[FFmpeg-cvslog] avcodec/h264_parse: Fix error code in decode_extradata
ffmpeg | branch: master | Zhao Zhili | Tue Mar 26
10:59:00 2024 +0800| [7bf85d2d3a3e3d5cced7fcf16b8af6bd289b] | committer:
Zhao Zhili
avcodec/h264_parse: Fix error code in decode_extradata
Signed-off-by: Zhao Zhili
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7bf85d2d3a3e3d5cced7fcf16b8af6bd289b
---
libavcodec/h264_parse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/h264_parse.c b/libavcodec/h264_parse.c
index c58d0c0fa9..c13bc860ef 100644
--- a/libavcodec/h264_parse.c
+++ b/libavcodec/h264_parse.c
@@ -469,7 +469,7 @@ int ff_h264_decode_extradata(const uint8_t *data, int size,
H264ParamSets *ps,
int ret;
if (!data || size <= 0)
-return -1;
+return AVERROR(EINVAL);
if (data[0] == 1) {
int i, cnt, nalsize;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] lavfi/setpts: unset frame durations
ffmpeg | branch: release/7.0 | Anton Khirnov | Wed Mar 27 13:57:15 2024 +0100| [8709604ca1f99ab4f37c3f92f2732d08e60be202] | committer: Anton Khirnov lavfi/setpts: unset frame durations Actual frame durations are, in general, not computable without buffering a frame. FIxes #10886 (cherry picked from commit fa110c32b5168d99098dc0c50c6465054cf9d20b) Signed-off-by: Anton Khirnov > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8709604ca1f99ab4f37c3f92f2732d08e60be202 --- libavfilter/setpts.c | 1 + tests/ref/fate/filter-setpts | 100 +-- 2 files changed, 51 insertions(+), 50 deletions(-) diff --git a/libavfilter/setpts.c b/libavfilter/setpts.c index 4f02a9a617..60cf2b642e 100644 --- a/libavfilter/setpts.c +++ b/libavfilter/setpts.c @@ -205,6 +205,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *frame) d = eval_pts(setpts, inlink, frame, frame->pts); frame->pts = D2TS(d); +frame->duration = 0; av_log(inlink->dst, AV_LOG_TRACE, "N:%"PRId64" PTS:%s T:%f", diff --git a/tests/ref/fate/filter-setpts b/tests/ref/fate/filter-setpts index 8aa7a1e6a0..08e0203831 100644 --- a/tests/ref/fate/filter-setpts +++ b/tests/ref/fate/filter-setpts @@ -3,53 +3,53 @@ #codec_id 0: rawvideo #dimensions 0: 352x288 #sar 0: 0/1 -0, 0, 0, 40, 152064, 0x05b789ef -0, 28, 28, 40, 152064, 0x4bb46551 -0, 57, 57, 40, 152064, 0x9dddf64a -0, 86, 86, 40, 152064, 0x2a8380b0 -0,115,115, 40, 152064, 0x4de3b652 -0,144,144, 40, 152064, 0xedb5a8e6 -0,172,172, 40, 152064, 0xe20f7c23 -0,201,201, 40, 152064, 0x5ab58bac -0,229,229, 40, 152064, 0x1f1b8026 -0,258,258, 40, 152064, 0x91373915 -0,286,286, 40, 152064, 0x02344760 -0,314,314, 40, 152064, 0x30f5fcd5 -0,343,343, 40, 152064, 0xc711ad61 -0,371,371, 40, 152064, 0x24eca223 -0,399,399, 40, 152064, 0x52a48ddd -0,427,427, 40, 152064, 0xa91c0f05 -0,456,456, 40, 152064, 0x8e364e18 -0,484,484, 40, 152064, 0xb15d38c8 -0,512,512, 40, 152064, 0xf25f6acc -0,541,541, 40, 152064, 0xf34ddbff -0,570,570, 40, 152064, 0xfc7bf570 -0,598,598, 40, 152064, 0x9dc72412 -0,627,627, 40, 152064, 0x445d1d59 -0,656,656, 40, 152064, 0x2f2768ef -0,685,685, 40, 152064, 0xce09f9d6 -0,714,714, 40, 152064, 0x95579936 -0,743,743, 40, 152064, 0x43d796b5 -0,772,772, 40, 152064, 0xd780d887 -0,800,800, 40, 152064, 0x76d2a455 -0,829,829, 40, 152064, 0x6dc3650e -0,858,858, 40, 152064, 0x0f9d6aca -0,887,887, 40, 152064, 0xe295c51e -0,915,915, 40, 152064, 0xd766fc8d -0,944,944, 40, 152064, 0xe22f7a30 -0,972,972, 40, 152064, 0x7fea4378 -0, 1000, 1000, 40, 152064, 0xfa8d94fb -0, 1029, 1029, 40, 152064, 0x4c9737ab -0, 1057, 1057, 40, 152064, 0xa50d01f8 -0, 1085, 1085, 40, 152064, 0x0b07594c -0, 1113, 1113, 40, 152064, 0x88734edd -0, 1142, 1142, 40, 152064, 0xd2735925 -0, 1170, 1170, 40, 152064, 0xd4e49e08 -0, 1198, 1198, 40, 152064, 0x20cebfa9 -0, 1227, 1227, 40, 152064, 0x575c20ec -0, 1255, 1255, 40, 152064, 0xfd500471 -0, 1284, 1284, 40, 152064, 0x61b47e73 -0, 1313, 1313, 40, 152064, 0x09ef53ff -0, 1341, 1341, 40, 152064, 0x6e88c5c2 -0, 1370, 1370, 40, 152064, 0xbb87b483 -0, 1399, 1399, 40, 152064, 0x4bbad8ea +0, 0, 0,0, 152064, 0x05b789ef +0, 28, 28,0, 152064, 0x4bb46551 +0, 57, 57,0, 152064, 0x9dddf64a +0, 86, 86,0, 152064, 0x2a8380b0 +0,115,115,0, 152064, 0x4de3b652 +0,144,144,0, 152064, 0xedb5a8e6 +0,172,172,0, 152064, 0xe20f7c23 +0,201,201,0, 152064, 0x5ab58bac +0,229,229,0, 152064, 0x1f1b8026 +0,258,258,0, 152064, 0x91373915 +0,286,286,0, 152064, 0x02344760 +0,314,314,0, 152064, 0x30f5fcd5
[FFmpeg-cvslog] lavf/vf_setpts: unset output framerate
ffmpeg | branch: release/7.0 | Anton Khirnov | Wed Mar 27
13:55:26 2024 +0100| [43fd3d5df6a19fc768a33e37855aa7f8c7050cf0] | committer:
Anton Khirnov
lavf/vf_setpts: unset output framerate
This filter produces VFR output in general.
Avoids dropping frames in the setpts test.
