Re: [FFmpeg-devel] qt-faststart bug near 4GB
Ping -Original Message- From: Eran Kornblau Sent: Friday, June 1, 2018 10:00 AM To: FFmpeg development discussions and patches Subject: RE: [FFmpeg-devel] qt-faststart bug near 4GB > On Thu, May 31, 2018 at 10:11:38AM +, Eran Kornblau wrote: > > > > > > -Original Message- > > > From: ffmpeg-devel [mailto:ffmpeg-devel-boun...@ffmpeg.org] On > > > Behalf Of Eran Kornblau > > > Sent: Friday, May 25, 2018 4:40 PM > > > To: FFmpeg development discussions and patches > > > > > > Subject: [FFmpeg-devel] qt-faststart bug near 4GB > > > > > > Hi all, > > > > > > We encountered a rather extreme edge case with qt-faststart - we > > > transcoded some video with ffmpeg, and the offset of the last video frame > > > in the resulting mp4 was slightly less than 4GB. > > > Since it was less than 4GB, ffmpeg used an 'stco' atom and not a 'co64' > > > atom. > > > When we ran qt-faststart on this file, it added the moov atom size to all > > > offsets in the 'stco' atom, causing an overflow in the offsets of the > > > frames close to the end of the file. The end of the video was therefore > > > corrupt and could not be played. > > > I think the solution here is to 'upgrade' the 'stco' atom to 'co64' if > > > such an edge case happens. However, looking at the code of qt-faststart, > > > I see that it doesn't actually parse the atom tree, but rather looks for > > > the strings 'stco' / 'co64'. Changing 'stco' to 'co64' requires updating > > > the size of all the atom in which it's contained (moov, trak, mdia etc.) > > > Therefore, such a change would probably be more of a rewrite of this > > > utility than a patch, so wanted to check whether anyone has any thoughts > > > on this before I start writing... > > > > > Attaching the patch for this issue. > > As expected, it required significant changes... hope you will like > > it > > :) > > > > Thanks! > > > > Eran > > about the AV_WB* macros, i like them alot :) but this seems not to apply > cleanly: > > Applying: qt-faststart - stco offset bug fix Using index info to reconstruct > a base tree... > M tools/qt-faststart.c > Falling back to patching base and 3-way merge... > Auto-merging tools/qt-faststart.c > CONFLICT (content): Merge conflict in tools/qt-faststart.c > error: Failed to merge in the changes. > Patch failed at 0001 qt-faststart - stco offset bug fix Use 'git am > --show-current-patch' to see the failed patch When you have resolved this > problem, run "git am --continue". > If you prefer to skip this patch, run "git am --skip" instead. > To restore the original branch and stop patching, run "git am --abort". > Sorry Michael, I forgot to revert the previous patch before committing. Attaching a fixed patch. Thanks Eran > [...] > > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > Into a blind darkness they enter who follow after the Ignorance, they > as if into a greater darkness enter who devote themselves to the Knowledge > alone. -- Isha Upanishad > 0001-qt-faststart-stco-offset-bug-fix.patch Description: 0001-qt-faststart-stco-offset-bug-fix.patch ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 1/4 v2] avcodec/vc1: fix overlap and loop filtering for Simple and Main profile
Overlap filtering I and BI frames for Simple and Main profile is only
dependent on PQUANT. Restrict testing for CONDOVER and OVERFLAGS to
advanced profile. Change from mb_width to end_mb_x in ff_vc1_i_loop_filter
to avoid breaking the Microsoft Screen 2 decoder.
Signed-off-by: Jerome Borsboom
---
The v2 patches should resolve the issue with fate-mss2-wmv.
libavcodec/vc1_loopfilter.c | 35 ---
1 file changed, 20 insertions(+), 15 deletions(-)
diff --git a/libavcodec/vc1_loopfilter.c b/libavcodec/vc1_loopfilter.c
index aceb1f77ff..cea7dae7f8 100644
--- a/libavcodec/vc1_loopfilter.c
+++ b/libavcodec/vc1_loopfilter.c
@@ -108,8 +108,10 @@ void ff_vc1_i_overlap_filter(VC1Context *v)
if (s->mb_x == 0 && (i & 5) != 1)
continue;
-if (v->pq >= 9 || v->condover == CONDOVER_ALL ||
-(v->over_flags_plane[mb_pos] && ((i & 5) == 1 ||
v->over_flags_plane[mb_pos - 1])))
+if (v->pq >= 9 || (v->profile == PROFILE_ADVANCED &&
+ (v->condover == CONDOVER_ALL ||
+(v->over_flags_plane[mb_pos] &&
+ ((i & 5) == 1 || v->over_flags_plane[mb_pos -
1])
vc1_h_overlap_filter(v, s->mb_x ? left_blk : cur_blk, cur_blk, i);
}
@@ -118,15 +120,18 @@ void ff_vc1_i_overlap_filter(VC1Context *v)
if (s->first_slice_line && !(i & 2))
continue;
-if (s->mb_x && (v->pq >= 9 || v->condover == CONDOVER_ALL ||
-(v->over_flags_plane[mb_pos - 1] &&
- ((i & 2) || v->over_flags_plane[mb_pos - 1 - s->mb_stride]
+if (s->mb_x &&
+(v->pq >= 9 || (v->profile == PROFILE_ADVANCED &&
+(v->condover == CONDOVER_ALL ||
+ (v->over_flags_plane[mb_pos - 1] &&
+ ((i & 2) || v->over_flags_plane[mb_pos - 1 -
s->mb_stride]))
vc1_v_overlap_filter(v, s->first_slice_line ? left_blk :
topleft_blk, left_blk, i);
-if (s->mb_x == s->mb_width - 1)
-if (v->pq >= 9 || v->condover == CONDOVER_ALL ||
-(v->over_flags_plane[mb_pos] &&
- ((i & 2) || v->over_flags_plane[mb_pos - s->mb_stride])))
-vc1_v_overlap_filter(v, s->first_slice_line ? cur_blk :
top_blk, cur_blk, i);
+if (s->mb_x == s->mb_width - 1 &&
+(v->pq >= 9 || (v->profile == PROFILE_ADVANCED &&
+(v->condover == CONDOVER_ALL ||
+ (v->over_flags_plane[mb_pos] &&
+ ((i & 2) || v->over_flags_plane[mb_pos -
s->mb_stride]))
