->height, pixels, pitch);
SDL_UnlockTexture(tex);
}
} else {
@@ -913,8 +913,8 @@ static void video_image_display(VideoState *is)
if (vp->pts >= sp->pts + ((float) sp->sub.start_display_time /
1000)) {
if (!sp->uploaded) {
-uint8_t *pixels;
-int pitch;
+uint8_t* pixels[4];
+int pitch[4];
int i;
if (!sp->width || !sp->height) {
sp->width = vp->width;
@@ -939,9 +939,9 @@ static void video_image_display(VideoState *is)
av_log(NULL, AV_LOG_FATAL, "Cannot initialize
the conversion context\n");
return;
}
-if (!SDL_LockTexture(is->sub_texture, (SDL_Rect
*)sub_rect, (void **)&pixels, &pitch)) {
+if (!SDL_LockTexture(is->sub_texture, (SDL_Rect
*)sub_rect, (void **)pixels, pitch)) {
sws_scale(is->sub_convert_ctx, (const uint8_t
* const *)sub_rect->data, sub_rect->linesize,
- 0, sub_rect->h, &pixels, &pitch);
+ 0, sub_rect->h, pixels, pitch);
SDL_UnlockTexture(is->sub_texture);
}
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] ffplay: fix sws_scale possible out of bounds array access
ffmpeg | branch: release/3.2 | Marton Balint | Sat Dec 10
12:46:54 2016 +0100| [47e47cfb0797a2af051b86e8c02fc7479c6845f0] | committer:
Marton Balint
ffplay: fix sws_scale possible out of bounds array access
As I used simple RGBA formats for subtitles and for the video texture if
avfilter is disabled I kind of assumed that sws_scale won't access data
pointers and strides above index 0, but apparently that is not the case.
Fixes Coverity CID 1396737, 1396738, 1396739, 1396740.
Reviewed-by: Michael Niedermayer
Signed-off-by: Marton Balint
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47e47cfb0797a2af051b86e8c02fc7479c6845f0
---
ffplay.c | 16
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/ffplay.c b/ffplay.c
index 79dc768..6e30ccf 100644
--- a/ffplay.c
+++ b/ffplay.c
@@ -874,11 +874,11 @@ static int upload_texture(SDL_Texture *tex, AVFrame
*frame, struct SwsContext **
frame->width, frame->height, frame->format, frame->width,
frame->height,
AV_PIX_FMT_BGRA, sws_flags, NULL, NULL, NULL);
if (*img_convert_ctx != NULL) {
-uint8_t *pixels;
-int pitch;
-if (!SDL_LockTexture(tex, NULL, (void **)&pixels, &pitch)) {
+uint8_t *pixels[4];
+int pitch[4];
+if (!SDL_LockTexture(tex, NULL, (void **)pixels, pitch)) {
sws_scale(*img_convert_ctx, (const uint8_t * const
*)frame->data, frame->linesize,
- 0, frame->height, &pixels, &pitch);
+ 0, frame->height, pixels, pitch);
SDL_UnlockTexture(tex);
}
} else {
@@ -904,8 +904,8 @@ static void video_image_display(VideoState *is)
if (vp->pts >= sp->pts + ((float) sp->sub.start_display_time /
1000)) {
if (!sp->uploaded) {
-uint8_t *pixels;
-int pitch;
+uint8_t* pixels[4];
+int pitch[4];
int i;
if (!sp->width || !sp->height) {
sp->width = vp->width;
@@ -930,9 +930,9 @@ static void video_image_display(VideoState *is)
av_log(NULL, AV_LOG_FATAL, "Cannot initialize
the conversion context\n");
return;
}
-if (!SDL_LockTexture(is->sub_texture, (SDL_Rect
*)sub_rect, (void **)&pixels, &pitch)) {
+if (!SDL_LockTexture(is->sub_texture, (SDL_Rect
*)sub_rect, (void **)pixels, pitch)) {
sws_scale(is->sub_convert_ctx, (const uint8_t
* const *)sub_rect->data, sub_rect->linesize,
- 0, sub_rect->h, &pixels, &pitch);
+ 0, sub_rect->h, pixels, pitch);
SDL_UnlockTexture(is->sub_texture);
}
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [3f779aef79b1b92bee569f9813f502798fccd8c8] |
committer: Michael Niedermayer
avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
Fixes: part of 670190.ogg
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit 8258e363851434ad5662c19d036fddb3e3f27683)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3f779aef79b1b92bee569f9813f502798fccd8c8
---
libavcodec/mpeg4videodec.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavcodec/mpeg4videodec.c b/libavcodec/mpeg4videodec.c
index 1a2771a..0e0cf27 100644
--- a/libavcodec/mpeg4videodec.c
+++ b/libavcodec/mpeg4videodec.c
@@ -315,13 +315,13 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
min_ab = FFMIN(alpha, beta);
w3 = w2 >> min_ab;
h3 = h2 >> min_ab;
-s->sprite_offset[0][0] = (sprite_ref[0][0] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][0] = (sprite_ref[0][0] * (1<<(alpha + beta + rho -
min_ab))) +
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][0] + virtual_ref[1][0]) *
w3 * (-vop_ref[0][1]) +
(1 << (alpha + beta + rho - min_ab - 1));
-s->sprite_offset[0][1] = (sprite_ref[0][1] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][1] = (sprite_ref[0][1] * (1 << (alpha + beta + rho
- min_ab))) +
(-r * sprite_ref[0][1] + virtual_ref[0][1]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][1] + virtual_ref[1][1]) *
@@ -368,10 +368,10 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
int shift_y = 16 - ctx->sprite_shift[0];
int shift_c = 16 - ctx->sprite_shift[1];
for (i = 0; i < 2; i++) {
-s->sprite_offset[0][i] <<= shift_y;
-s->sprite_offset[1][i] <<= shift_c;
-s->sprite_delta[0][i] <<= shift_y;
-s->sprite_delta[1][i] <<= shift_y;
+s->sprite_offset[0][i] *= 1 << shift_y;
+s->sprite_offset[1][i] *= 1 << shift_c;
+s->sprite_delta[0][i] *= 1 << shift_y;
+s->sprite_delta[1][i] *= 1 << shift_y;
ctx->sprite_shift[i] = 16;
}
s->real_sprite_warping_points = ctx->num_sprite_warping_points;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Fix size of first slice
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Fri Dec 9 00:19:19 2016 +0100| [aec21cd840bc805eb8054329ee595d772099faad] |
committer: Michael Niedermayer
avcodec/ffv1enc: Fix size of first slice
Signed-off-by: Michael Niedermayer
(cherry picked from commit cff1c0edaa797eca96663d9b83e4b8c1b609ff19)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aec21cd840bc805eb8054329ee595d772099faad
---
libavcodec/ffv1enc.c | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index 68d311d..efa0ff7 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1089,7 +1089,6 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
FFV1Context *f = avctx->priv_data;
RangeCoder *const c = &f->slice_context[0]->c;
AVFrame *const p= f->picture.f;
-int used_count = 0;
uint8_t keystate= 128;
uint8_t *buf_p;
int i, ret;
@@ -1178,11 +1177,17 @@ FF_ENABLE_DEPRECATION_WARNINGS
}
}
-for (i = 1; i < f->slice_count; i++) {
+for (i = 0; i < f->slice_count; i++) {
FFV1Context *fs = f->slice_context[i];
-uint8_t *start = pkt->data + (pkt->size - used_count) * (int64_t)i /
f->slice_count;