(cherry picked from commit f121d954ac89060cb7b07da230479cffe5bf9e5c)
Signed-off-by: Anton Khirnov
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=43fd3d5df6a19fc768a33e37855aa7f8c7050cf0
---
libavfilter/setpts.c | 17 -
tests/ref/fate/filter-setpts | 89 +---
2 files changed, 67 insertions(+), 39 deletions(-)
diff --git a/libavfilter/setpts.c b/libavfilter/setpts.c
index 88a8d6af86..4f02a9a617 100644
--- a/libavfilter/setpts.c
+++ b/libavfilter/setpts.c
@@ -150,6 +150,13 @@ static int config_input(AVFilterLink *inlink)
return 0;
}
+static int config_output_video(AVFilterLink *outlink)
+{
+outlink->frame_rate = (AVRational){ 1, 0 };
+
+return 0;
+}
+
#define BUF_SIZE 64
static inline char *double2int64str(char *buf, double v)
@@ -322,6 +329,14 @@ static const AVFilterPad avfilter_vf_setpts_inputs[] = {
},
};
+static const AVFilterPad outputs_video[] = {
+{
+.name = "default",
+.type = AVMEDIA_TYPE_VIDEO,
+.config_props = config_output_video,
+},
+};
+
const AVFilter ff_vf_setpts = {
.name= "setpts",
.description = NULL_IF_CONFIG_SMALL("Set PTS for the output video
frame."),
@@ -335,7 +350,7 @@ const AVFilter ff_vf_setpts = {
.priv_class = &setpts_class,
FILTER_INPUTS(avfilter_vf_setpts_inputs),
-FILTER_OUTPUTS(ff_video_default_filterpad),
+FILTER_OUTPUTS(outputs_video),
};
#endif /* CONFIG_SETPTS_FILTER */
diff --git a/tests/ref/fate/filter-setpts b/tests/ref/fate/filter-setpts
index efdcf6a16e..8aa7a1e6a0 100644
--- a/tests/ref/fate/filter-setpts
+++ b/tests/ref/fate/filter-setpts
@@ -1,42 +1,55 @@
-#tb 0: 1/25
+#tb 0: 1/1000
#media_type 0: video
#codec_id 0: rawvideo
#dimensions 0: 352x288
#sar 0: 0/1
-0, 0, 0,1, 152064, 0x05b789ef
-0, 1, 1,1, 152064, 0x4bb46551
-0, 2, 2,1, 152064, 0x9dddf64a
-0, 3, 3,1, 152064, 0x2a8380b0
-0, 4, 4,1, 152064, 0x4de3b652
-0, 5, 5,1, 152064, 0xedb5a8e6
-0, 6, 6,1, 152064, 0x5ab58bac
-0, 7, 7,1, 152064, 0x1f1b8026
-0, 8, 8,1, 152064, 0x91373915
-0, 9, 9,1, 152064, 0x30f5fcd5
-0, 10, 10,1, 152064, 0xc711ad61
-0, 11, 11,1, 152064, 0x52a48ddd
-0, 12, 12,1, 152064, 0xa91c0f05
-0, 13, 13,1, 152064, 0x8e364e18
-0, 14, 14,1, 152064, 0xf25f6acc
-0, 15, 15,1, 152064, 0xf34ddbff
-0, 16, 16,1, 152064, 0x9dc72412
-0, 17, 17,1, 152064, 0x445d1d59
-0, 18, 18,1, 152064, 0x2f2768ef
-0, 19, 19,1, 152064, 0x95579936
-0, 20, 20,1, 152064, 0x43d796b5
-0, 21, 21,1, 152064, 0x76d2a455
-0, 22, 22,1, 152064, 0x6dc3650e
-0, 23, 23,1, 152064, 0x0f9d6aca
-0, 24, 24,1, 152064, 0xd766fc8d
-0, 25, 25,1, 152064, 0xe22f7a30
-0, 26, 26,1, 152064, 0xfa8d94fb
-0, 27, 27,1, 152064, 0x4c9737ab
-0, 28, 28,1, 152064, 0xa50d01f8
-0, 29, 29,1, 152064, 0x88734edd
-0, 30, 30,1, 152064, 0xd2735925
-0, 31, 31,1, 152064, 0x20cebfa9
-0, 32, 32,1, 152064, 0x575c20ec
-0, 33, 33,1, 152064, 0x61b47e73
-0, 34, 34,1, 152064, 0x09ef53ff
-0, 35, 35,1, 152064, 0x6e88c5c2
-0, 36, 36,1, 152064, 0x4bbad8ea
+0, 0, 0, 40, 152064, 0x05b789ef
+0, 28, 28, 40, 152064, 0x4bb46551
+0, 57, 57, 40, 152064, 0x9dddf64a
+0, 86, 86, 40, 152064, 0x2a8380b0
+0,115,115, 40, 152064, 0x4de3b652
+0,144,144, 40, 152064, 0xedb5a8e6
+0,172,172, 40, 152064, 0xe20f7c23
+0,201,201, 40, 152064, 0x5ab58bac
+0,229,229, 40, 152064, 0x1f1b8026
+0,258,258, 40, 152064, 0x91373915
+0,286,286, 40, 152064, 0x02344760
+0,314,314, 40, 152064, 0x
[FFmpeg-cvslog] doc/community: update conflict of interest rule according to GA vote
ffmpeg | branch: master | Anton Khirnov | Mon Apr 1 15:35:41 2024 +0200| [63f56c99433e68f1360c015f8364cddb99d9dd95] | committer: Anton Khirnov doc/community: update conflict of interest rule according to GA vote > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=63f56c99433e68f1360c015f8364cddb99d9dd95 --- doc/community.texi | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/doc/community.texi b/doc/community.texi index 90d2b6f366..97a49f15ed 100644 --- a/doc/community.texi +++ b/doc/community.texi @@ -82,8 +82,6 @@ The TC has 2 modes of operation: a RFC one and an internal one. If the TC thinks it needs the input from the larger community, the TC can call for a RFC. Else, it can decide by itself. -If the disagreement involves a member of the TC, that member should recuse themselves from the decision. - The decision to use a RFC process or an internal discussion is a discretionary decision of the TC. The TC can also reject a seizure for a few reasons such as: the matter was not discussed enough previously; it lacks expertise to reach a beneficial decision on the matter; or the matter is too trivial. @@ -123,6 +121,13 @@ The decisions from the TC will be sent on the mailing list, with the [TC] tag. Internally, the TC should take decisions with a majority, or using ranked-choice voting. +Each TC member must vote on such decision according to what is, in their view, best for the project. + +If a TC member feels they are affected by a conflict of interest with regards to the case, they should announce it and recuse themselves from the TC +discussion and vote. + +A conflict of interest is presumed to occur when a TC member has a personal interest (e.g. financial) in a specific outcome of the case. + The decision from the TC should be published with a summary of the reasons that lead to this decision. The decisions from the TC are final, until the matters are reopened after no less than one year. ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/jpeg2000htdec: Check magp before using it in a shift
ffmpeg | branch: master | Michael Niedermayer | Wed
Mar 20 03:27:13 2024 +0100| [19ad05e9e0f045b13de8de7300ca3bd34ea8ca53] |
committer: Michael Niedermayer
avcodec/jpeg2000htdec: Check magp before using it in a shift
Fixes: shift exponent -1 is negative
Fixes:
65378/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5457678193197056
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=19ad05e9e0f045b13de8de7300ca3bd34ea8ca53
---
libavcodec/jpeg2000dec.c | 16
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index 857379da2d..28bf6be2fe 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -1886,7 +1886,7 @@ static inline void roi_scale_cblk(Jpeg2000Cblk *cblk,
}
}
-static inline void tile_codeblocks(const Jpeg2000DecoderContext *s,
Jpeg2000Tile *tile)
+static inline int tile_codeblocks(const Jpeg2000DecoderContext *s,
Jpeg2000Tile *tile)
{
Jpeg2000T1Context t1;
@@ -1911,6 +1911,8 @@ static inline void tile_codeblocks(const
Jpeg2000DecoderContext *s, Jpeg2000Tile
int nb_precincts, precno;
Jpeg2000Band *band = rlevel->band + bandno;
int cblkno = 0, bandpos;
+/* See Rec. ITU-T T.800, Equation E-2 */
+int magp = quantsty->expn[subbandno] + quantsty->nguardbits -
1;
bandpos = bandno + (reslevelno > 0);
@@ -1918,6 +1920,11 @@ static inline void tile_codeblocks(const
Jpeg2000DecoderContext *s, Jpeg2000Tile
band->coord[1][0] == band->coord[1][1])
continue;
+if ((codsty->cblk_style & JPEG2000_CTSY_HTJ2K_F) && magp >=
31) {
+avpriv_request_sample(s->avctx, "JPEG2000_CTSY_HTJ2K_F and
magp >= 31");
+return AVERROR_PATCHWELCOME;
+}
+
nb_precincts = rlevel->num_precincts_x *
rlevel->num_precincts_y;
/* Loop on precincts */
for (precno = 0; precno < nb_precincts; precno++) {
@@ -1928,8 +1935,6 @@ static inline void tile_codeblocks(const
Jpeg2000DecoderContext *s, Jpeg2000Tile
cblkno < prec->nb_codeblocks_width *
prec->nb_codeblocks_height;
cblkno++) {
int x, y, ret;
-/* See Rec. ITU-T T.800, Equation E-2 */
-int magp = quantsty->expn[subbandno] +
quantsty->nguardbits - 1;
Jpeg2000Cblk *cblk = prec->cblk + cblkno;
@@ -1969,6 +1974,7 @@ static inline void tile_codeblocks(const
Jpeg2000DecoderContext *s, Jpeg2000Tile
ff_dwt_decode(&comp->dwt, codsty->transform == FF_DWT97 ?