+vc1_v_overlap_filter(v, s->first_slice_line ? cur_blk :
top_blk, cur_blk, i);
}
}
@@ -260,7 +265,7 @@ void ff_vc1_i_loop_filter(VC1Context *v)
for (i = 0; i < block_count; i++)
vc1_i_v_loop_filter(v, i > 3 ? s->dest[i - 3] - 8 *
s->uvlinesize - 8 : dest, flags, fieldtx, i);
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
dest += 16;
fieldtx = v->fieldtx_plane[mb_pos - s->mb_stride];
for (i = 0; i < block_count; i++)
@@ -275,7 +280,7 @@ void ff_vc1_i_loop_filter(VC1Context *v)
for (i = 0; i < block_count; i++)
vc1_i_v_loop_filter(v, i > 3 ? s->dest[i - 3] - 8 : dest,
flags, fieldtx, i);
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
dest += 16;
fieldtx = v->fieldtx_plane[mb_pos];
for (i = 0; i < block_count; i++)
@@ -290,7 +295,7 @@ void ff_vc1_i_loop_filter(VC1Context *v)
for (i = 0; i < block_count; i++)
vc1_i_h_loop_filter(v, i > 3 ? s->dest[i - 3] - 16 *
s->uvlinesize - 8 : dest, flags, i);
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
dest += 16;
flags = s->mb_x == 0 ? LEFT_EDGE | RIGHT_EDGE : RIGHT_EDGE;
for (i = 0; i < block_count; i++)
@@ -305,7 +310,7 @@ void ff_vc1_i_loop_filter(VC1Context *v)
for (i = 0; i < block_count; i++)
vc1_i_h_loop_filter(v, i > 3 ? s->dest[i - 3] - 8 *
s->uvlinesize - 8 : dest, flags, i);
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
flags = s->mb_x == 0 ? LEFT_EDGE | RIGHT_EDGE : RIGHT_EDGE;
dest += 16;
for (i = 0; i < block_count; i++)
@@ -318,7 +323,7 @@ void ff_vc1_i_loop_filter(VC1Context *v)
for (i = 0; i < block_count; i++)
vc1_i_h_loop_filter(v, i > 3 ? s->dest[i - 3] - 8 : dest,
flags, i);
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x
Re: [FFmpeg-devel] [PATCH 3/4 v2] avcodec/vc1: rewrite vc1_decode_i_blocks to align with VC-1 spec
Change vc1_decode_i_blocks to use vc1_put_blocks_clamped and
ff_vc1_i_loop_filter.
Signed-off-by: Jerome Borsboom
---
libavcodec/vc1_block.c | 77 +++---
1 file changed, 29 insertions(+), 48 deletions(-)
diff --git a/libavcodec/vc1_block.c b/libavcodec/vc1_block.c
index 1dc8c6422d..a7ba261ccb 100644
--- a/libavcodec/vc1_block.c
+++ b/libavcodec/vc1_block.c
@@ -2541,26 +2541,24 @@ static void vc1_decode_i_blocks(VC1Context *v)
s->mb_x = 0;
init_block_index(v);
for (; s->mb_x < v->end_mb_x; s->mb_x++) {
-uint8_t *dst[6];
+int16_t (*block)[64] = v->block[v->cur_blk_idx];
ff_update_block_index(s);
-dst[0] = s->dest[0];
-dst[1] = dst[0] + 8;
-dst[2] = s->dest[0] + s->linesize * 8;
-dst[3] = dst[2] + 8;
-dst[4] = s->dest[1];
-dst[5] = s->dest[2];
-s->bdsp.clear_blocks(s->block[0]);
+s->bdsp.clear_blocks(block[0]);
mb_pos = s->mb_x + s->mb_y * s->mb_width;
s->current_picture.mb_type[mb_pos] =
MB_TYPE_INTRA;
s->current_picture.qscale_table[mb_pos]= v->pq;
-s->current_picture.motion_val[1][s->block_index[0]][0] = 0;
-s->current_picture.motion_val[1][s->block_index[0]][1] = 0;
+for (int i = 0; i < 4; i++) {
+s->current_picture.motion_val[1][s->block_index[i]][0] = 0;
+s->current_picture.motion_val[1][s->block_index[i]][1] = 0;
+}
// do actual MB decoding and displaying
cbp = get_vlc2(&v->s.gb, ff_msmp4_mb_i_vlc.table,
MB_INTRA_VLC_BITS, 2);
v->s.ac_pred = get_bits1(&v->s.gb);
for (k = 0; k < 6; k++) {
+v->mb_type[0][s->block_index[k]] = 1;
+
val = ((cbp >> (5 - k)) & 1);
if (k < 4) {
@@ -2570,52 +2568,30 @@ static void vc1_decode_i_blocks(VC1Context *v)
}
cbp |= val << (5 - k);
-vc1_decode_i_block(v, s->block[k], k, val, (k < 4) ?
v->codingset : v->codingset2);
+vc1_decode_i_block(v, block[k], k, val, (k < 4) ? v->codingset
: v->codingset2);
if (CONFIG_GRAY && k > 3 && (s->avctx->flags &
AV_CODEC_FLAG_GRAY))
continue;
-v->vc1dsp.vc1_inv_trans_8x8(s->block[k]);
-if (v->pq >= 9 && v->overlap) {
-if (v->rangeredfrm)
+v->vc1dsp.vc1_inv_trans_8x8(block[k]);
+}
+
+if (v->overlap && v->pq >= 9) {
+ff_vc1_i_overlap_filter(v);
+if (v->rangeredfrm)
+for (k = 0; k < 6; k++)
for (j = 0; j < 64; j++)
-s->block[k][j] <<= 1;
-s->idsp.put_signed_pixels_clamped(s->block[k], dst[k],
- k & 4 ? s->uvlinesize
-: s->linesize);
-} else {
-if (v->rangeredfrm)
+block[k][j] <<= 1;
+vc1_put_blocks_clamped(v, 1);
+} else {
+if (v->rangeredfrm)
+for (k = 0; k < 6; k++)
for (j = 0; j < 64; j++)
-s->block[k][j] = (s->block[k][j] - 64) << 1;
-s->idsp.put_pixels_clamped(s->block[k], dst[k],
- k & 4 ? s->uvlinesize
- : s->linesize);
-}
+block[k][j] = (block[k][j] - 64) << 1;
+vc1_put_blocks_clamped(v, 0);
}
-if (v->pq >= 9 && v->overlap) {
-if (s->mb_x) {
-v->vc1dsp.vc1_h_overlap(s->dest[0], s->linesize);
-v->vc1dsp.vc1_h_overlap(s->dest[0] + 8 * s->linesize,
s->linesize);
-if (!CONFIG_GRAY || !(s->avctx->flags &
AV_CODEC_FLAG_GRAY)) {
-v->vc1dsp.vc1_h_overlap(s->dest[1], s->uvlinesize);
-v->vc1dsp.vc1_h_overlap(s->dest[2], s->uvlinesize);
-}
-}
-v->vc1dsp.vc1_h_overlap(s->dest[0] + 8, s->linesize);
-v->vc1dsp.vc1_h_overlap(s->dest[0] + 8 * s->linesize + 8,
s->linesize);
-if (!s->first_slice_line) {
-v->vc1dsp.vc1_v_overlap(s->dest[0], s->linesize);
-v->vc1dsp.vc1_v_overlap(s->dest[0] + 8, s->linesize);
-if (!CONFIG_GRAY || !(s->avctx->flags &
AV_CODEC_FLAG_GRAY)) {
-v->vc1dsp.vc1_v_overlap(s->dest[1], s->uvlinesize);
-v->vc1dsp.vc1_v_overlap(s->dest[2], s->uvl
Re: [FFmpeg-devel] [PATCH 2/4 v2] avcodec/vc1: add Simple and Main profile to vc1_put_signed_blocks_clamped
Simple and Main Profile also need unsigned put_pixels_clamped. Add an argument
to choose between signed and unsigned put_pixels and change function name to
vc1_put_blocks_clamped.