+uint8_t *start = pkt->data + pkt->size * (int64_t)i / f->slice_count;
int len = pkt->size / f->slice_count;
-ff_init_range_encoder(&fs->c, start, len);
+if (i) {
+ff_init_range_encoder(&fs->c, start, len);
+} else {
+av_assert0(fs->c.bytestream_end >= fs->c.bytestream_start + len);
+av_assert0(fs->c.bytestream < fs->c.bytestream_start + len);
+fs->c.bytestream_end = fs->c.bytestream_start + len;
+}
}
avctx->execute(avctx, encode_slice, &f->slice_context[0], NULL,
f->slice_count, sizeof(void *));
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat: Add max_streams option
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Fri Nov 18 17:00:30 2016 +0100| [3ecbac5664014f255b1eb0d81a36079d9bfc4f41] |
committer: Michael Niedermayer
avformat: Add max_streams option
This allows user apps to stop OOM due to excessive number of streams
Signed-off-by: Michael Niedermayer
(cherry picked from commit 1296f844955e513d19051c962656f829479d4fb9)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3ecbac5664014f255b1eb0d81a36079d9bfc4f41
---
doc/formats.texi| 4
libavformat/avformat.h | 7 +++
libavformat/options_table.h | 1 +
libavformat/utils.c | 2 +-
libavformat/version.h | 2 +-
5 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/doc/formats.texi b/doc/formats.texi
index 87704af..c51d408 100644
--- a/doc/formats.texi
+++ b/doc/formats.texi
@@ -209,6 +209,10 @@ For example to separate the fields with newlines and
indention:
ffprobe -dump_separator "
" -i ~/videos/matrixbench_mpeg2.mpg
@end example
+
+@item max_streams @var{integer} (@emph{input})
+Specifies the maximum number of streams. This can be used to reject files that
+would require too many resources due to a large number of streams.
@end table
@c man end FORMAT OPTIONS
diff --git a/libavformat/avformat.h b/libavformat/avformat.h
index f9f4d72..c81a916 100644
--- a/libavformat/avformat.h
+++ b/libavformat/avformat.h
@@ -1899,6 +1899,13 @@ typedef struct AVFormatContext {
* - decoding: set by user through AVOptions (NO direct access)
*/
char *protocol_blacklist;
+
+/**
+ * The maximum number of streams.
+ * - encoding: unused
+ * - decoding: set by user through AVOptions (NO direct access)
+ */
+int max_streams;
} AVFormatContext;
int av_format_get_probe_score(const AVFormatContext *s);
diff --git a/libavformat/options_table.h b/libavformat/options_table.h
index 9d61d5a..d5448e5 100644
--- a/libavformat/options_table.h
+++ b/libavformat/options_table.h
@@ -105,6 +105,7 @@ static const AVOption avformat_options[] = {
{"format_whitelist", "List of demuxers that are allowed to be used",
OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"protocol_whitelist", "List of protocols that are allowed to be used",
OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"protocol_blacklist", "List of protocols that are not allowed to be used",
OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
+{"max_streams", "maximum number of streams", OFFSET(max_streams),
AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
{NULL},
};
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 5348e0d..20712bb 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -4213,7 +4213,7 @@ AVStream *avformat_new_stream(AVFormatContext *s, const
AVCodec *c)
int i;
AVStream **streams;
-if (s->nb_streams >= INT_MAX/sizeof(*streams))
+if (s->nb_streams >= FFMIN(s->max_streams, INT_MAX/sizeof(*streams)))
return NULL;
streams = av_realloc_array(s->streams, s->nb_streams + 1,
sizeof(*streams));
if (!streams)
diff --git a/libavformat/version.h b/libavformat/version.h
index 45c8334..ad25596 100644
--- a/libavformat/version.h
+++ b/libavformat/version.h
@@ -33,7 +33,7 @@
// Also please add any ticket numbers that you believe might be affected here
#define LIBAVFORMAT_VERSION_MAJOR 57
#define LIBAVFORMAT_VERSION_MINOR 56
-#define LIBAVFORMAT_VERSION_MICRO 100
+#define LIBAVFORMAT_VERSION_MICRO 101
#define LIBAVFORMAT_VERSION_INT AV_VERSION_INT(LIBAVFORMAT_VERSION_MAJOR, \
LIBAVFORMAT_VERSION_MINOR, \
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avutil: Add av_image_check_size2()
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Sat Dec 10 21:05:14 2016 +0100| [64bb329afa9a2fdeeff514a5fe7a89d08552bf42] |
committer: Michael Niedermayer
avutil: Add av_image_check_size2()
Signed-off-by: Michael Niedermayer
(cherry picked from commit f542b152aa2086b30d1089162d79f5c136905c0c)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64bb329afa9a2fdeeff514a5fe7a89d08552bf42
---
libavutil/imgutils.c | 29 -
libavutil/imgutils.h | 14 ++
libavutil/version.h | 2 +-
3 files changed, 39 insertions(+), 6 deletions(-)
diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c
index 37808e5..cc410ab 100644
--- a/libavutil/imgutils.c
+++ b/libavutil/imgutils.c
@@ -248,19 +248,38 @@ static const AVClass imgutils_class = {
.parent_log_context_offset = offsetof(ImgUtils, log_ctx),
};
-int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx)
{
ImgUtils imgutils = {
.class = &imgutils_class,
.log_offset = log_offset,
.log_ctx= log_ctx,
};
+int64_t stride = av_image_get_linesize(pix_fmt, w, 0);
+if (stride <= 0)
+stride = 8LL*w;
+stride += 128*8;
-if ((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/8)
-return 0;
+if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX ||
stride*(uint64_t)(h+128) >= INT_MAX) {
+av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w,
h);
+return AVERROR(EINVAL);
+}
-av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h);
-return AVERROR(EINVAL);
+if (max_pixels < INT64_MAX) {
+if (w*(int64_t)h > max_pixels) {
+av_log(&imgutils, AV_LOG_ERROR,
+"Picture size %ux%u exceeds specified max pixel count
%"PRId64", see the documentation if you wish to increase it\n",
+w, h, max_pixels);
+return AVERROR(EINVAL);
+}
+}
+
+return 0;
+}
+
+int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+{
+return av_image_check_size2(w, h, INT64_MAX, AV_PIX_FMT_NONE, log_offset,
log_ctx);
}
int av_image_check_sar(unsigned int w, unsigned int h, AVRational sar)
diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h
index 23282a3..19f34de 100644
--- a/libavutil/imgutils.h
+++ b/libavutil/imgutils.h
@@ -192,6 +192,20 @@ int av_image_copy_to_buffer(uint8_t *dst, int dst_size,
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx);
/**
+ * Check if the given dimension of an image is valid, meaning that all
+ * bytes of the image can be addressed with a signed int.