(void*)comp->f_data : (void*)comp->i_data);
} /*end comp */
+return 0;
}
#define WRITE_FRAME(D, PIXEL)
\
@@ -2045,7 +2051,9 @@ static int jpeg2000_decode_tile(AVCodecContext *avctx,
void *td,
AVFrame *picture = td;
Jpeg2000Tile *tile = s->tile + jobnr;
-tile_codeblocks(s, tile);
+int ret = tile_codeblocks(s, tile);
+if (ret < 0)
+return ret;
/* inverse MCT transformation */
if (tile->codsty[0].mct)
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/jpeg2000htdec: warn about non zero roi shift
ffmpeg | branch: master | Michael Niedermayer | Fri Mar 29 02:51:29 2024 +0100| [7b7eea8e63f761a0d0611d15c24170e40c62402c] | committer: Michael Niedermayer avcodec/jpeg2000htdec: warn about non zero roi shift Suggested-by: Tomas Härdin Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7b7eea8e63f761a0d0611d15c24170e40c62402c --- libavcodec/jpeg2000htdec.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavcodec/jpeg2000htdec.c b/libavcodec/jpeg2000htdec.c index b2f29a4372..fa704b665e 100644 --- a/libavcodec/jpeg2000htdec.c +++ b/libavcodec/jpeg2000htdec.c @@ -1199,6 +1199,9 @@ ff_jpeg2000_decode_htj2k(const Jpeg2000DecoderContext *s, Jpeg2000CodingStyle *c av_assert0(width * height <= 4096); av_assert0(width * height > 0); +if (roi_shift) +avpriv_report_missing_feature(s->avctx, "ROI shift"); + memset(t1->data, 0, t1->stride * height * sizeof(*t1->data)); memset(t1->flags, 0, t1->stride * (height + 2) * sizeof(*t1->flags)); ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/iamf_reader: Check len before summing
ffmpeg | branch: master | Michael Niedermayer | Mon
Mar 25 03:38:27 2024 +0100| [f26ee6e0667d050b684668ad0e792e70fcf88b78] |
committer: Michael Niedermayer
avformat/iamf_reader: Check len before summing
Fixes: integer overflow
Fixes:
67275/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5438920751906816
Fixes:
67688/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5970342318243840
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f26ee6e0667d050b684668ad0e792e70fcf88b78
---
libavformat/iamf_reader.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavformat/iamf_reader.c b/libavformat/iamf_reader.c
index 42f9770c13..014e8e3ecc 100644
--- a/libavformat/iamf_reader.c
+++ b/libavformat/iamf_reader.c
@@ -284,9 +284,9 @@ int ff_iamf_read_packet(AVFormatContext *s,
IAMFDemuxContext *c,
len = ff_iamf_parse_obu_header(header, size, &obu_size, &start_pos,
&type,
&skip_samples, &discard_padding);
-if (len < 0 || obu_size > max_size) {
+if (len < 0 || obu_size > max_size || len > INT_MAX - read) {
av_log(s, AV_LOG_ERROR, "Failed to read obu\n");
-return len;
+return len < 0 ? len : AVERROR_INVALIDDATA;
}
avio_seek(pb, -(size - start_pos), SEEK_CUR);
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/iamf_parse: keep count_label consistent on language_label allocation failure
ffmpeg | branch: master | James Almer | Thu Mar 21 00:37:16
2024 +0100| [0a693bce6216d6fc3ea8dc2986122d5014992d52] | committer: Michael
Niedermayer
avformat/iamf_parse: keep count_label consistent on language_label allocation
failure
Fixes: null pointer dereference
Fixes:
67023/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-6011025237278720
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0a693bce6216d6fc3ea8dc2986122d5014992d52
---
libavformat/iamf_parse.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavformat/iamf_parse.c b/libavformat/iamf_parse.c
index bda1580bbd..3867adb117 100644
--- a/libavformat/iamf_parse.c
+++ b/libavformat/iamf_parse.c
@@ -822,6 +822,7 @@ static int mix_presentation_obu(void *s, IAMFContext *c,
AVIOContext *pb, int le
mix_presentation->language_label = av_calloc(mix_presentation->count_label,
sizeof(*mix_presentation->language_label));
if (!mix_presentation->language_label) {
+mix_presentation->count_label = 0;
ret = AVERROR(ENOMEM);
goto fail;
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mxfdec: Check first case of offset_temp computation for overflow
ffmpeg | branch: master | Michael Niedermayer | Fri
Mar 29 03:35:18 2024 +0100| [d6ed6f6e8dffcf777c336869f56002da588e2de8] |
committer: Michael Niedermayer
avformat/mxfdec: Check first case of offset_temp computation for overflow
This is kind of ugly
Fixes: signed integer overflow: 255 * 1157565362826411919 cannot be represented
in type 'long'
Fixes:
67313/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6250434245230592
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d6ed6f6e8dffcf777c336869f56002da588e2de8
---
libavformat/mxfdec.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index 456c84e996..e484db052e 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -1892,9 +1892,13 @@ static int mxf_edit_unit_absolute_offset(MXFContext
*mxf, MXFIndexTable *index_t
if (edit_unit < s->index_start_position + s->index_duration) {
int64_t index = edit_unit - s->index_start_position;
-if (s->edit_unit_byte_count)
+if (s->edit_unit_byte_count) {
+if (index > INT64_MAX / s->edit_unit_byte_count ||
+s->edit_unit_byte_count * index > INT64_MAX - offset_temp)
+return AVERROR_INVALIDDATA;
+
offset_temp += s->edit_unit_byte_count * index;
-else {
+} else {
if (s->nb_index_entries == 2 * s->index_duration + 1)
index *= 2; /* Avid index */
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/movenc: Check that cts fits in 32bit
ffmpeg | branch: master | Michael Niedermayer | Sat
Mar 30 19:51:43 2024 +0100| [d88c284c18bf6cd3dd24a7c86b5e496dd3037405] |
committer: Michael Niedermayer
avformat/movenc: Check that cts fits in 32bit
Fixes: Assertion av_rescale_rnd(start_dts, mov->movie_timescale,
track->timescale, AV_ROUND_DOWN) <= 0 failed at libavformat/movenc.c:3694
Fixes: poc2
Found-by: Wang Dawei and Zhou Geng, from Zhongguancun Laboratory
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d88c284c18bf6cd3dd24a7c86b5e496dd3037405
---
libavformat/movenc.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/libavformat/movenc.c b/libavformat/movenc.c
index bcb18ad387..46a5b3a62f 100644
--- a/libavformat/movenc.c
+++ b/libavformat/movenc.c
@@ -6194,6 +6194,12 @@ int ff_mov_write_packet(AVFormatContext *s, AVPacket
*pkt)
if (ret < 0)
return ret;
+if (pkt->pts != AV_NOPTS_VALUE &&
+(uint64_t)pkt->dts - pkt->pts != (int32_t)((uint64_t)pkt->dts -
pkt->pts)) {
+av_log(s, AV_LOG_WARNING, "pts/dts pair unsupported\n");
+return AVERROR_PATCHWELCOME;
+}
+
if (mov->flags & FF_MOV_FLAG_FRAGMENT || mov->mode == MODE_AVIF) {
int ret;
if (mov->moov_written || mov->flags & FF_MOV_FLAG_EMPTY_MOOV) {
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/aiffdec: Check for previously set channels
ffmpeg | branch: master | Michael Niedermayer | Fri Mar 22 23:07:01 2024 +0100| [23b29f72eeb2ff6f2176ee74b9abe78aec4cd1f4] | committer: Michael Niedermayer avformat/aiffdec: Check for previously set channels Fixes: out of array access (av_channel_layout_copy()) Fixes: 67087/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-4920720268263424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=23b29f72eeb2ff6f2176ee74b9abe78aec4cd1f4 --- libavformat/aiffdec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/aiffdec.c b/libavformat/aiffdec.c index eb565054e7..bd5bd2e4bb 100644 --- a/libavformat/aiffdec.c +++ b/libavformat/aiffdec.c @@ -107,6 +107,8 @@ static int get_aiff_header(AVFormatContext *s, int64_t size, size++; par->codec_type = AVMEDIA_TYPE_AUDIO; channels = avio_rb16(pb); +if (par->ch_layout.nb_channels && par->ch_layout.nb_channels != channels) +return AVERROR_INVALIDDATA; par->ch_layout.nb_channels = channels; num_frames = avio_rb32(pb); par->bits_per_coded_sample = avio_rb16(pb); ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mxfdec: Make edit_unit_byte_count unsigned
ffmpeg | branch: master | Michael Niedermayer | Mon
Apr 1 18:29:46 2024 +0200| [f30fe5e8d002e15f07eaacf720c5654097cb62df] |
committer: Michael Niedermayer
avformat/mxfdec: Make edit_unit_byte_count unsigned
Suggested-by: Marton Balint
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f30fe5e8d002e15f07eaacf720c5654097cb62df
---
libavformat/mxfdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/mxfdec.c b/libavformat/mxfdec.c