Signed-off-by: Jerome Borsboom
---
libavcodec/vc1_block.c | 58 +-
1 file changed, 39 insertions(+), 19 deletions(-)
diff --git a/libavcodec/vc1_block.c b/libavcodec/vc1_block.c
index caf1596812..1dc8c6422d 100644
--- a/libavcodec/vc1_block.c
+++ b/libavcodec/vc1_block.c
@@ -66,7 +66,7 @@ static inline void init_block_index(VC1Context *v)
/** @} */ //Bitplane group
-static void vc1_put_signed_blocks_clamped(VC1Context *v)
+static void vc1_put_blocks_clamped(VC1Context *v, int put_signed)
{
MpegEncContext *s = &v->s;
uint8_t *dest;
@@ -85,20 +85,30 @@ static void vc1_put_signed_blocks_clamped(VC1Context *v)
if (i > 3 ? v->mb_type[0][s->block_index[i] - s->block_wrap[i]
- 1] :
v->mb_type[0][s->block_index[i] - 2 *
s->block_wrap[i] - 2]) {
dest = s->dest[0] + ((i & 2) - 4) * 4 * s->linesize + ((i
& 1) - 2) * 8;
-
s->idsp.put_signed_pixels_clamped(v->block[v->topleft_blk_idx][i],
- i > 3 ? s->dest[i - 3] -
8 * s->uvlinesize - 8 : dest,
- i > 3 ? s->uvlinesize :
s->linesize);
+if (put_signed)
+
s->idsp.put_signed_pixels_clamped(v->block[v->topleft_blk_idx][i],
+ i > 3 ? s->dest[i -
3] - 8 * s->uvlinesize - 8 : dest,
+ i > 3 ?
s->uvlinesize : s->linesize);
+else
+
s->idsp.put_pixels_clamped(v->block[v->topleft_blk_idx][i],
+ i > 3 ? s->dest[i - 3] - 8
* s->uvlinesize - 8 : dest,
+ i > 3 ? s->uvlinesize :
s->linesize);
}
}
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
for (i = 0; i < block_count; i++) {
if (i > 3 ? v->mb_type[0][s->block_index[i] -
s->block_wrap[i]] :
v->mb_type[0][s->block_index[i] - 2 *
s->block_wrap[i]]) {
dest = s->dest[0] + ((i & 2) - 4) * 4 * s->linesize + (i &
1) * 8;
-
s->idsp.put_signed_pixels_clamped(v->block[v->top_blk_idx][i],
- i > 3 ? s->dest[i - 3] -
8 * s->uvlinesize : dest,
- i > 3 ? s->uvlinesize :
s->linesize);
+if (put_signed)
+
s->idsp.put_signed_pixels_clamped(v->block[v->top_blk_idx][i],
+ i > 3 ? s->dest[i -
3] - 8 * s->uvlinesize : dest,
+ i > 3 ?
s->uvlinesize : s->linesize);
+else
+s->idsp.put_pixels_clamped(v->block[v->top_blk_idx][i],
+ i > 3 ? s->dest[i - 3] - 8
* s->uvlinesize : dest,
+ i > 3 ? s->uvlinesize :
s->linesize);
}
}
}
@@ -114,13 +124,18 @@ static void vc1_put_signed_blocks_clamped(VC1Context *v)
dest = s->dest[0] + ((i & 2) >> 1) * s->linesize + ((i
& 1) - 2) * 8;
else
dest = s->dest[0] + (i & 2) * 4 * s->linesize + ((i &
1) - 2) * 8;
-
s->idsp.put_signed_pixels_clamped(v->block[v->left_blk_idx][i],
- i > 3 ? s->dest[i - 3] -
8 : dest,
- i > 3 ? s->uvlinesize :
s->linesize << fieldtx);
+if (put_signed)
+
s->idsp.put_signed_pixels_clamped(v->block[v->left_blk_idx][i],
+ i > 3 ? s->dest[i -
3] - 8 : dest,
+ i > 3 ?