+ *
+ * @param w the width of the picture
+ * @param h the height of the picture
+ * @param max_pixels the maximum number of pixels the user wants to accept
+ * @param pix_fmt the pixel format, can be AV_PIX_FMT_NONE if unknown.
+ * @param log_offset the offset to sum to the log level for logging with
log_ctx
+ * @param log_ctx the parent logging context, it may be NULL
+ * @return >= 0 if valid, a negative error code otherwise
+ */
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx);
+
+/**
* Check if the given sample aspect ratio of an image is valid.
*
* It is considered invalid if the denominator is 0 or if applying the ratio
diff --git a/libavutil/version.h b/libavutil/version.h
index bdd310f..c57ac7f 100644
--- a/libavutil/version.h
+++ b/libavutil/version.h
@@ -80,7 +80,7 @@
#define LIBAVUTIL_VERSION_MAJOR 55
#define LIBAVUTIL_VERSION_MINOR 34
-#define LIBAVUTIL_VERSION_MICRO 100
+#define LIBAVUTIL_VERSION_MICRO 101
#define LIBAVUTIL_VERSION_INT AV_VERSION_INT(LIBAVUTIL_VERSION_MAJOR, \
LIBAVUTIL_VERSION_MINOR, \
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Thu Dec 8 23:51:45 2016 +0100| [0e6febff5a7b4d2b823911dd2e04f0bac718ddfb] |
committer: Michael Niedermayer
avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be
allocated
We are checking during encoding if there is enough space as version 4 needs that
check.
Fixes Ticket6005
Signed-off-by: Michael Niedermayer
(cherry picked from commit 38a7834bbb24ef62466b076715e0add60e1d6962)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0e6febff5a7b4d2b823911dd2e04f0bac718ddfb
---
libavcodec/ffv1enc.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index efa0ff7..158cbab 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1144,6 +1144,11 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
if (f->version > 3)
maxsize = AV_INPUT_BUFFER_MIN_SIZE + avctx->width*avctx->height*3LL*4;
+if (maxsize > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32) {
+av_log(avctx, AV_LOG_WARNING, "Cannot allocate worst case packet size,
the encoding could fail\n");
+maxsize = INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32;
+}
+
if ((ret = ff_alloc_packet2(avctx, pkt, maxsize, 0)) < 0)
return ret;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat/oggdec: Skip streams in duration correction that did not had their duration set.
ffmpeg | branch: release/3.2 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [35ef033a19a6eb154ac0bbe644f9de175f3ee021] |
committer: Michael Niedermayer
avformat/oggdec: Skip streams in duration correction that did not had their
duration set.
Fixes: part of 670190.ogg
Fixes integer overflow
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit ee2a6f5df8c6a151c3e3826872f1b0a07401c62a)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=35ef033a19a6eb154ac0bbe644f9de175f3ee021
---
libavformat/oggdec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 47a0cba..e1ef213 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -643,6 +643,8 @@ static int ogg_get_length(AVFormatContext *s)
int64_t pts;
if (i < 0) continue;
pts = ogg_calc_pts(s, i, NULL);
+if (s->streams[i]->duration == AV_NOPTS_VALUE)
+continue;
if (pts != AV_NOPTS_VALUE && s->streams[i]->start_time ==
AV_NOPTS_VALUE && !ogg->streams[i].got_start) {
s->streams[i]->duration -= pts;
ogg->streams[i].got_start= 1;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Thu Dec 8 23:51:45 2016 +0100| [0131f5c3769981c1e36ff124a50011702c491329] |
committer: Michael Niedermayer
avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be
allocated
We are checking during encoding if there is enough space as version 4 needs that
check.
Fixes Ticket6005
Signed-off-by: Michael Niedermayer
(cherry picked from commit 38a7834bbb24ef62466b076715e0add60e1d6962)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0131f5c3769981c1e36ff124a50011702c491329
---
libavcodec/ffv1enc.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index d13cea1..fec3e92 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1278,6 +1278,11 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
if (f->version > 3)
maxsize = AV_INPUT_BUFFER_MIN_SIZE + avctx->width*avctx->height*3LL*4;
+if (maxsize > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32) {
+av_log(avctx, AV_LOG_WARNING, "Cannot allocate worst case packet size,
the encoding could fail\n");
+maxsize = INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32;
+}
+
if ((ret = ff_alloc_packet2(avctx, pkt, maxsize, 0)) < 0)
return ret;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat/oggdec: Skip streams in duration correction that did not had their duration set.