index e484db052e..04de4c1d5e 100644
--- a/libavformat/mxfdec.c
+++ b/libavformat/mxfdec.c
@@ -251,7 +251,7 @@ typedef struct MXFFFV1SubDescriptor {
typedef struct MXFIndexTableSegment {
MXFMetadataSet meta;
-int edit_unit_byte_count;
+unsigned edit_unit_byte_count;
int index_sid;
int body_sid;
AVRational index_edit_rate;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/vvc/vvcdec: Do not submit frames without VVCFrameThread
ffmpeg | branch: master | Michael Niedermayer | Fri Jan 26 19:58:56 2024 +0100| [84ce5ced3163975b5ba9ffbf4c4709114b9e8669] | committer: Michael Niedermayer avcodec/vvc/vvcdec: Do not submit frames without VVCFrameThread Such frames will crash when pthread functions are called on the NULL pointer Fixes: member access within null pointer of type 'VVCFrameThread' (aka 'struct VVCFrameThread') Fixes: 65160/clusterfuzz-testcase-minimized-ffmpeg_BSF_VVC_METADATA_fuzzer-4665241535119360 (partly) Fixes: 65636/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-5394745824182272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=84ce5ced3163975b5ba9ffbf4c4709114b9e8669 --- libavcodec/vvc/vvcdec.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavcodec/vvc/vvcdec.c b/libavcodec/vvc/vvcdec.c index 8222f9d141..d7a89f7488 100644 --- a/libavcodec/vvc/vvcdec.c +++ b/libavcodec/vvc/vvcdec.c @@ -940,6 +940,9 @@ static int vvc_decode_frame(AVCodecContext *avctx, AVFrame *output, if (ret < 0) return ret; +if (!fc->ft) +return avpkt->size; + ret = submit_frame(s, fc, output, got_output); if (ret < 0) return ret; ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/iff: dont add into unused pointers
ffmpeg | branch: master | Michael Niedermayer | Sat
Mar 16 20:51:23 2024 +0100| [c0532f5579dcca4ad1d4c8db2068be7554c7cb63] |
committer: Michael Niedermayer
avcodec/iff: dont add into unused pointers
Fixes: overflowing pointers
Fixes:
66444/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-4812862400823296
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c0532f5579dcca4ad1d4c8db2068be7554c7cb63
---
libavcodec/iff.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/libavcodec/iff.c b/libavcodec/iff.c
index 133f69350f..4b3e8e0c21 100644
--- a/libavcodec/iff.c
+++ b/libavcodec/iff.c
@@ -1662,7 +1662,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
memset(row, 0, avctx->width);
for (plane = 0; plane < s->bpp; plane++) {
-buf += decode_byterun(s->planebuf, s->planesize, gb);
+decode_byterun(s->planebuf, s->planesize, gb);
if (avctx->codec_tag == MKTAG('A', 'N', 'I', 'M')) {
memcpy(video, s->planebuf, s->planesize);
video += s->planesize;
@@ -1675,7 +1675,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
memset(s->mask_buf, 0, avctx->width * sizeof(uint32_t));
for (plane = 0; plane < s->bpp; plane++) {
-buf += decode_byterun(s->planebuf, s->planesize, gb);
+decode_byterun(s->planebuf, s->planesize, gb);
decodeplane32(s->mask_buf, s->planebuf, s->planesize,
plane);
}
lookup_pal_indicies((uint32_t *)row, s->mask_buf,
s->mask_palbuf, avctx->width);
@@ -1686,7 +1686,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
memset(s->ham_buf, 0, s->planesize * 8);
for (plane = 0; plane < s->bpp; plane++) {
-buf += decode_byterun(s->planebuf, s->planesize, gb);
+decode_byterun(s->planebuf, s->planesize, gb);
if (avctx->codec_tag == MKTAG('A', 'N', 'I', 'M')) {
memcpy(video, s->planebuf, s->planesize);
video += s->planesize;
@@ -1700,7 +1700,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
memset(row, 0, avctx->width << 2);
for (plane = 0; plane < s->bpp; plane++) {
-buf += decode_byterun(s->planebuf, s->planesize, gb);
+decode_byterun(s->planebuf, s->planesize, gb);
decodeplane32((uint32_t *)row, s->planebuf,
s->planesize, plane);
}
}
@@ -1709,12 +1709,12 @@ static int decode_frame(AVCodecContext *avctx, AVFrame
*frame,
if (avctx->pix_fmt == AV_PIX_FMT_PAL8 || avctx->pix_fmt ==
AV_PIX_FMT_GRAY8) {
for (y = 0; y < avctx->height; y++) {
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
-buf += decode_byterun(row, avctx->width, gb);
+decode_byterun(row, avctx->width, gb);
}
} else if (s->ham) { // IFF-PBM: HAM to AV_PIX_FMT_BGR32
for (y = 0; y < avctx->height; y++) {
uint8_t *row = &frame->data[0][y * frame->linesize[0]];
-buf += decode_byterun(s->ham_buf, avctx->width, gb);
+decode_byterun(s->ham_buf, avctx->width, gb);
decode_ham_plane32((uint32_t *)row, s->ham_buf,
s->ham_palbuf, s->planesize);
}
} else
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mpegts: Reset local nb_prg on add_program() failure
ffmpeg | branch: master | Michael Niedermayer | Tue Feb 27 02:07:28 2024 +0100| [cb9752d897de17212a7a3ce54ad3e16b377b22c0] | committer: Michael Niedermayer avformat/mpegts: Reset local nb_prg on add_program() failure add_program() will deallocate the whole array on failure so we must clear nb_prgs Fixes: null pointer dereference Fixes: crash-35a3b39ddcc5babeeb005b7399a3a1217c8781bc Found-by: Catena cyber Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cb9752d897de17212a7a3ce54ad3e16b377b22c0 --- libavformat/mpegts.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavformat/mpegts.c b/libavformat/mpegts.c index d540126172..3a5cb769ba 100644 --- a/libavformat/mpegts.c +++ b/libavformat/mpegts.c @@ -2603,7 +2603,8 @@ static void pat_cb(MpegTSFilter *filter, const uint8_t *section, int section_len FFSWAP(struct Program, ts->prg[nb_prg], ts->prg[prg_idx]); if (prg_idx >= nb_prg) nb_prg++; -} +} else +nb_prg = 0; } } ts->nb_prg = nb_prg; ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] lavc/vaapi_encode_av1: Set roi_quant_range
ffmpeg | branch: master | David Rosca | Mon Apr 1 20:00:19 2024 +0200| [3f863f089c679be62827034d3645f152f9e4fa2f] | committer: Mark Thompson lavc/vaapi_encode_av1: Set roi_quant_range > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3f863f089c679be62827034d3645f152f9e4fa2f --- libavcodec/vaapi_encode_av1.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/vaapi_encode_av1.c b/libavcodec/vaapi_encode_av1.c index a46b882ab9..02a31b894d 100644 --- a/libavcodec/vaapi_encode_av1.c +++ b/libavcodec/vaapi_encode_av1.c @@ -155,6 +155,8 @@ static av_cold int vaapi_encode_av1_configure(AVCodecContext *avctx) priv->q_idx_idr = priv->q_idx_p = priv->q_idx_b = 128; } +ctx->roi_quant_range = AV1_MAX_QUANT; + return 0; } ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/ppc/hpeldsp_altivec: Fix left-shift of negative number
ffmpeg | branch: master | Andreas Rheinhardt | Fri Mar 29 01:10:10 2024 +0100| [356610a2ac1db9c1908903ee48721b3ce391ba01] | committer: Andreas Rheinhardt avcodec/ppc/hpeldsp_altivec: Fix left-shift of negative number It is UB and affected e.g. the vp5 and vp61 FATE tests: https://fate.ffmpeg.org/report.cgi?time=20240327083327&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu Signed-off-by: Andreas Rheinhardt > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=356610a2ac1db9c1908903ee48721b3ce391ba01 --- libavcodec/ppc/hpeldsp_altivec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/ppc/hpeldsp_altivec.c b/libavcodec/ppc/hpeldsp_altivec.c index a531b6b6ec..4bf6b28ed6 100644 --- a/libavcodec/ppc/hpeldsp_altivec.c +++ b/libavcodec/ppc/hpeldsp_altivec.c @@ -41,9 +41,9 @@ void ff_put_pixels16_altivec(uint8_t *block, const uint8_t *pixels, ptrdiff_t li register vector unsigned char pixelsv1D; int i; -register ptrdiff_t line_size_2 = line_size << 1; +register ptrdiff_t line_size_2 = line_size * (1 << 1); register ptrdiff_t line_size_3 = line_size + line_size_2; -register ptrdiff_t line_size_4 = line_size << 2; +register ptrdiff_t line_size_4 = line_size * (1 << 2); // hand-unrolling the loop by 4 gains about 15% // mininum execution time goes from 74 to 60 cycles ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/pngdsp: Fix unaligned accesses, effective type violations
ffmpeg | branch: master | Andreas Rheinhardt |
Fri Mar 29 02:22:06 2024 +0100| [9e4e8ae1e68053fe8e07783ff694b6f101a5c5b3] |
committer: Andreas Rheinhardt
avcodec/pngdsp: Fix unaligned accesses, effective type violations
Affected the lscr fate-test (only visible on x86 if
the SSE2 is disabled).