s->uvlinesize : s->linesize << fieldtx);
+else
+
s->idsp.put_pixels_clamped(v->block[v->left_blk_idx][i],
+ i > 3 ? s->dest[i - 3] - 8
: dest,
+ i > 3 ? s->uvlinesize :
s->linesize << fieldtx);
}
}
}
-if (s->mb_x == s->mb_width - 1) {
+if (s->mb_x == v->end_mb_x - 1) {
if (v->fcm == ILACE_FRAME)
fieldtx = v->fieldtx_plane[s->mb_y * s->mb_stride + s->mb_x];
for (i = 0; i < block_count; i++)
Re: [FFmpeg-devel] [PATCH 1/2] avcodec/vaapi: slice_vertical_position starts from zero for the second field
If there are no more issues or remarks with these two patches, could someone please commit them? Thanks! Regards, Jerome ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [GSOC] [PATCH] TensorFlow backend introduction for DNN module
Pushed. Thanks. 2018-06-07 12:29 GMT-03:00 Sergey Lavrushkin : > 2018-06-06 17:22 GMT+03:00 Pedro Arthur : >> >> Hi, >> >> 2018-06-05 20:23 GMT-03:00 Sergey Lavrushkin : >> > Here is the patch, that fixes described issues. >> When I try to run (video input), when tf is not enabled in configure it >> crashes. >> >> >> $ffmpeg -i in.mp4 -vf srcnn=dnn_backend=tensorflow out.mp4 >> >> ffmpeg version N-91232-g256386fd3e Copyright (c) 2000-2018 the FFmpeg >> developers >> built with gcc 7 (Ubuntu 7.3.0-16ubuntu3) >> configuration: >> libavutil 56. 18.102 / 56. 18.102 >> libavcodec 58. 19.105 / 58. 19.105 >> libavformat58. 17.100 / 58. 17.100 >> libavdevice58. 4.100 / 58. 4.100 >> libavfilter 7. 25.100 / 7. 25.100 >> libswscale 5. 2.100 / 5. 2.100 >> libswresample 3. 2.100 / 3. 2.100 >> Input #0, mov,mp4,m4a,3gp,3g2,mj2, from 'in.mp4': >> Metadata: >> major_brand : isom >> minor_version : 512 >> compatible_brands: isomiso2mp41 >> encoder : Lavf58.17.100 >> Duration: 00:06:13.70, start: 0.00, bitrate: 5912 kb/s >> Stream #0:0(und): Video: mpeg4 (Simple Profile) (mp4v / >> 0x7634706D), yuv420p, 1280x720 [SAR 1:1 DAR 16:9], 5777 kb/s, 29.97 >> fps, 29.97 tbr, 30k tbn, 30k tbc (default) >> Metadata: >> handler_name: VideoHandler >> Stream #0:1(und): Audio: aac (LC) (mp4a / 0x6134706D), 44100 Hz, >> stereo, fltp, 128 kb/s (default) >> Metadata: >> handler_name: SoundHandler >> Stream mapping: >> Stream #0:0 -> #0:0 (mpeg4 (native) -> mpeg4 (native)) >> Stream #0:1 -> #0:1 (aac (native) -> aac (native)) >> Press [q] to stop, [?] for help >> free(): invalid pointer >> Aborted (core dumped) >> >> >> >> When the output is an image, t does not crashes but neither fallback to >> native >> >> >> $ffmpeg -i in.jpg -vf srcnn=dnn_backend=tensorflow out.png >> >> ffmpeg version N-91232-g256386fd3e Copyright (c) 2000-2018 the FFmpeg >> developers >> built with gcc 7 (Ubuntu 7.3.0-16ubuntu3) >> configuration: >> libavutil 56. 18.102 / 56. 18.102 >> libavcodec 58. 19.105 / 58. 19.105 >> libavformat58. 17.100 / 58. 17.100 >> libavdevice58. 4.100 / 58. 4.100 >> libavfilter 7. 25.100 / 7. 25.100 >> libswscale 5. 2.100 / 5. 2.100 >> libswresample 3. 2.100 / 3. 2.100 >> Input #0, image2, from 'in.jpg': >> Duration: 00:00:00.04, start: 0.00, bitrate: 43469 kb/s >> Stream #0:0: Video: mjpeg, yuvj444p(pc, bt470bg/unknown/unknown), >> 1192x670 [SAR 1:1 DAR 596:335], 25 tbr, 25 tbn, 25 tbc >> Stream mapping: >> Stream #0:0 -> #0:0 (mjpeg (native) -> png (native)) >> Press [q] to stop, [?] for help >> [Parsed_srcnn_0 @ 0x557d3ea55980] could not create DNN module for >> requested backend >> [AVFilterGraph @ 0x557d3ea102c0] Error initializing filter 'srcnn' >> with args 'dnn_backend=tensorflow' >> Error reinitializing filters! >> Failed to inject frame into filter network: Cannot allocate memory >> Error while processing the decoded data for stream #0:0 >> Conversion failed! >> >> >> I think you could disable the tensorflow option if it is not enable in >> configure or fallback to native, either solution is ok for me. > > > I disabled tensorflow option when it is not configured with it. Here is the > updated patch. > I think, crash occurred due to improper call to av_freep for dnn_module. > Here is also the patch, that fixes this bug. > ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH] pixdesc: Only check against valid entries when iterating over lists of enums
Some of these enums have gaps in between their values, since they correspond
to the values in various specs, instead of being an incrementing list.
Fixes segfaults when, for example, using the valid API call:
av_color_primaries_from_name("jecdec-p22");
Signed-off-by: Derek Buitenhuis
---
libavutil/pixdesc.c | 35 ++-
1 file changed, 30 insertions(+), 5 deletions(-)
diff --git a/libavutil/pixdesc.c b/libavutil/pixdesc.c
index ff5c20d50e..f849222aa3 100644
--- a/libavutil/pixdesc.c
+++ b/libavutil/pixdesc.c
@@ -2718,7 +2718,12 @@ int av_color_range_from_name(const char *name)
int i;
for (i = 0; i < FF_ARRAY_ELEMS(color_range_names); i++) {
-size_t len = strlen(color_range_names[i]);
+size_t len;
+
+if (!color_range_names[i])
+continue;
+
+len = strlen(color_range_names[i]);
if (!strncmp(color_range_names[i], name, len))
return i;
}
@@ -2737,7 +2742,12 @@ int av_color_primaries_from_name(const char *name)
int i;
for (i = 0; i < FF_ARRAY_ELEMS(color_primaries_names); i++) {
-size_t len = strlen(color_primaries_names[i]);
+size_t len;
+
+if (!color_primaries_names[i])
+continue;
+
+len = strlen(color_primaries_names[i]);
if (!strncmp(color_primaries_names[i], name, len))
return i;
}
@@ -2756,7 +2766,12 @@ int av_color_transfer_from_name(const char *name)
int i;
for (i = 0; i < FF_ARRAY_ELEMS(color_transfer_names); i++) {
-size_t len = strlen(color_transfer_names[i]);
+size_t len;
+
+if (!color_transfer_names[i])
+continue;
+
+len = strlen(color_transfer_names[i]);
if (!strncmp(color_transfer_names[i], name, len))
return i;
}
@@ -2775,7 +2790,12 @@ int av_color_space_from_name(const char *name)
int i;
for (i = 0; i < FF_ARRAY_ELEMS(color_space_names); i++) {
-size_t len = strlen(color_space_names[i]);
+size_t len;
+
+if (!color_space_names[i])
+continue;
+
+len = strlen(color_space_names[i]);
if (!strncmp(color_space_names[i], name, len))
return i;
}
@@ -2794,7 +2814,12 @@ int av_chroma_location_from_name(const char *name)
int i;
for (i = 0; i < FF_ARRAY_ELEMS(chroma_location_names); i++) {
-size_t len = strlen(chroma_location_names[i]);
+size_t len;
+
+if (!chroma_location_names[i])
+continue;
+
+len = strlen(chroma_location_names[i]);
if (!strncmp(chroma_location_names[i], name, len))
return i;
}
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH] avfilter/dnn_backend_native: fix leaks in error paths
Fixes CID #1435888
---
libavfilter/dnn_backend_native.c | 4
1 file changed, 4 insertions(+)
diff --git a/libavfilter/dnn_backend_native.c b/libavfilter/dnn_backend_native.c
index 6e80dd3663..e0a9ec5003 100644
--- a/libavfilter/dnn_backend_native.c
+++ b/libavfilter/dnn_backend_native.c
@@ -172,6 +172,7 @@ DNNModel* ff_dnn_load_model_native(const char*
model_filename)
conv_params->output_num <= 0 || conv_params->kernel_size <= 0){
avio_closep(&model_file_context);
ff_dnn_free_model_native(&model);
+av_freep(&conv_params);
return NULL;
}
conv_params->kernel = av_malloc(kernel_size * sizeof(float));
@@ -179,6 +180,9 @@ DNNModel* ff_dnn_load_model_native(const char*
model_filename)
if (!conv_params->kernel || !conv_params->biases){
avio_closep(&model_file_context);
ff_dnn_free_model_native(&model);
+av_freep(&conv_params->kernel);
+av_freep(&conv_params->biases);
+av_freep(&conv_params);
return NULL;
}
for (i = 0; i < kernel_size; ++i){
--
2.17.0
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 5/6] avcodec/avcodec.h: add AV_CODEC_ID_TIMED_TEXT_MARKUP
On Tue, 5 Jun 2018, Tomas Härdin wrote:
tor 2018-05-31 klockan 02:05 +0200 skrev Marton Balint:
> Signed-off-by: Marton Balint
---
libavcodec/avcodec.h| 1 +
libavcodec/codec_desc.c | 8
libavcodec/version.h| 2 +-
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/libavcodec/avcodec.h b/libavcodec/avcodec.h
index fb0c6fae70..91ccef538e 100644
--- a/libavcodec/avcodec.h
+++ b/libavcodec/avcodec.h
@@ -665,6 +665,7 @@ enum AVCodecID {
AV_CODEC_ID_PJS,
AV_CODEC_ID_ASS,
AV_CODEC_ID_HDMV_TEXT_SUBTITLE,
+AV_CODEC_ID_TIMED_TEXT_MARKUP,
[...]