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [119301d3129ef53f3ce698a062edb6fafdc715b6] |
committer: Michael Niedermayer
avformat/oggdec: Skip streams in duration correction that did not had their
duration set.
Fixes: part of 670190.ogg
Fixes integer overflow
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit ee2a6f5df8c6a151c3e3826872f1b0a07401c62a)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=119301d3129ef53f3ce698a062edb6fafdc715b6
---
libavformat/oggdec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 47a0cba..e1ef213 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -643,6 +643,8 @@ static int ogg_get_length(AVFormatContext *s)
int64_t pts;
if (i < 0) continue;
pts = ogg_calc_pts(s, i, NULL);
+if (s->streams[i]->duration == AV_NOPTS_VALUE)
+continue;
if (pts != AV_NOPTS_VALUE && s->streams[i]->start_time ==
AV_NOPTS_VALUE && !ogg->streams[i].got_start) {
s->streams[i]->duration -= pts;
ogg->streams[i].got_start= 1;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [255e61c25b830b1e84d919027106ff85868099bb] |
committer: Michael Niedermayer
avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
Fixes: part of 670190.ogg
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit 8258e363851434ad5662c19d036fddb3e3f27683)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=255e61c25b830b1e84d919027106ff85868099bb
---
libavcodec/mpeg4videodec.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavcodec/mpeg4videodec.c b/libavcodec/mpeg4videodec.c
index 3adf28d..a19b374 100644
--- a/libavcodec/mpeg4videodec.c
+++ b/libavcodec/mpeg4videodec.c
@@ -315,13 +315,13 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
min_ab = FFMIN(alpha, beta);
w3 = w2 >> min_ab;
h3 = h2 >> min_ab;
-s->sprite_offset[0][0] = (sprite_ref[0][0] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][0] = (sprite_ref[0][0] * (1<<(alpha + beta + rho -
min_ab))) +
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][0] + virtual_ref[1][0]) *
w3 * (-vop_ref[0][1]) +
(1 << (alpha + beta + rho - min_ab - 1));
-s->sprite_offset[0][1] = (sprite_ref[0][1] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][1] = (sprite_ref[0][1] * (1 << (alpha + beta + rho
- min_ab))) +
(-r * sprite_ref[0][1] + virtual_ref[0][1]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][1] + virtual_ref[1][1]) *
@@ -368,10 +368,10 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
int shift_y = 16 - ctx->sprite_shift[0];
int shift_c = 16 - ctx->sprite_shift[1];
for (i = 0; i < 2; i++) {
-s->sprite_offset[0][i] <<= shift_y;
-s->sprite_offset[1][i] <<= shift_c;
-s->sprite_delta[0][i] <<= shift_y;
-s->sprite_delta[1][i] <<= shift_y;
+s->sprite_offset[0][i] *= 1 << shift_y;
+s->sprite_offset[1][i] *= 1 << shift_c;
+s->sprite_delta[0][i] *= 1 << shift_y;
+s->sprite_delta[1][i] *= 1 << shift_y;
ctx->sprite_shift[i] = 16;
}
s->real_sprite_warping_points = ctx->num_sprite_warping_points;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat: Add max_streams option
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Fri Nov 18 17:00:30 2016 +0100| [b18a571e2355a6fb0dcb7ff7de18d36694eb65bd] |
committer: Michael Niedermayer
avformat: Add max_streams option
This allows user apps to stop OOM due to excessive number of streams
Signed-off-by: Michael Niedermayer
(cherry picked from commit 1296f844955e513d19051c962656f829479d4fb9)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b18a571e2355a6fb0dcb7ff7de18d36694eb65bd
---
doc/formats.texi| 4
libavformat/avformat.h | 7 +++
libavformat/options_table.h | 1 +
libavformat/utils.c | 2 +-
4 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/doc/formats.texi b/doc/formats.texi
index 2c068c1..a2d72e6 100644
--- a/doc/formats.texi
+++ b/doc/formats.texi
@@ -205,6 +205,10 @@ For example to separate the fields with newlines and
indention:
ffprobe -dump_separator "
" -i ~/videos/matrixbench_mpeg2.mpg
@end example
+
+@item max_streams @var{integer} (@emph{input})
+Specifies the maximum number of streams. This can be used to reject files that
+would require too many resources due to a large number of streams.
@end table
@c man end FORMAT OPTIONS
diff --git a/libavformat/avformat.h b/libavformat/avformat.h
index 818184e..4e7c615 100644
--- a/libavformat/avformat.h
+++ b/libavformat/avformat.h
@@ -1884,6 +1884,13 @@ typedef struct AVFormatContext {
* - decoding: set by user through AVOptions (NO direct access)
*/
char *protocol_blacklist;
+
+/**
+ * The maximum number of streams.