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9e4e8ae1e68053fe8e07783ff694b6f101a5c5b3
---
libavcodec/pngdsp.c | 25 +++--
1 file changed, 19 insertions(+), 6 deletions(-)
diff --git a/libavcodec/pngdsp.c b/libavcodec/pngdsp.c
index 65916b1386..50ee96a684 100644
--- a/libavcodec/pngdsp.c
+++ b/libavcodec/pngdsp.c
@@ -21,20 +21,33 @@
#include "config.h"
#include "libavutil/attributes.h"
+#include "libavutil/intreadwrite.h"
+#include "libavutil/macros.h"
#include "png.h"
#include "pngdsp.h"
+#if HAVE_FAST_64BIT
+#define BITS 64
+typedef uint64_t uint_native;
+#else
+#define BITS 32
+typedef uint32_t uint_native;
+#endif
+#define RN AV_JOIN(AV_RN, BITS)
+#define RNA AV_JOIN(AV_JOIN(AV_RN, BITS), A)
+#define WN AV_JOIN(AV_WN, BITS)
+
// 0x7f7f7f7f or 0x7f7f7f7f7f7f7f7f or whatever, depending on the cpu's native
arithmetic size
-#define pb_7f (~0UL / 255 * 0x7f)
-#define pb_80 (~0UL / 255 * 0x80)
+#define pb_7f (~(uint_native)0 / 255 * 0x7f)
+#define pb_80 (~(uint_native)0 / 255 * 0x80)
static void add_bytes_l2_c(uint8_t *dst, uint8_t *src1, uint8_t *src2, int w)
{
long i;
-for (i = 0; i <= w - (int) sizeof(long); i += sizeof(long)) {
-long a = *(long *)(src1 + i);
-long b = *(long *)(src2 + i);
-*(long *)(dst + i) = ((a & pb_7f) + (b & pb_7f)) ^ ((a ^ b) & pb_80);
+for (i = 0; i <= w - (int) sizeof(uint_native); i += sizeof(uint_native)) {
+uint_native a = RNA(src1 + i);
+uint_native b = RN (src2 + i);
+WN(dst + i, ((a & pb_7f) + (b & pb_7f)) ^ ((a ^ b) & pb_80));
}
for (; i < w; i++)
dst[i] = src1[i] + src2[i];
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avfilter/vf_spp: Fix left-shift of negative value
ffmpeg | branch: master | Andreas Rheinhardt |
Fri Mar 29 02:45:51 2024 +0100| [3ed23dab98a1c6246e9b3cf575ec29d245e39f94] |
committer: Andreas Rheinhardt
avfilter/vf_spp: Fix left-shift of negative value
Affected the vf-spp FATE-test (on x86 only when MMX
is disabled).
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3ed23dab98a1c6246e9b3cf575ec29d245e39f94
---
libavfilter/vf_spp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavfilter/vf_spp.c b/libavfilter/vf_spp.c
index 48911b296a..d6c7297985 100644
--- a/libavfilter/vf_spp.c
+++ b/libavfilter/vf_spp.c
@@ -172,7 +172,7 @@ static void store_slice_c(uint8_t *dst, const int16_t *src,
int y, x;
#define STORE(pos) do { \
-temp = ((src[x + y*src_linesize + pos] << log2_scale) + d[pos]) >> 6; \
+temp = (src[x + y*src_linesize + pos] * (1 << log2_scale) + d[pos]) >> 6;\
if (temp & 0x100) \
temp = ~(temp >> 31); \
dst[x + y*dst_linesize + pos] = temp; \
@@ -203,7 +203,7 @@ static void store_slice16_c(uint16_t *dst, const int16_t
*src,
unsigned int mask = -1<>1)) >> 5;
\
+temp = (src[x + y*src_linesize + pos] * (1 << log2_scale) + (d[pos]>>1))
>> 5; \
if (temp & mask ) \
temp = ~(temp >> 31); \
dst[x + y*dst_linesize + pos] = temp; \
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/huffyuvencdsp: Fix load of misaligned values
ffmpeg | branch: master | Andreas Rheinhardt |
Fri Mar 29 03:49:56 2024 +0100| [8ecd38312210d48ec9e50d78fc223d60e71a30ed] |
committer: Andreas Rheinhardt
avcodec/huffyuvencdsp: Fix load of misaligned values
Affected many ffvhuff FATE tests.
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8ecd38312210d48ec9e50d78fc223d60e71a30ed
---
libavcodec/huffyuvencdsp.c | 32
1 file changed, 24 insertions(+), 8 deletions(-)
diff --git a/libavcodec/huffyuvencdsp.c b/libavcodec/huffyuvencdsp.c
index 36e8f6130b..27428635af 100644
--- a/libavcodec/huffyuvencdsp.c
+++ b/libavcodec/huffyuvencdsp.c
@@ -18,16 +18,32 @@
#include "config.h"
#include "libavutil/attributes.h"
+#include "libavutil/intreadwrite.h"
#include "huffyuvencdsp.h"
#include "mathops.h"
+#if HAVE_FAST_64BIT
+#define BITS 64
+typedef uint64_t uint_native;
+#else
+#define BITS 32
+typedef uint32_t uint_native;
+#endif
+#define RN AV_JOIN(AV_RN, BITS)
+#define RNA AV_JOIN(AV_JOIN(AV_RN, BITS), A)
+#define WNA AV_JOIN(AV_JOIN(AV_WN, BITS), A)
+
+// 0x7f7f7f7f or 0x7f7f7f7f7f7f7f7f or whatever, depending on the cpu's native
arithmetic size
+#define pb_7f (~(uint_native)0 / 255 * 0x7f)
+#define pb_80 (~(uint_native)0 / 255 * 0x80)
+
// 0x00010001 or 0x0001000100010001 or whatever, depending on the cpu's native
arithmetic size
-#define pw_1 (ULONG_MAX / UINT16_MAX)
+#define pw_1 ((uint_native)-1 / UINT16_MAX)
static void diff_int16_c(uint16_t *dst, const uint16_t *src1, const uint16_t
*src2, unsigned mask, int w){
long i;
#if !HAVE_FAST_UNALIGNED
-if((long)src2 & (sizeof(long)-1)){
+if ((uintptr_t)src2 & (sizeof(uint_native) - 1)) {
for(i=0; i+3> 1) * pw_1;
-unsigned long pw_msb = pw_lsb + pw_1;
+uint_native pw_lsb = (mask >> 1) * pw_1;
+uint_native pw_msb = pw_lsb + pw_1;
-for (i = 0; i <= w - (int)sizeof(long)/2; i += sizeof(long)/2) {
-long a = *(long*)(src1+i);
-long b = *(long*)(src2+i);
-*(long*)(dst+i) = ((a|pw_msb) - (b&pw_lsb)) ^
((a^b^pw_msb)&pw_msb);
+for (i = 0; i <= w - (int)sizeof(uint_native)/2; i +=
sizeof(uint_native)/2) {
+uint_native a = RNA(src1 + i);
+uint_native b = RN (src2 + i);
+WNA(dst + i, ((a | pw_msb) - (b & pw_lsb)) ^ ((a^b^pw_msb) &
pw_msb));
}
}
for (; ihttps://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] fate/video: Only use bitexact IDCT in avid meridian
ffmpeg | branch: master | Andreas Rheinhardt | Fri Mar 29 19:06:09 2024 +0100| [d5897f70d47f04312e94550e21f28b2770ab25a9] | committer: Andreas Rheinhardt fate/video: Only use bitexact IDCT in avid meridian Precludes the usage of the altivec IDCT which fixes the avid-meridian FATE test on ppc64be here. Signed-off-by: Andreas Rheinhardt > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d5897f70d47f04312e94550e21f28b2770ab25a9 --- tests/fate/video.mak | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/fate/video.mak b/tests/fate/video.mak index 8f51a42077..9ad39e21ee 100644 --- a/tests/fate/video.mak +++ b/tests/fate/video.mak @@ -48,7 +48,7 @@ FATE_VIDEO-$(call FRAMECRC, AVI, AVRN) += fate-avid-interlaced fate-avid-interlaced: CMD = framecrc -i $(TARGET_SAMPLES)/avid/avid_ntsc_interlaced.avi FATE_VIDEO-$(call FRAMECRC, MOV, MJPEG) += fate-avid-meridian -fate-avid-meridian: CMD = framecrc -i $(TARGET_SAMPLES)/avid/avidmeridianntsc.mov +fate-avid-meridian: CMD = framecrc -bitexact -i $(TARGET_SAMPLES)/avid/avidmeridianntsc.mov FATE_VIDEO-$(call FRAMECRC, BETHSOFTVID, BETHSOFTVID, ARESAMPLE_FILTER SCALE_FILTER) += fate-bethsoft-vid fate-bethsoft-vid: CMD = framecrc -i $(TARGET_SAMPLES)/bethsoft-vid/ANIM0001.VID -t 5 -pix_fmt rgb24 -vf scale -af aresample ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] fate/fits: Fix tests on BE