#define LIBAVCODEC_VERSION_MAJOR 58
#define LIBAVCODEC_VERSION_MINOR 19
-#define LIBAVCODEC_VERSION_MICRO 104
+#define LIBAVCODEC_VERSION_MICRO 105
Adding CODEC_IDs needs a minor version bump, not micro
Pushed the whole set with a minor bump, and I renamed the codec id to
AV_CODEC_ID_TTML as requested.
Thanks for all the comments and reviews. Another batch of mxf patches are
on the way... :)
Regards,
Marton
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Fix overflow in recovery_frame computation
Fixes: signed integer overflow: 15 + 2147483646 cannot be represented in type
'int'
Fixes:
8381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6225533137321984
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavcodec/h264_sei.c | 12 +---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c
index 9defcb80b9..2f16d95f56 100644
--- a/libavcodec/h264_sei.c
+++ b/libavcodec/h264_sei.c
@@ -261,10 +261,16 @@ static int
decode_unregistered_user_data(H264SEIUnregistered *h, GetBitContext *
return 0;
}
-static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext *gb)
+static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext *gb,
void *logctx)
{
-h->recovery_frame_cnt = get_ue_golomb_long(gb);
+unsigned recovery_frame_cnt = get_ue_golomb_long(gb);
+if (recovery_frame_cnt > (1<<16)) {
+av_log(logctx, AV_LOG_ERROR, "recovery_frame_cnt %d is out of
range\n", recovery_frame_cnt);
+return AVERROR_INVALIDDATA;
+}
+
+h->recovery_frame_cnt = recovery_frame_cnt;
/* 1b exact_match_flag,
* 1b broken_link_flag,
* 2b changing_slice_group_idc */
@@ -429,7 +435,7 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext *gb,
ret = decode_unregistered_user_data(&h->unregistered, gb, logctx,
size);
break;
case H264_SEI_TYPE_RECOVERY_POINT:
-ret = decode_recovery_point(&h->recovery_point, gb);
+ret = decode_recovery_point(&h->recovery_point, gb, logctx);
break;
case H264_SEI_TYPE_BUFFERING_PERIOD:
ret = decode_buffering_period(&h->buffering_period, gb, ps,
logctx);
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH 3/4] avcodec/h264_mc_template: Only prefetch motion if the list is used.
Fixes: index 59 out of bounds for type 'H264Ref [48]'
Fixes:
8232/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5703295145345024
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavcodec/h264_mc_template.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/h264_mc_template.c b/libavcodec/h264_mc_template.c
index 58c05044c1..d02e2bf580 100644
--- a/libavcodec/h264_mc_template.c
+++ b/libavcodec/h264_mc_template.c
@@ -78,7 +78,8 @@ static void MCFUNC(hl_motion)(const H264Context *h,
H264SliceContext *sl,
if (HAVE_THREADS && (h->avctx->active_thread_type & FF_THREAD_FRAME))
await_references(h, sl);
-prefetch_motion(h, sl, 0, PIXEL_SHIFT, CHROMA_IDC);
+if (USES_LIST(mb_type, 0))
+prefetch_motion(h, sl, 0, PIXEL_SHIFT, CHROMA_IDC);
if (IS_16X16(mb_type)) {
mc_part(h, sl, 0, 1, 16, 0, dest_y, dest_cb, dest_cr, 0, 0,
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH 1/4] avcodec/wavpack: Fix overflow in adding tail
Fixes: signed integer overflow: 2146907204 + 26846088 cannot be represented in
type 'int'
Fixes:
8105/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-6233036682166272
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavcodec/wavpack.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index 22a2c83a30..8306ec020f 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -85,7 +85,7 @@ typedef struct WavpackContext {
#define LEVEL_DECAY(a) (((a) + 0x80) >> 8)
-static av_always_inline int get_tail(GetBitContext *gb, int k)
+static av_always_inline unsigned get_tail(GetBitContext *gb, int k)
{
int p, e, res;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH 2/4] avcodec/xwddec: Use ff_set_dimensions()
Fixes: OOM Fixes: 8178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XWD_fuzzer-4844793342459904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavcodec/xwddec.c | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libavcodec/xwddec.c b/libavcodec/xwddec.c index 592c98dd4e..8c4358fd4c 100644 --- a/libavcodec/xwddec.c +++ b/libavcodec/xwddec.c @@ -39,6 +39,7 @@ static int xwd_decode_frame(AVCodecContext *avctx, void *data, uint32_t pixformat, pixdepth, bunit, bitorder, bpad; uint32_t rgb[3]; uint8_t *ptr; +int width, height; GetByteContext gb; if (buf_size < XWD_HEADER_SIZE) @@ -60,8 +61,8 @@ static int xwd_decode_frame(AVCodecContext *avctx, void *data, pixformat = bytestream2_get_be32u(&gb); pixdepth = bytestream2_get_be32u(&gb); -avctx->width = bytestream2_get_be32u(&gb); -avctx->height = bytestream2_get_be32u(&gb); +width = bytestream2_get_be32u(&gb); +height= bytestream2_get_be32u(&gb); xoffset = bytestream2_get_be32u(&gb); be= bytestream2_get_be32u(&gb); bunit = bytestream2_get_be32u(&gb); @@ -77,6 +78,9 @@ static int xwd_decode_frame(AVCodecContext *avctx, void *data, ncolors = bytestream2_get_be32u(&gb); bytestream2_skipu(&gb, header_size - (XWD_HEADER_SIZE - 20)); +if ((ret = ff_set_dimensions(avctx, width, height)) < 0) +return ret; + av_log(avctx, AV_LOG_DEBUG, "pixformat %"PRIu32", pixdepth %"PRIu32", bunit %"PRIu32", bitorder %"PRIu32", bpad %"PRIu32"\n", pixformat, pixdepth, bunit, bitorder, bpad); -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH v2 29/36] h264_metadata: Add option to set the level of the stream