+ * - encoding: unused
+ * - decoding: set by user through AVOptions (NO direct access)
+ */
+int max_streams;
} AVFormatContext;
int av_format_get_probe_score(const AVFormatContext *s);
diff --git a/libavformat/options_table.h b/libavformat/options_table.h
index 3b74d1b..930813a 100644
--- a/libavformat/options_table.h
+++ b/libavformat/options_table.h
@@ -103,6 +103,7 @@ static const AVOption avformat_options[] = {
{"format_whitelist", "List of demuxers that are allowed to be used",
OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"protocol_whitelist", "List of protocols that are allowed to be used",
OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"protocol_blacklist", "List of protocols that are not allowed to be used",
OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
+{"max_streams", "maximum number of streams", OFFSET(max_streams),
AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
{NULL},
};
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 7c53050..f1198c0 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -4087,7 +4087,7 @@ AVStream *avformat_new_stream(AVFormatContext *s, const
AVCodec *c)
int i;
AVStream **streams;
-if (s->nb_streams >= INT_MAX/sizeof(*streams))
+if (s->nb_streams >= FFMIN(s->max_streams, INT_MAX/sizeof(*streams)))
return NULL;
streams = av_realloc_array(s->streams, s->nb_streams + 1,
sizeof(*streams));
if (!streams)
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Fix size of first slice
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Fri Dec 9 00:19:19 2016 +0100| [0c2d6a219f2831fd46557bbfb5a2c4c7da6f90b1] |
committer: Michael Niedermayer
avcodec/ffv1enc: Fix size of first slice
Signed-off-by: Michael Niedermayer
(cherry picked from commit cff1c0edaa797eca96663d9b83e4b8c1b609ff19)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0c2d6a219f2831fd46557bbfb5a2c4c7da6f90b1
---
libavcodec/ffv1enc.c | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index 383956b..d13cea1 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1223,7 +1223,6 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
FFV1Context *f = avctx->priv_data;
RangeCoder *const c = &f->slice_context[0]->c;
AVFrame *const p= f->picture.f;
-int used_count = 0;
uint8_t keystate= 128;
uint8_t *buf_p;
int i, ret;
@@ -1312,11 +1311,17 @@ FF_ENABLE_DEPRECATION_WARNINGS
}
}
-for (i = 1; i < f->slice_count; i++) {
+for (i = 0; i < f->slice_count; i++) {
FFV1Context *fs = f->slice_context[i];
-uint8_t *start = pkt->data + (pkt->size - used_count) * (int64_t)i /
f->slice_count;
+uint8_t *start = pkt->data + pkt->size * (int64_t)i / f->slice_count;
int len = pkt->size / f->slice_count;
-ff_init_range_encoder(&fs->c, start, len);
+if (i) {
+ff_init_range_encoder(&fs->c, start, len);
+} else {
+av_assert0(fs->c.bytestream_end >= fs->c.bytestream_start + len);
+av_assert0(fs->c.bytestream < fs->c.bytestream_start + len);
+fs->c.bytestream_end = fs->c.bytestream_start + len;
+}
}
avctx->execute(avctx, encode_slice, &f->slice_context[0], NULL,
f->slice_count, sizeof(void *));
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avutil: Add av_image_check_size2()
ffmpeg | branch: release/3.1 | Michael Niedermayer |
Sat Dec 10 21:05:14 2016 +0100| [6c96200ceb0fbf736ad5080e46779888521a687f] |
committer: Michael Niedermayer
avutil: Add av_image_check_size2()
Signed-off-by: Michael Niedermayer
(cherry picked from commit f542b152aa2086b30d1089162d79f5c136905c0c)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c96200ceb0fbf736ad5080e46779888521a687f
---
libavutil/imgutils.c | 29 -
libavutil/imgutils.h | 14 ++
2 files changed, 38 insertions(+), 5 deletions(-)
diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c
index 37808e5..cc410ab 100644
--- a/libavutil/imgutils.c
+++ b/libavutil/imgutils.c
@@ -248,19 +248,38 @@ static const AVClass imgutils_class = {
.parent_log_context_offset = offsetof(ImgUtils, log_ctx),
};
-int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx)
{
ImgUtils imgutils = {
.class = &imgutils_class,
.log_offset = log_offset,
.log_ctx= log_ctx,
};
+int64_t stride = av_image_get_linesize(pix_fmt, w, 0);
+if (stride <= 0)
+stride = 8LL*w;
+stride += 128*8;
-if ((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/8)
-return 0;
+if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX ||
stride*(uint64_t)(h+128) >= INT_MAX) {
+av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w,
h);
+return AVERROR(EINVAL);
+}
-av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h);
-return AVERROR(EINVAL);
+if (max_pixels < INT64_MAX) {
+if (w*(int64_t)h > max_pixels) {
+av_log(&imgutils, AV_LOG_ERROR,
+"Picture size %ux%u exceeds specified max pixel count
%"PRId64", see the documentation if you wish to increase it\n",
+w, h, max_pixels);
+return AVERROR(EINVAL);
+}
+}
+
+return 0;
+}
+
+int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+{
+return av_image_check_size2(w, h, INT64_MAX, AV_PIX_FMT_NONE, log_offset,
log_ctx);
}
int av_image_check_sar(unsigned int w, unsigned int h, AVRational sar)
diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h
index 23282a3..19f34de 100644
--- a/libavutil/imgutils.h
+++ b/libavutil/imgutils.h
@@ -192,6 +192,20 @@ int av_image_copy_to_buffer(uint8_t *dst, int dst_size,
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx);
/**
+ * Check if the given dimension of an image is valid, meaning that all
+ * bytes of the image can be addressed with a signed int.
+ *
+ * @param w the width of the picture
+ * @param h the height of the picture
+ * @param max_pixels the maximum number of pixels the user wants to accept
+ * @param pix_fmt the pixel format, can be AV_PIX_FMT_NONE if unknown.
+ * @param log_offset the offset to sum to the log level for logging with
log_ctx
+ * @param log_ctx the parent logging context, it may be NULL
+ * @return >= 0 if valid, a negative error code otherwise
+ */
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx);
+
+/**
* Check if the given sample aspect ratio of an image is valid.
*
* It is considered invalid if the denominator is 0 or if applying the ratio
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat/oggdec: Skip streams in duration correction that did not had their duration set.
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [7c68d5e701511967471b70b14a4ebbeafb423373] |
committer: Michael Niedermayer
avformat/oggdec: Skip streams in duration correction that did not had their
duration set.
Fixes: part of 670190.ogg
Fixes integer overflow
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit ee2a6f5df8c6a151c3e3826872f1b0a07401c62a)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7c68d5e701511967471b70b14a4ebbeafb423373
---
libavformat/oggdec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 8f3b44c..7ecb42c 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -643,6 +643,8 @@ static int ogg_get_length(AVFormatContext *s)
int64_t pts;
if (i < 0) continue;
pts = ogg_calc_pts(s, i, NULL);
+if (s->streams[i]->duration == AV_NOPTS_VALUE)
+continue;
if (pts != AV_NOPTS_VALUE && s->streams[i]->start_time ==
AV_NOPTS_VALUE && !ogg->streams[i].got_start) {
s->streams[i]->duration -= pts;
ogg->streams[i].got_start= 1;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Thu Dec 8 23:51:45 2016 +0100| [667c9ed1f14cd049c14cb849386ebe38671ec00b] |
committer: Michael Niedermayer
avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be
allocated
We are checking during encoding if there is enough space as version 4 needs that
check.