ffmpeg | branch: master | Andreas Rheinhardt | Sat Mar 30 02:20:40 2024 +0100| [098f5e2634e113f8dd31dd0f5e9935132d719da6] | committer: Andreas Rheinhardt fate/fits: Fix tests on BE The fits decoder decodes to native pixel formats; so the fitsdec-gbrap16be fate test failed on BE despite its name because the reference file is LE. This patch fixes this by forcing a pixel format; the forced pixel format is BE, causing a change in the reference file. The fitsdec-gbrp16be test was not affected, because its source file (lena-rgb48.png from tne FATE suite) is actually biendian (as if someone had multiplied 8bit content by 257...). Signed-off-by: Andreas Rheinhardt > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=098f5e2634e113f8dd31dd0f5e9935132d719da6 --- tests/fate/fits.mak | 2 +- tests/ref/fate/fitsdec-gbrap16be | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/fate/fits.mak b/tests/fate/fits.mak index d85946bc1a..b83900aaee 100644 --- a/tests/fate/fits.mak +++ b/tests/fate/fits.mak @@ -28,7 +28,7 @@ fate-fitsdec-multi: tests/data/fits-multi.fits fate-fitsdec-multi: CMD = framecrc -i $(TARGET_PATH)/tests/data/fits-multi.fits -pix_fmt gbrap fate-fitsdec%: PIXFMT = $(word 3, $(subst -, ,$(@))) -fate-fitsdec%: CMD = transcode image2 $(TARGET_SAMPLES)/png1/lena-$(fits-png-map-$(PIXFMT)).png fits "-vf scale -pix_fmt $(PIXFMT)" +fate-fitsdec%: CMD = transcode image2 $(TARGET_SAMPLES)/png1/lena-$(fits-png-map-$(PIXFMT)).png fits "-vf scale -pix_fmt $(PIXFMT)" "-vf scale -pix_fmt $(PIXFMT)" FATE_FITS_DEC_PIXFMT = gray gbrp gbrp16be gbrap16be FATE_FITS_DEC-$(call TRANSCODE, FITS, FITS, IMAGE2_DEMUXER PNG_DECODER SCALE_FILTER) += $(FATE_FITS_DEC_PIXFMT:%=fate-fitsdec-%) diff --git a/tests/ref/fate/fitsdec-gbrap16be b/tests/ref/fate/fitsdec-gbrap16be index 1174a0f1d8..e57a878845 100644 --- a/tests/ref/fate/fitsdec-gbrap16be +++ b/tests/ref/fate/fitsdec-gbrap16be @@ -5,4 +5,4 @@ #codec_id 0: rawvideo #dimensions 0: 128x128 #sar 0: 0/1 -0, 0, 0,1, 131072, 0x487894b2 +0, 0, 0,1, 131072, 0xebb194b2 ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] fate/filter-video: Insert scale, format filters in filter-yadif,bwdif10
ffmpeg | branch: master | Andreas Rheinhardt | Fri Mar 29 19:25:00 2024 +0100| [579868f810d70a9ca33179c5ab34c67be0716b00] | committer: Andreas Rheinhardt fate/filter-video: Insert scale, format filters in filter-yadif,bwdif10 The format and the first scale filter ensures that the filter processing actually happens in high bit depth; the second scale filter is only necessary for big endian arches. Signed-off-by: Andreas Rheinhardt > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=579868f810d70a9ca33179c5ab34c67be0716b00 --- tests/fate/filter-video.mak | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/fate/filter-video.mak b/tests/fate/filter-video.mak index 681cddc33e..7f8dc3aa27 100644 --- a/tests/fate/filter-video.mak +++ b/tests/fate/filter-video.mak @@ -16,7 +16,7 @@ fate-filter-bwdif-mode0: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $( fate-filter-bwdif-mode1: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -frames:v 59 -vf bwdif=send_field FATE_BWDIF-$(call FILTERDEMDEC, BWDIF SCALE, MPEGTS, MPEG2VIDEO) += fate-filter-bwdif10 -fate-filter-bwdif10: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p10le -frames:v 30 -vf scale,bwdif=0 +fate-filter-bwdif10: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p10le -frames:v 30 -vf scale,format=yuv420p10,bwdif=0,scale FATE_FILTER_SAMPLES-yes += $(FATE_BWDIF-yes) @@ -25,8 +25,8 @@ fate-filter-yadif-mode0: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $( fate-filter-yadif-mode1: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -frames:v 59 -vf yadif=1 FATE_YADIF-$(call FILTERDEMDEC, YADIF SCALE, MPEGTS, MPEG2VIDEO) += fate-filter-yadif10 fate-filter-yadif16 -fate-filter-yadif10: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p10le -frames:v 30 -vf scale,yadif=0 -fate-filter-yadif16: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p16le -frames:v 30 -vf scale,yadif=0 +fate-filter-yadif10: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p10le -frames:v 30 -vf scale,format=yuv420p10,yadif=0,scale +fate-filter-yadif16: CMD = framecrc -ec 0 -flags bitexact -idct simple -i $(TARGET_SAMPLES)/mpeg2/mpeg2_field_encoding.ts -flags bitexact -pix_fmt yuv420p16le -frames:v 30 -vf scale,format=yuv420p16,yadif=0,scale FATE_FILTER_SAMPLES-yes += $(FATE_YADIF-yes) ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avcodec/vlc, bitstream: Fix multi VLC with uint8_t syms on BE
ffmpeg | branch: master | Andreas Rheinhardt |
Sat Mar 30 03:25:24 2024 +0100| [4ab82d2fb6361864521b41a5c8168902e534fa1a] |
committer: Andreas Rheinhardt
avcodec/vlc, bitstream: Fix multi VLC with uint8_t syms on BE
VLC_MULTI_ELEM contains an uint8_t array that is supposed
to be treated as an array of uint16_t when the used symbols
have a size of two; otherwise it should be treated as just
an array of uint8_t, but it was not always treated that way:
vlc_multi_gen() initialized the first entry of the array
by writing the symbol via AV_WN16; on big endian systems,
the intended value was instead written into the second entry
of the array (where it would likely be overwritten lateron
during initialization).
read_vlc_multi() also treated this case incorrectly: In case
the code is so long that it needs a classical multi-stage lookup,
the symbol has been written to the destination as if via AV_WN16.