On Fri, Jun 08, 2018 at 12:43:24AM +0100, Mark Thompson wrote: > --- > doc/bitstream_filters.texi | 9 + > libavcodec/h264_metadata_bsf.c | 90 > ++ > 2 files changed, 99 insertions(+) this breaks the mingw64 build LD ffmpeg_g.exe libavcodec/libavcodec.a(h264_metadata_bsf.o): In function `h264_metadata_update_sps': mingw64/src/libavcodec/h264_metadata_bsf.c:243: undefined reference to `ff_h264_guess_level' mingw64/src/libavcodec/h264_metadata_bsf.c:243:(.text+0x36c): relocation truncated to fit: R_X86_64_PC32 against undefined symbol `ff_h264_guess_level' collect2: error: ld returned 1 exit status make: *** [ffmpeg_g.exe] Error 1 [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB You can kill me, but you cannot change the truth. signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Fix overflow in recovery_frame computation
On 6/8/2018 7:11 PM, Michael Niedermayer wrote:
> Fixes: signed integer overflow: 15 + 2147483646 cannot be represented in type
> 'int'
> Fixes:
> 8381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6225533137321984
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer
> ---
> libavcodec/h264_sei.c | 12 +---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c
> index 9defcb80b9..2f16d95f56 100644
> --- a/libavcodec/h264_sei.c
> +++ b/libavcodec/h264_sei.c
> @@ -261,10 +261,16 @@ static int
> decode_unregistered_user_data(H264SEIUnregistered *h, GetBitContext *
> return 0;
> }
>
> -static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext *gb)
> +static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext *gb,
> void *logctx)
> {
> -h->recovery_frame_cnt = get_ue_golomb_long(gb);
> +unsigned recovery_frame_cnt = get_ue_golomb_long(gb);
>
> +if (recovery_frame_cnt > (1<<16)) {
Maybe move MAX_LOG2_MAX_FRAME_NUM out of h264_ps.c and into h264_ps.h,
then use it here?
> +av_log(logctx, AV_LOG_ERROR, "recovery_frame_cnt %d is out of
> range\n", recovery_frame_cnt);
It's unsigned, so %u. Some pedantic compilers (Like djgpp) may complain
or downright fail otherwise.
> +return AVERROR_INVALIDDATA;
> +}
> +
> +h->recovery_frame_cnt = recovery_frame_cnt;
> /* 1b exact_match_flag,
> * 1b broken_link_flag,
> * 2b changing_slice_group_idc */
> @@ -429,7 +435,7 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext
> *gb,
> ret = decode_unregistered_user_data(&h->unregistered, gb,
> logctx, size);
> break;
> case H264_SEI_TYPE_RECOVERY_POINT:
> -ret = decode_recovery_point(&h->recovery_point, gb);
> +ret = decode_recovery_point(&h->recovery_point, gb, logctx);
> break;
> case H264_SEI_TYPE_BUFFERING_PERIOD:
> ret = decode_buffering_period(&h->buffering_period, gb, ps,
> logctx);
>
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
[FFmpeg-devel] [PATCH] libavfilter/boxblur_opencl filter.
---
Thanks, fixed.
libavfilter/Makefile| 4 +-
libavfilter/allfilters.c| 1 +
libavfilter/boxblur.c | 105 +
libavfilter/boxblur.h | 66 +
libavfilter/vf_avgblur_opencl.c | 320 +++-
libavfilter/vf_boxblur.c| 113 ++
6 files changed, 404 insertions(+), 205 deletions(-)
create mode 100644 libavfilter/boxblur.c
create mode 100644 libavfilter/boxblur.h
diff --git a/libavfilter/Makefile b/libavfilter/Makefile
index c68ef05..067210f 100644
--- a/libavfilter/Makefile
+++ b/libavfilter/Makefile
@@ -152,7 +152,9 @@ OBJS-$(CONFIG_BITPLANENOISE_FILTER) +=
vf_bitplanenoise.o
OBJS-$(CONFIG_BLACKDETECT_FILTER)+= vf_blackdetect.o
OBJS-$(CONFIG_BLACKFRAME_FILTER) += vf_blackframe.o
OBJS-$(CONFIG_BLEND_FILTER) += vf_blend.o framesync.o
-OBJS-$(CONFIG_BOXBLUR_FILTER)+= vf_boxblur.o
+OBJS-$(CONFIG_BOXBLUR_FILTER)+= vf_boxblur.o boxblur.o
+OBJS-$(CONFIG_BOXBLUR_OPENCL_FILTER) += vf_avgblur_opencl.o opencl.o \
+opencl/avgblur.o boxblur.o
OBJS-$(CONFIG_BWDIF_FILTER) += vf_bwdif.o
OBJS-$(CONFIG_CHROMAKEY_FILTER) += vf_chromakey.o
OBJS-$(CONFIG_CIESCOPE_FILTER) += vf_ciescope.o
diff --git a/libavfilter/allfilters.c b/libavfilter/allfilters.c
index b44093d..97d92a0 100644
--- a/libavfilter/allfilters.c
+++ b/libavfilter/allfilters.c
@@ -146,6 +146,7 @@ extern AVFilter ff_vf_blackdetect;
extern AVFilter ff_vf_blackframe;
extern AVFilter ff_vf_blend;
extern AVFilter ff_vf_boxblur;
+extern AVFilter ff_vf_boxblur_opencl;
extern AVFilter ff_vf_bwdif;
extern AVFilter ff_vf_chromakey;
extern AVFilter ff_vf_ciescope;
diff --git a/libavfilter/boxblur.c b/libavfilter/boxblur.c
new file mode 100644
index 000..1d4895e
--- /dev/null
+++ b/libavfilter/boxblur.c
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 2018 Danil Iashchenko
+ *
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "boxblur.h"
+
+
+int ff_boxblur_eval_filter_params(AVFilterLink *inlink,
+ FilterParam *luma_param,
+ FilterParam *chroma_param,
+ FilterParam *alpha_param)
+{
+const AVPixFmtDescriptor *desc = av_pix_fmt_desc_get(inlink->format);
+AVFilterContext *ctx = inlink->dst;
+int w = inlink->w, h = inlink->h;