Fixes Ticket6005
Signed-off-by: Michael Niedermayer
(cherry picked from commit 38a7834bbb24ef62466b076715e0add60e1d6962)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=667c9ed1f14cd049c14cb849386ebe38671ec00b
---
libavcodec/ffv1enc.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index 55d32a0..9b14309 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1277,6 +1277,11 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
if (f->version > 3)
maxsize = AV_INPUT_BUFFER_MIN_SIZE + avctx->width*avctx->height*3LL*4;
+if (maxsize > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32) {
+av_log(avctx, AV_LOG_WARNING, "Cannot allocate worst case packet size,
the encoding could fail\n");
+maxsize = INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - 32;
+}
+
if ((ret = ff_alloc_packet2(avctx, pkt, maxsize, 0)) < 0)
return ret;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avutil: Add av_image_check_size2()
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Sat Dec 10 21:05:14 2016 +0100| [76961f4f42d28c7b4197c2cbef8bae3dc7b67379] |
committer: Michael Niedermayer
avutil: Add av_image_check_size2()
Signed-off-by: Michael Niedermayer
(cherry picked from commit f542b152aa2086b30d1089162d79f5c136905c0c)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=76961f4f42d28c7b4197c2cbef8bae3dc7b67379
---
libavutil/imgutils.c | 29 -
libavutil/imgutils.h | 14 ++
2 files changed, 38 insertions(+), 5 deletions(-)
diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c
index 1474482..5c0eb11 100644
--- a/libavutil/imgutils.c
+++ b/libavutil/imgutils.c
@@ -248,19 +248,38 @@ static const AVClass imgutils_class = {
.parent_log_context_offset = offsetof(ImgUtils, log_ctx),
};
-int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx)
{
ImgUtils imgutils = {
.class = &imgutils_class,
.log_offset = log_offset,
.log_ctx= log_ctx,
};
+int64_t stride = av_image_get_linesize(pix_fmt, w, 0);
+if (stride <= 0)
+stride = 8LL*w;
+stride += 128*8;
-if ((int)w>0 && (int)h>0 && (w+128)*(uint64_t)(h+128) < INT_MAX/8)
-return 0;
+if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX ||
stride*(uint64_t)(h+128) >= INT_MAX) {
+av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w,
h);
+return AVERROR(EINVAL);
+}
-av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h);
-return AVERROR(EINVAL);
+if (max_pixels < INT64_MAX) {
+if (w*(int64_t)h > max_pixels) {
+av_log(&imgutils, AV_LOG_ERROR,
+"Picture size %ux%u exceeds specified max pixel count
%"PRId64", see the documentation if you wish to increase it\n",
+w, h, max_pixels);
+return AVERROR(EINVAL);
+}
+}
+
+return 0;
+}
+
+int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx)
+{
+return av_image_check_size2(w, h, INT64_MAX, AV_PIX_FMT_NONE, log_offset,
log_ctx);
}
int av_image_check_sar(unsigned int w, unsigned int h, AVRational sar)
diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h
index 23282a3..19f34de 100644
--- a/libavutil/imgutils.h
+++ b/libavutil/imgutils.h
@@ -192,6 +192,20 @@ int av_image_copy_to_buffer(uint8_t *dst, int dst_size,
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void
*log_ctx);
/**
+ * Check if the given dimension of an image is valid, meaning that all
+ * bytes of the image can be addressed with a signed int.
+ *
+ * @param w the width of the picture
+ * @param h the height of the picture
+ * @param max_pixels the maximum number of pixels the user wants to accept
+ * @param pix_fmt the pixel format, can be AV_PIX_FMT_NONE if unknown.
+ * @param log_offset the offset to sum to the log level for logging with
log_ctx
+ * @param log_ctx the parent logging context, it may be NULL
+ * @return >= 0 if valid, a negative error code otherwise
+ */
+int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels,
enum AVPixelFormat pix_fmt, int log_offset, void *log_ctx);
+
+/**
* Check if the given sample aspect ratio of an image is valid.
*
* It is considered invalid if the denominator is 0 or if applying the ratio
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/ffv1enc: Fix size of first slice
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Fri Dec 9 00:19:19 2016 +0100| [0bcc7ea5dc243cae48e0b9c18b3bea717f184f6b] |
committer: Michael Niedermayer
avcodec/ffv1enc: Fix size of first slice
Signed-off-by: Michael Niedermayer
(cherry picked from commit cff1c0edaa797eca96663d9b83e4b8c1b609ff19)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0bcc7ea5dc243cae48e0b9c18b3bea717f184f6b
---
libavcodec/ffv1enc.c | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/libavcodec/ffv1enc.c b/libavcodec/ffv1enc.c
index 42e59a1..55d32a0 100644
--- a/libavcodec/ffv1enc.c
+++ b/libavcodec/ffv1enc.c
@@ -1222,7 +1222,6 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
FFV1Context *f = avctx->priv_data;
RangeCoder *const c = &f->slice_context[0]->c;
AVFrame *const p= f->picture.f;
-int used_count = 0;
uint8_t keystate= 128;
uint8_t *buf_p;
int i, ret;
@@ -1307,11 +1306,17 @@ static int encode_frame(AVCodecContext *avctx, AVPacket
*pkt,
}
}
-for (i = 1; i < f->slice_count; i++) {
+for (i = 0; i < f->slice_count; i++) {
FFV1Context *fs = f->slice_context[i];
-uint8_t *start = pkt->data + (pkt->size - used_count) * (int64_t)i /
f->slice_count;
+uint8_t *start = pkt->data + pkt->size * (int64_t)i / f->slice_count;
int len = pkt->size / f->slice_count;
-ff_init_range_encoder(&fs->c, start, len);
+if (i) {
+ff_init_range_encoder(&fs->c, start, len);
+} else {
+av_assert0(fs->c.bytestream_end >= fs->c.bytestream_start + len);
+av_assert0(fs->c.bytestream < fs->c.bytestream_start + len);
+fs->c.bytestream_end = fs->c.bytestream_start + len;
+}
}
avctx->execute(avctx, encode_slice, &f->slice_context[0], NULL,
f->slice_count, sizeof(void *));
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Fri Dec 9 17:01:14 2016 +0100| [efa164aa68503c5761851b7aaa28d6d4b3b7d01e] |
committer: Michael Niedermayer
avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()
Fixes: part of 670190.ogg
Found-by: Matt Wolenetz
Signed-off-by: Michael Niedermayer
(cherry picked from commit 8258e363851434ad5662c19d036fddb3e3f27683)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=efa164aa68503c5761851b7aaa28d6d4b3b7d01e