On little endian systems, this sets the correct first symbol and
clobbers (zeroes) the next one, but the next one will be overwritten
lateron anyway, so it won't be recognized. But on big-endian systems,
the first symbol will be set to zero and the actually read symbol
will be put into the slot for the next one (where it will be overwritten
lateron).
This commit fixes this; this fixes the magicyuv and utvideo FATE-tests
on big endian arches.
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4ab82d2fb6361864521b41a5c8168902e534fa1a
---
libavcodec/bitstream_template.h | 8 ++--
libavcodec/get_bits.h | 3 ++-
libavcodec/magicyuv.c | 2 +-
libavcodec/utvideodec.c | 2 +-
libavcodec/vlc.c| 5 -
5 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/libavcodec/bitstream_template.h b/libavcodec/bitstream_template.h
index 4f3d07275f..c8e4a5131e 100644
--- a/libavcodec/bitstream_template.h
+++ b/libavcodec/bitstream_template.h
@@ -536,7 +536,8 @@ static inline int BS_FUNC(read_vlc)(BSCTX *bc, const
VLCElem *table,
static inline int BS_FUNC(read_vlc_multi)(BSCTX *bc, uint8_t dst[8],
const VLC_MULTI_ELEM *const Jtable,
const VLCElem *const table,
- const int bits, const int max_depth)
+ const int bits, const int max_depth,
+ const int symbols_size)
{
unsigned idx = BS_FUNC(peek)(bc, bits);
int ret, nb_bits, code, n = Jtable[idx].len;
@@ -554,7 +555,10 @@ static inline int BS_FUNC(read_vlc_multi)(BSCTX *bc,
uint8_t dst[8],
code = BS_FUNC(priv_set_idx)(bc, code, &n, &nb_bits, table);
}
}
-AV_WN16(dst, code);
+if (symbols_size == 1)
+*dst = code;
+else
+AV_WN16(dst, code);
ret = n > 0;
}
BS_FUNC(priv_skip_remaining)(bc, n);
diff --git a/libavcodec/get_bits.h b/libavcodec/get_bits.h
index cfcf97c021..fe2f6378b4 100644
--- a/libavcodec/get_bits.h
+++ b/libavcodec/get_bits.h
@@ -667,7 +667,8 @@ static av_always_inline int get_vlc2(GetBitContext *s,
const VLCElem *table,
static inline int get_vlc_multi(GetBitContext *s, uint8_t *dst,
const VLC_MULTI_ELEM *const Jtable,
const VLCElem *const table,
-const int bits, const int max_depth)
+const int bits, const int max_depth,
+const int symbols_size)
{
dst[0] = get_vlc2(s, table, bits, max_depth);
return 1;
diff --git a/libavcodec/magicyuv.c b/libavcodec/magicyuv.c
index d2897019bd..06fad8f3f7 100644
--- a/libavcodec/magicyuv.c
+++ b/libavcodec/magicyuv.c
@@ -125,7 +125,7 @@ static void magicyuv_median_pred16(uint16_t *dst, const
uint16_t *src1,
x = 0; \
for (; CACHED_BITSTREAM_READER && x < width-c && get_bits_left(&gb) > 0;)
{\
ret = get_vlc_multi(&gb, (uint8_t *)dst + x * b, multi, \
-vlc, vlc_bits, 3); \
+vlc, vlc_bits, 3, b); \
if (ret <= 0) \
return AVERROR_INVALIDDATA; \
x += ret; \
diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c
index 49e34cc90a..5377926fa6 100644
--- a/libavcodec/utvideodec.c
+++ b/libavcodec/utvideodec.c
@@ -121,7 +121,7 @@ static int build_huff(UtvideoContext *c, const uint8_t
*src, VLC *vlc,
i = 0; \
for (; CACHED_BITSTREAM_READER && i < width-end && get_bits_left(&gb) >
0;) {\
ret = get_vlc_multi(&gb, (uint8_t *)buf + i * b, multi.table, \
-vlc.table, VLC_BITS, 3); \
+vlc.table, VLC_BITS, 3, b); \
if (ret > 0) \
i += ret; \
if (ret <= 0) \
diff --git a/libavcodec/vlc.c b/libavcodec/vlc.c
index 78510e30d6..e01cc41689 100644
-
[FFmpeg-cvslog] avcodec/vlc: Use union of uint8_t and uint16_t in VLC_MULTI_ELEM
ffmpeg | branch: master | Andreas Rheinhardt |
Sat Mar 30 04:11:47 2024 +0100| [a8e518e3a7f7d5da969e7abba0f03f2ef0fd0203] |
committer: Andreas Rheinhardt
avcodec/vlc: Use union of uint8_t and uint16_t in VLC_MULTI_ELEM
It is more natural and simplifies writing these arrays.
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8e518e3a7f7d5da969e7abba0f03f2ef0fd0203
---
libavcodec/bitstream_template.h | 2 +-
libavcodec/vlc.c| 10 +-
libavcodec/vlc.h| 5 -
3 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/libavcodec/bitstream_template.h b/libavcodec/bitstream_template.h
index c8e4a5131e..bbb8dfa555 100644
--- a/libavcodec/bitstream_template.h
+++ b/libavcodec/bitstream_template.h
@@ -542,7 +542,7 @@ static inline int BS_FUNC(read_vlc_multi)(BSCTX *bc,
uint8_t dst[8],
unsigned idx = BS_FUNC(peek)(bc, bits);
int ret, nb_bits, code, n = Jtable[idx].len;
if (Jtable[idx].num) {
-AV_COPY64U(dst, Jtable[idx].val);
+AV_COPY64U(dst, Jtable[idx].val8);
ret = Jtable[idx].num;
} else {
code = table[idx].sym;
diff --git a/libavcodec/vlc.c b/libavcodec/vlc.c
index e01cc41689..ee09d96fd6 100644
--- a/libavcodec/vlc.c
+++ b/libavcodec/vlc.c
@@ -440,8 +440,8 @@ static void add_level(VLC_MULTI_ELEM *table, const int
is16bit,
code = curcode + (buf[t].code >> curlen);
newlimit = curlimit - l;
l += curlen;
-if (is16bit) AV_WN16(info.val+2*curlevel, sym);
-else info.val[curlevel] = sym&0xFF;
+if (is16bit) info.val16[curlevel] = sym;
+else info.val8[curlevel] = sym&0xFF;
if (curlevel) { // let's not add single entries
uint32_t val = code >> (32 - numbits);
@@ -468,7 +468,7 @@ static int vlc_multi_gen(VLC_MULTI_ELEM *table, const VLC
*single,
{
int minbits, maxbits, max;
unsigned count[VLC_MULTI_MAX_SYMBOLS-1] = { 0, };
-VLC_MULTI_ELEM info = { { 0, }, 0, 0, };
+VLC_MULTI_ELEM info = { 0 };
int count0 = 0;
for (int j = 0; j < 1table[j].len > 0 ? 1 : 0;
if (is16bit)
-AV_WN16(table[j].val, single->table[j].sym);
+table[j].val16[0] = single->table[j].sym;
else
-table[j].val[0] = single->table[j].sym;
+table[j].val8[0] = single->table[j].sym;
}
add_level(table, is16bit, nb_codes, numbits, buf,
diff --git a/libavcodec/vlc.h b/libavcodec/vlc.h
index 0cc106c499..bf7b0e65b4 100644
--- a/libavcodec/vlc.h
+++ b/libavcodec/vlc.h
@@ -40,7 +40,10 @@ typedef struct VLC {
} VLC;
typedef struct VLC_MULTI_ELEM {
-uint8_t val[VLC_MULTI_MAX_SYMBOLS];
+union {
+uint8_t val8[VLC_MULTI_MAX_SYMBOLS];
+uint16_t val16[VLC_MULTI_MAX_SYMBOLS / 2];
+};
int8_t len; // -31,32
uint8_t num;
} VLC_MULTI_ELEM;
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] fate/filter-video: Always use little endian pixel format
ffmpeg | branch: master | Andreas Rheinhardt | Fri Mar 29 19:10:53 2024 +0100| [1b684a1527d1a2601015d8a71e91cfb1b4704a67] | committer: Andreas Rheinhardt fate/filter-video: Always use little endian pixel format Fixes filter-metadata-signalstats-yuv420p10 on BE arches. Signed-off-by: Andreas Rheinhardt > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1b684a1527d1a2601015d8a71e91cfb1b4704a67 --- tests/fate/filter-video.mak | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/fate/filter-video.mak b/tests/fate/filter-video.mak index ee9f0f5e40..681cddc33e 100644 --- a/tests/fate/filter-video.mak +++ b/tests/fate/filter-video.mak @@ -692,7 +692,7 @@ fate-filter-metadata-freezedetect: CMD = run $(FILTER_METADATA_COMMAND) "sws_fla SIGNALSTATS_DEPS = LAVFI_INDEV COLOR_FILTER SCALE_FILTER SIGNALSTATS_FILTER FATE_METADATA_FILTER-$(call ALLYES, $(SIGNALSTATS_DEPS)) += fate-filter-metadata-signalstats-yuv420p fate-filter-metadata-signalstats-yuv420p10 fate-filter-metadata-signalstats-yuv420p: CMD = run $(FILTER_METADATA_COMMAND) "sws_flags=+accurate_rnd+bitexact;color=white:duration=1:r=1,signalstats" -fate-filter-metadata-signalstats-yuv420p10: CMD = run $(FILTER_METADATA_COMMAND) "sws_flags=+accurate_rnd+bitexact;color=white:duration=1:r=1,format=yuv420p10,signalstats" +fate-filter-metadata-signalstats-yuv420p10: CMD = run $(FILTER_METADATA_COMMAND) "sws_flags=+accurate_rnd+bitexact;color=white:duration=1:r=1,format=yuv420p10le,signalstats" SILENCEDETECT_DEPS = LAVFI_INDEV FILE_PROTOCOL AMOVIE_FILTER TTA_DEMUXER TTA_DECODER SILENCEDETECT_FILTER FATE_METADATA_FILTER-$(call ALLYES, $(SILENCEDETECT_DEPS)) += fate-filter-metadata-silencedetect ___ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mov: ensure all items id referenced by a grid are valid