+int cw, ch;
+double var_values[VARS_NB], res;
+char *expr;
+int ret;
+
+if (!luma_param->radius_expr) {
+av_log(ctx, AV_LOG_ERROR, "Luma radius expression is not set.\n");
+return AVERROR(EINVAL);
+}
+
+/* fill missing params */
+if (!chroma_param->radius_expr) {
+chroma_param->radius_expr = av_strdup(luma_param->radius_expr);
+if (!chroma_param->radius_expr)
+return AVERROR(ENOMEM);
+}
+if (chroma_param->power < 0)
+chroma_param->power = luma_param->power;
+
+if (!alpha_param->radius_expr) {
+alpha_param->radius_expr = av_strdup(luma_param->radius_expr);
+if (!alpha_param->radius_expr)
+return AVERROR(ENOMEM);
+}
+if (alpha_param->power < 0)
+alpha_param->power = luma_param->power;
+
+var_values[VAR_W] = inlink->w;
+var_values[VAR_H] = inlink->h;
+var_values[VAR_CW] = cw = w>>(desc->log2_chroma_w);
+var_values[VAR_CH] = ch = h>>(desc->log2_chroma_h);
+var_values[VAR_HSUB]= 1<<(desc->log2_chroma_w);
+var_values[VAR_VSUB]= 1<<(desc->log2_chroma_h);
+
+#define EVAL_RADIUS_EXPR(comp) \
+expr = comp->radius_expr; \
+ret = av_expr_parse_and_eval(&res, expr, var_names, var_values, \
+ NULL, NULL, NULL, NULL, NULL, 0, ctx); \
+comp->radius = res; \
+if (ret < 0) { \
+av_log(NULL, AV_LOG_ERROR, \
+ "Error when evaluating " #comp " radius expression '%s'\n",
expr);
Re: [FFmpeg-devel] [PATCH 2/5] avutil/hwcontext_cuda: add CUstream in cuda hwctx
On 5/9/2018 5:49 AM, Timo Rothenpieler wrote:
> On 08.05.2018 23:00, James Almer wrote:
>> On 5/8/2018 3:36 PM, Timo Rothenpieler wrote:
>>> ---
>>> configure | 6 --
>>> doc/APIchanges | 3 +++
>>> libavutil/hwcontext_cuda.c | 3 +++
>>> libavutil/hwcontext_cuda.h | 1 +
>>> libavutil/version.h| 2 +-
>>> 5 files changed, 12 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/configure b/configure
>>> index 6626111ff2..9743de05d0 100755
>>> --- a/configure
>>> +++ b/configure
>>> @@ -5887,8 +5887,10 @@ check_type "va/va.h va/va_enc_vp9.h"
>>> "VAEncPictureParameterBufferVP9"
>>> check_type "vdpau/vdpau.h" "VdpPictureInfoHEVC"
>>>
>>> if ! disabled ffnvcodec; then
>>> -check_pkg_config ffnvcodec "ffnvcodec >= 8.0.14.1" \
>>> -"ffnvcodec/nvEncodeAPI.h ffnvcodec/dynlink_cuda.h
>>> ffnvcodec/dynlink_cuviddec.h ffnvcodec/dynlink_nvcuvid.h" ""
>>> +check_pkg_config ffnvcodec "ffnvcodec >= 8.1.24.2" \
>>> + "ffnvcodec/nvEncodeAPI.h ffnvcodec/dynlink_cuda.h
>>> ffnvcodec/dynlink_cuviddec.h ffnvcodec/dynlink_nvcuvid.h" "" || \
>>> +{ test_pkg_config ffnvcodec_tmp "ffnvcodec < 8.1" "" "" &&
>>> check_pkg_config ffnvcodec "ffnvcodec >= 8.0.14.2" \
>>> + "ffnvcodec/nvEncodeAPI.h ffnvcodec/dynlink_cuda.h
>>> ffnvcodec/dynlink_cuviddec.h ffnvcodec/dynlink_nvcuvid.h" ""; }
>>
>> ffnvcodec_tmp?
>
> I haven't found a more elegant way to do this.
> Basically, the version requirement is
>
> ffnvcodec >= 8.1.24.2 || (ffnvcodec < 8.1 && ffnvcodec >= 8.0.14.2)
>
> As < 8.1 would also match 8.0.14.1, it must not enable ffnvcodec, which
> is why i appended the _tmp.
>
> pkg-config does not seem able to evaluate such complex version checks,
> and there is no lower level function than test_pkg_config.
Completely missed this reply, sorry about that.
The above check can be done with two calls to check_pkg_config(). You
can't do logical or as far as i know, but logical and is implied if you
pass two conditions.
So if what you want is any 8.1 version as long as its higher than
8.1.24.1, or as fallback any 8.0 version as long as it's higher than
8.0.14.1, you'd do
check_pkg_config ffnvcodec "ffnvcodec >= 8.1.24.2" \
"ffnvcodec/nvEncodeAPI.h ffnvcodec/dynlink_cuda.h \
ffnvcodec/dynlink_cuviddec.h ffnvcodec/dynlink_nvcuvid.h" "" ||
check_pkg_config ffnvcodec "ffnvcodec >= 8.0.14.2 ffnvcodec < 8.1" \
"ffnvcodec/nvEncodeAPI.h ffnvcodec/dynlink_cuda.h \
ffnvcodec/dynlink_cuviddec.h ffnvcodec/dynlink_nvcuvid.h" ""
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Fix overflow in recovery_frame computation
On 6/8/2018 8:12 PM, James Almer wrote:
> On 6/8/2018 7:11 PM, Michael Niedermayer wrote:
>> Fixes: signed integer overflow: 15 + 2147483646 cannot be represented in
>> type 'int'
>> Fixes:
>> 8381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6225533137321984
>>
>> Found-by: continuous fuzzing process
>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>> Signed-off-by: Michael Niedermayer
>> ---
>> libavcodec/h264_sei.c | 12 +---
>> 1 file changed, 9 insertions(+), 3 deletions(-)
>>
>> diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c
>> index 9defcb80b9..2f16d95f56 100644
>> --- a/libavcodec/h264_sei.c
>> +++ b/libavcodec/h264_sei.c
>> @@ -261,10 +261,16 @@ static int
>> decode_unregistered_user_data(H264SEIUnregistered *h, GetBitContext *
>> return 0;
>> }
>>
>> -static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext *gb)
>> +static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext
>> *gb, void *logctx)
>> {
>> -h->recovery_frame_cnt = get_ue_golomb_long(gb);
>> +unsigned recovery_frame_cnt = get_ue_golomb_long(gb);
>>
>> +if (recovery_frame_cnt > (1<<16)) {
>
> Maybe move MAX_LOG2_MAX_FRAME_NUM out of h264_ps.c and into h264_ps.h,
> then use it here?