---
libavcodec/mpeg4videodec.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavcodec/mpeg4videodec.c b/libavcodec/mpeg4videodec.c
index 527cbe9..e9f54bd 100644
--- a/libavcodec/mpeg4videodec.c
+++ b/libavcodec/mpeg4videodec.c
@@ -315,13 +315,13 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
min_ab = FFMIN(alpha, beta);
w3 = w2 >> min_ab;
h3 = h2 >> min_ab;
-s->sprite_offset[0][0] = (sprite_ref[0][0] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][0] = (sprite_ref[0][0] * (1<<(alpha + beta + rho -
min_ab))) +
(-r * sprite_ref[0][0] + virtual_ref[0][0]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][0] + virtual_ref[1][0]) *
w3 * (-vop_ref[0][1]) +
(1 << (alpha + beta + rho - min_ab - 1));
-s->sprite_offset[0][1] = (sprite_ref[0][1] << (alpha + beta + rho -
min_ab)) +
+s->sprite_offset[0][1] = (sprite_ref[0][1] * (1 << (alpha + beta + rho
- min_ab))) +
(-r * sprite_ref[0][1] + virtual_ref[0][1]) *
h3 * (-vop_ref[0][0]) +
(-r * sprite_ref[0][1] + virtual_ref[1][1]) *
@@ -368,10 +368,10 @@ static int mpeg4_decode_sprite_trajectory(Mpeg4DecContext
*ctx, GetBitContext *g
int shift_y = 16 - ctx->sprite_shift[0];
int shift_c = 16 - ctx->sprite_shift[1];
for (i = 0; i < 2; i++) {
-s->sprite_offset[0][i] <<= shift_y;
-s->sprite_offset[1][i] <<= shift_c;
-s->sprite_delta[0][i] <<= shift_y;
-s->sprite_delta[1][i] <<= shift_y;
+s->sprite_offset[0][i] *= 1 << shift_y;
+s->sprite_offset[1][i] *= 1 << shift_c;
+s->sprite_delta[0][i] *= 1 << shift_y;
+s->sprite_delta[1][i] *= 1 << shift_y;
ctx->sprite_shift[i] = 16;
}
s->real_sprite_warping_points = ctx->num_sprite_warping_points;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat: Add max_streams option
ffmpeg | branch: release/3.0 | Michael Niedermayer |
Fri Nov 18 17:00:30 2016 +0100| [7dd1cc6076cab5f4c41a4b0b877024d0654e8fae] |
committer: Michael Niedermayer
avformat: Add max_streams option
This allows user apps to stop OOM due to excessive number of streams
Signed-off-by: Michael Niedermayer
(cherry picked from commit 1296f844955e513d19051c962656f829479d4fb9)
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7dd1cc6076cab5f4c41a4b0b877024d0654e8fae
---
doc/formats.texi| 4
libavformat/avformat.h | 7 +++
libavformat/options_table.h | 1 +
libavformat/utils.c | 2 +-
4 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/doc/formats.texi b/doc/formats.texi
index 617cda5..b62ca43 100644
--- a/doc/formats.texi
+++ b/doc/formats.texi
@@ -205,6 +205,10 @@ For example to separate the fields with newlines and
indention:
ffprobe -dump_separator "
" -i ~/videos/matrixbench_mpeg2.mpg
@end example
+
+@item max_streams @var{integer} (@emph{input})
+Specifies the maximum number of streams. This can be used to reject files that
+would require too many resources due to a large number of streams.
@end table
@c man end FORMAT OPTIONS
diff --git a/libavformat/avformat.h b/libavformat/avformat.h
index 34bad43..06a71c9 100644
--- a/libavformat/avformat.h
+++ b/libavformat/avformat.h
@@ -1866,6 +1866,13 @@ typedef struct AVFormatContext {
* A callback for closing the streams opened with
AVFormatContext.io_open().
*/
void (*io_close)(struct AVFormatContext *s, AVIOContext *pb);
+
+/**
+ * The maximum number of streams.
+ * - encoding: unused
+ * - decoding: set by user through AVOptions (NO direct access)
+ */
+int max_streams;
} AVFormatContext;
int av_format_get_probe_score(const AVFormatContext *s);
diff --git a/libavformat/options_table.h b/libavformat/options_table.h
index e84e54a..935da94 100644
--- a/libavformat/options_table.h
+++ b/libavformat/options_table.h
@@ -102,6 +102,7 @@ static const AVOption avformat_options[] = {
{"codec_whitelist", "List of decoders that are allowed to be used",
OFFSET(codec_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"format_whitelist", "List of demuxers that are allowed to be used",
OFFSET(format_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
{"protocol_whitelist", "List of protocols that are allowed to be used",
OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, CHAR_MIN,
CHAR_MAX, D },
+{"max_streams", "maximum number of streams", OFFSET(max_streams),
AV_OPT_TYPE_INT, { .i64 = INT_MAX }, 0, INT_MAX, D },
{NULL},
};
diff --git a/libavformat/utils.c b/libavformat/utils.c
index d368f0a..6df3036 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -3819,7 +3819,7 @@ AVStream *avformat_new_stream(AVFormatContext *s, const
AVCodec *c)
int i;
AVStream **streams;
-if (s->nb_streams >= INT_MAX/sizeof(*streams))
+if (s->nb_streams >= FFMIN(s->max_streams, INT_MAX/sizeof(*streams)))
return NULL;
streams = av_realloc_array(s->streams, s->nb_streams + 1,
sizeof(*streams));
if (!streams)
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat/matroskadec: remove the strict unofficial check for Colour elements
ffmpeg | branch: master | James Almer | Sun Dec 4 23:27:54
2016 -0300| [edb4f5da8125553e8ee94235a5f560cde5309f61] | committer: James Almer
avformat/matroskadec: remove the strict unofficial check for Colour elements
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=edb4f5da8125553e8ee94235a5f560cde5309f61
---
libavformat/matroskadec.c | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 4db6879..58731aa 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -2422,12 +2422,9 @@ static int matroska_parse_tracks(AVFormatContext *s)
return ret;
}
-if (s->strict_std_compliance <= FF_COMPLIANCE_UNOFFICIAL) {
-int ret = mkv_parse_video_color(st, track);
-if (ret < 0)
-return ret;
-}
-
+ret = mkv_parse_video_color(st, track);
+if (ret < 0)
+return ret;
ret = mkv_parse_video_projection(st, track);
if (ret < 0)
return ret;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
[FFmpeg-cvslog] avformat/matroskadec: allocate Colour related fields only if the file contains the relevant master
ffmpeg | branch: master | James Almer | Sun Dec 4 23:22:39
2016 -0300| [4e759072c2162bf884665ff65e4c1a3e0eeef075] | committer: James Almer
avformat/matroskadec: allocate Colour related fields only if the file contains
the relevant master
The demuxer doesn't fill the defaults if the master isn't present.