ffmpeg | branch: master | James Almer | Mon Apr 1 21:13:04
2024 -0300| [f492f1ac239da07970c363fb8c7f7a1aa5b5002a] | committer: James Almer
avformat/mov: ensure all items id referenced by a grid are valid
Fixes: null pointer dereference
Fixes:
67494/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6528714521247744
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f492f1ac239da07970c363fb8c7f7a1aa5b5002a
---
libavformat/mov.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 7bdeeb99f9..fb0113b149 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -9397,8 +9397,9 @@ static int mov_parse_tiles(AVFormatContext *s)
for (int j = 0; j < grid->nb_tiles; j++) {
int tile_id = grid->tile_id_list[j];
+int k;
-for (int k = 0; k < mov->nb_heif_item; k++) {
+for (k = 0; k < mov->nb_heif_item; k++) {
HEIFItem *item = &mov->heif_item[k];
AVStream *st = item->st;
@@ -9424,6 +9425,13 @@ static int mov_parse_tiles(AVFormatContext *s)
break;
}
+if (k == grid->nb_tiles) {
+av_log(s, AV_LOG_WARNING, "HEIF item id %d referenced by grid
id %d doesn't "
+ "exist\n",
+ tile_id, grid->item->item_id);
+ff_remove_stream_group(s, stg);
+loop = 0;
+}
if (!loop)
break;
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mov: ensure all items id referenced by a grid are valid
ffmpeg | branch: release/7.0 | James Almer | Mon Apr 1
21:13:04 2024 -0300| [2ecaef745556684ba3d446994a570214e6fac7ce] | committer:
James Almer
avformat/mov: ensure all items id referenced by a grid are valid
Fixes: null pointer dereference
Fixes:
67494/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6528714521247744
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2ecaef745556684ba3d446994a570214e6fac7ce
---
libavformat/mov.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index c93a09d385..917a69fa34 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -9396,8 +9396,9 @@ static int mov_parse_tiles(AVFormatContext *s)
for (int j = 0; j < grid->nb_tiles; j++) {
int tile_id = grid->tile_id_list[j];
+int k;
-for (int k = 0; k < mov->nb_heif_item; k++) {
+for (k = 0; k < mov->nb_heif_item; k++) {
HEIFItem *item = &mov->heif_item[k];
AVStream *st = item->st;
@@ -9423,6 +9424,13 @@ static int mov_parse_tiles(AVFormatContext *s)
break;
}
+if (k == grid->nb_tiles) {
+av_log(s, AV_LOG_WARNING, "HEIF item id %d referenced by grid
id %d doesn't "
+ "exist\n",
+ tile_id, grid->item->item_id);
+ff_remove_stream_group(s, stg);
+loop = 0;
+}
if (!loop)
break;
}
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mov: Don't add attached pic if one is already present
ffmpeg | branch: master | Andreas Rheinhardt |
Tue Apr 2 04:13:44 2024 +0200| [9d219ff149738a9a6e3ba8f075c032cc1a3554f7] |
committer: Andreas Rheinhardt
avformat/mov: Don't add attached pic if one is already present
Fixes: memleak
Fixes:
67714/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5671570999476224
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Rheinhardt
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9d219ff149738a9a6e3ba8f075c032cc1a3554f7
---
libavformat/mov.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index fb0113b149..65faf58279 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -8820,7 +8820,7 @@ static void mov_read_chapters(AVFormatContext *s)
if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
st->disposition |= AV_DISPOSITION_ATTACHED_PIC |
AV_DISPOSITION_TIMED_THUMBNAILS;
-if (sti->nb_index_entries) {
+if (!st->attached_pic.data && sti->nb_index_entries) {
// Retrieve the first frame, if possible
AVIndexEntry *sample = &sti->index_entries[0];
if (avio_seek(sc->pb, sample->pos, SEEK_SET) != sample->pos) {
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mov: Check if a key is longer than the atom containing it
ffmpeg | branch: master | Eugene Zemtsov | Mon Apr 1
19:28:03 2024 -0700| [8a23a145d85964950123952d897b89c2c2b1b8c5] | committer:
James Almer
avformat/mov: Check if a key is longer than the atom containing it
Stop reading keys and return AVERROR_INVALIDDATA if key_size
is larger than the amount of space left in the atom.
Bug: https://crbug.com/41496983
Signed-off-by: Eugene Zemtsov
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a23a145d85964950123952d897b89c2c2b1b8c5
---
libavformat/mov.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 65faf58279..2b7ddc516c 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -5038,12 +5038,13 @@ static int mov_read_keys(MOVContext *c, AVIOContext
*pb, MOVAtom atom)
for (i = 1; i <= count; ++i) {
uint32_t key_size = avio_rb32(pb);
uint32_t type = avio_rl32(pb);
-if (key_size < 8) {
+if (key_size < 8 || key_size > atom.size) {
av_log(c->fc, AV_LOG_ERROR,
"The key# %"PRIu32" in meta has invalid size:"
"%"PRIu32"\n", i, key_size);
return AVERROR_INVALIDDATA;
}
+atom.size -= key_size;
key_size -= 8;
if (type != MKTAG('m','d','t','a')) {
avio_skip(pb, key_size);
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-cvslog] avformat/mov: Check if a key is longer than the atom containing it
ffmpeg | branch: release/7.0 | Eugene Zemtsov | Mon Apr
1 19:28:03 2024 -0700| [d0e5f83ffb30b6110b14d35faf2bec060c61a8af] | committer:
James Almer
avformat/mov: Check if a key is longer than the atom containing it
Stop reading keys and return AVERROR_INVALIDDATA if key_size
is larger than the amount of space left in the atom.
Bug: https://crbug.com/41496983
Signed-off-by: Eugene Zemtsov
Signed-off-by: James Almer
(cherry picked from commit 8a23a145d85964950123952d897b89c2c2b1b8c5)
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d0e5f83ffb30b6110b14d35faf2bec060c61a8af
---
libavformat/mov.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 917a69fa34..be4291c0da 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -5037,12 +5037,13 @@ static int mov_read_keys(MOVContext *c, AVIOContext
*pb, MOVAtom atom)
for (i = 1; i <= count; ++i) {
uint32_t key_size = avio_rb32(pb);
uint32_t type = avio_rl32(pb);
-if (key_size < 8) {
+if (key_size < 8 || key_size > atom.size) {
av_log(c->fc, AV_LOG_ERROR,
"The key# %"PRIu32" in meta has invalid size:"
"%"PRIu32"\n", i, key_size);
return AVERROR_INVALIDDATA;
}
+atom.size -= key_size;
key_size -= 8;
if (type != MKTAG('m','d','t','a')) {
avio_skip(pb, key_size);
___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