And it should be "(1 << MAX_LOG2_MAX_FRAME_NUM) - 1", for that matter.
Or alternatively use sps->log2_max_frame_num from the active sps instead.
>
>> +av_log(logctx, AV_LOG_ERROR, "recovery_frame_cnt %d is out of
>> range\n", recovery_frame_cnt);
>
> It's unsigned, so %u. Some pedantic compilers (Like djgpp) may complain
> or downright fail otherwise.
>
>> +return AVERROR_INVALIDDATA;
>> +}
>> +
>> +h->recovery_frame_cnt = recovery_frame_cnt;
>> /* 1b exact_match_flag,
>> * 1b broken_link_flag,
>> * 2b changing_slice_group_idc */
>> @@ -429,7 +435,7 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext
>> *gb,
>> ret = decode_unregistered_user_data(&h->unregistered, gb,
>> logctx, size);
>> break;
>> case H264_SEI_TYPE_RECOVERY_POINT:
>> -ret = decode_recovery_point(&h->recovery_point, gb);
>> +ret = decode_recovery_point(&h->recovery_point, gb, logctx);
>> break;
>> case H264_SEI_TYPE_BUFFERING_PERIOD:
>> ret = decode_buffering_period(&h->buffering_period, gb, ps,
>> logctx);
>>
>
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Fix overflow in recovery_frame computation
On 6/8/2018 11:23 PM, James Almer wrote:
> On 6/8/2018 8:12 PM, James Almer wrote:
>> On 6/8/2018 7:11 PM, Michael Niedermayer wrote:
>>> Fixes: signed integer overflow: 15 + 2147483646 cannot be represented in
>>> type 'int'
>>> Fixes:
>>> 8381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6225533137321984
>>>
>>> Found-by: continuous fuzzing process
>>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>>> Signed-off-by: Michael Niedermayer
>>> ---
>>> libavcodec/h264_sei.c | 12 +---
>>> 1 file changed, 9 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c
>>> index 9defcb80b9..2f16d95f56 100644
>>> --- a/libavcodec/h264_sei.c
>>> +++ b/libavcodec/h264_sei.c
>>> @@ -261,10 +261,16 @@ static int
>>> decode_unregistered_user_data(H264SEIUnregistered *h, GetBitContext *
>>> return 0;
>>> }
>>>
>>> -static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext
>>> *gb)
>>> +static int decode_recovery_point(H264SEIRecoveryPoint *h, GetBitContext
>>> *gb, void *logctx)
>>> {
>>> -h->recovery_frame_cnt = get_ue_golomb_long(gb);
>>> +unsigned recovery_frame_cnt = get_ue_golomb_long(gb);
>>>
>>> +if (recovery_frame_cnt > (1<<16)) {
>>
>> Maybe move MAX_LOG2_MAX_FRAME_NUM out of h264_ps.c and into h264_ps.h,
>> then use it here?
>
> And it should be "(1 << MAX_LOG2_MAX_FRAME_NUM) - 1", for that matter.
> Or alternatively use sps->log2_max_frame_num from the active sps instead.
Or maybe not. Guess this is already handled by h264_slice.c, so probably
just use the aforementioned constant.
>
>>
>>> +av_log(logctx, AV_LOG_ERROR, "recovery_frame_cnt %d is out of
>>> range\n", recovery_frame_cnt);
>>
>> It's unsigned, so %u. Some pedantic compilers (Like djgpp) may complain
>> or downright fail otherwise.
>>
>>> +return AVERROR_INVALIDDATA;
>>> +}
>>> +
>>> +h->recovery_frame_cnt = recovery_frame_cnt;
>>> /* 1b exact_match_flag,
>>> * 1b broken_link_flag,
>>> * 2b changing_slice_group_idc */
>>> @@ -429,7 +435,7 @@ int ff_h264_sei_decode(H264SEIContext *h, GetBitContext
>>> *gb,
>>> ret = decode_unregistered_user_data(&h->unregistered, gb,
>>> logctx, size);
>>> break;
>>> case H264_SEI_TYPE_RECOVERY_POINT:
>>> -ret = decode_recovery_point(&h->recovery_point, gb);
>>> +ret = decode_recovery_point(&h->recovery_point, gb, logctx);
>>> break;
>>> case H264_SEI_TYPE_BUFFERING_PERIOD:
>>> ret = decode_buffering_period(&h->buffering_period, gb, ps,
>>> logctx);
>>>
>>
>
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
Re: [FFmpeg-devel] [PATCH 2/4] avcodec/xwddec: Use ff_set_dimensions()
On 6/9/18, Michael Niedermayer wrote: > Fixes: OOM > Fixes: > 8178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XWD_fuzzer-4844793342459904 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavcodec/xwddec.c | 8 ++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/libavcodec/xwddec.c b/libavcodec/xwddec.c > index 592c98dd4e..8c4358fd4c 100644 > --- a/libavcodec/xwddec.c > +++ b/libavcodec/xwddec.c > @@ -39,6 +39,7 @@ static int xwd_decode_frame(AVCodecContext *avctx, void > *data, > uint32_t pixformat, pixdepth, bunit, bitorder, bpad; > uint32_t rgb[3]; > uint8_t *ptr; > +int width, height; > GetByteContext gb; > > if (buf_size < XWD_HEADER_SIZE) > @@ -60,8 +61,8 @@ static int xwd_decode_frame(AVCodecContext *avctx, void > *data, > > pixformat = bytestream2_get_be32u(&gb); > pixdepth = bytestream2_get_be32u(&gb); > -avctx->width = bytestream2_get_be32u(&gb); > -avctx->height = bytestream2_get_be32u(&gb); > +width = bytestream2_get_be32u(&gb); > +height= bytestream2_get_be32u(&gb); > xoffset = bytestream2_get_be32u(&gb); > be= bytestream2_get_be32u(&gb); > bunit = bytestream2_get_be32u(&gb); > @@ -77,6 +78,9 @@ static int xwd_decode_frame(AVCodecContext *avctx, void > *data, > ncolors = bytestream2_get_be32u(&gb); > bytestream2_skipu(&gb, header_size - (XWD_HEADER_SIZE - 20)); > > +if ((ret = ff_set_dimensions(avctx, width, height)) < 0) > +return ret; > + > av_log(avctx, AV_LOG_DEBUG, > "pixformat %"PRIu32", pixdepth %"PRIu32", bunit %"PRIu32", > bitorder %"PRIu32", bpad %"PRIu32"\n", > pixformat, pixdepth, bunit, bitorder, bpad); > -- > 2.17.1 > > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel > lgtm ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