This results in codecpar->color_space being set with a value of
zero (RGB) on such files.
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e759072c2162bf884665ff65e4c1a3e0eeef075
---
libavformat/matroskadec.c | 54 ++-
1 file changed, 30 insertions(+), 24 deletions(-)
diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index ce11a46..4db6879 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -182,7 +182,7 @@ typedef struct MatroskaTrackVideo {
uint64_t field_order;
uint64_t stereo_mode;
uint64_t alpha_mode;
-MatroskaTrackVideoColor color;
+EbmlList color;
MatroskaTrackVideoProjection projection;
} MatroskaTrackVideo;
@@ -451,7 +451,7 @@ static const EbmlSyntax matroska_track_video[] = {
{ MATROSKA_ID_VIDEOPIXELHEIGHT,EBML_UINT, 0,
offsetof(MatroskaTrackVideo, pixel_height) },
{ MATROSKA_ID_VIDEOCOLORSPACE, EBML_BIN, 0,
offsetof(MatroskaTrackVideo, color_space) },
{ MATROSKA_ID_VIDEOALPHAMODE, EBML_UINT, 0,
offsetof(MatroskaTrackVideo, alpha_mode) },
-{ MATROSKA_ID_VIDEOCOLOR, EBML_NEST, 0,
offsetof(MatroskaTrackVideo, color), { .n = matroska_track_video_color } },
+{ MATROSKA_ID_VIDEOCOLOR, EBML_NEST,
sizeof(MatroskaTrackVideoColor), offsetof(MatroskaTrackVideo, color), { .n =
matroska_track_video_color } },
{ MATROSKA_ID_VIDEOPROJECTION, EBML_NEST, 0,
offsetof(MatroskaTrackVideo, projection), { .n =
matroska_track_video_projection } },
{ MATROSKA_ID_VIDEOPIXELCROPB, EBML_NONE },
{ MATROSKA_ID_VIDEOPIXELCROPT, EBML_NONE },
@@ -1827,34 +1827,40 @@ static void mkv_stereo_mode_display_mul(int stereo_mode,
}
static int mkv_parse_video_color(AVStream *st, const MatroskaTrack *track) {
-const MatroskaMasteringMeta* mastering_meta =
-&track->video.color.mastering_meta;
+const MatroskaTrackVideoColor *color = track->video.color.elem;
+const MatroskaMasteringMeta *mastering_meta;
+int has_mastering_primaries, has_mastering_luminance;
+
+if (!track->video.color.nb_elem)
+return 0;
+
+mastering_meta = &color->mastering_meta;
// Mastering primaries are CIE 1931 coords, and must be > 0.
-const int has_mastering_primaries =
+has_mastering_primaries =
mastering_meta->r_x > 0 && mastering_meta->r_y > 0 &&
mastering_meta->g_x > 0 && mastering_meta->g_y > 0 &&
mastering_meta->b_x > 0 && mastering_meta->b_y > 0 &&
mastering_meta->white_x > 0 && mastering_meta->white_y > 0;
-const int has_mastering_luminance = mastering_meta->max_luminance > 0;
-
-if (track->video.color.matrix_coefficients != AVCOL_SPC_RESERVED)
-st->codecpar->color_space = track->video.color.matrix_coefficients;
-if (track->video.color.primaries != AVCOL_PRI_RESERVED &&
-track->video.color.primaries != AVCOL_PRI_RESERVED0)
-st->codecpar->color_primaries = track->video.color.primaries;
-if (track->video.color.transfer_characteristics != AVCOL_TRC_RESERVED &&
-track->video.color.transfer_characteristics != AVCOL_TRC_RESERVED0)
-st->codecpar->color_trc = track->video.color.transfer_characteristics;
-if (track->video.color.range != AVCOL_RANGE_UNSPECIFIED &&
-track->video.color.range <= AVCOL_RANGE_JPEG)
-st->codecpar->color_range = track->video.color.range;
-if (track->video.color.chroma_siting_horz !=
MATROSKA_COLOUR_CHROMASITINGHORZ_UNDETERMINED &&
-track->video.color.chroma_siting_vert !=
MATROSKA_COLOUR_CHROMASITINGVERT_UNDETERMINED &&
-track->video.color.chroma_siting_horz <
MATROSKA_COLOUR_CHROMASITINGHORZ_NB &&
-track->video.color.chroma_siting_vert <
MATROSKA_COLOUR_CHROMASITINGVERT_NB) {
+has_mastering_luminance = mastering_meta->max_luminance > 0;
+
+if (color->matrix_coefficients != AVCOL_SPC_RESERVED)
+st->codecpar->color_space = color->matrix_coefficients;
+if (color->primaries != AVCOL_PRI_RESERVED &&
+color->primaries != AVCOL_PRI_RESERVED0)
+st->codecpar->color_primaries = color->primaries;
+if (color->transfer_characteristics != AVCOL_TRC_RESERVED &&
+color->transfer_characteristics != AVCOL_TRC_RESERVED0)
+st->codecpar->color_trc = color->transfer_characteristics;
+if (color->range != AVCOL_RANGE_UNSPECIFIED &&
+color->range <= AVCOL_RANGE_JPEG)
+st->codecpar->color_range = color->range;
+if (color->chroma_siting_horz !=
MATROSKA_COLOUR_CHROMASITINGHORZ_UNDETERMINED &&
+color->chroma_siting_vert !=
MAT
