avcodec/hevc_cabac: Limit value in coeff_abs_level_remaining_decode() tighter
The max depth is 16bps, the max allowed coefficient depth is depth+6 Fixes: signed integer overflow: 1074266112 + 1073725439 cannot be represented in type 'int' Fixes: 26493/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5657763331702784 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/cafdec: Check that bytes_per_packet and frames_per_packet are non negative
These fields are not signed in the spec (1.0) so they cannot be negative
Changing bytes_per_packet to unsigned would not solve this as it is exported
as block_align which is signed
Fixes: Infinite loop Fixes: 26492/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5632087614554112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Sat, 28 Nov 2020 20:59:14 +0000 (21:59 +0100)]
avfilter/af_asubboost: make wet option apply to final output
Also changes some default values for options after this change.
This makes distinction between feedback and wet option.
Before they would produce same output if values were swapped.
Andriy Gelman [Fri, 27 Nov 2020 00:37:21 +0000 (19:37 -0500)]
avformat/rtspdec: fix potential mem leak in listen mode
Currently a repeating setup request (with the same stream id) will
simply overwrite rtp_handle/transport_priv without freeing the
resources first. This is fixed by closing the previous setup request.
Reviewed-by: Martin Storsjö <martin@martin.st> Signed-off-by: Andriy Gelman <andriy.gelman@gmail.com>
avcodec/utils: Require a non zero channels unless AV_CODEC_CAP_CHANNEL_CONF is set
This avoids per codec checks for channels not being 0
Fixes: division by 0 Fixes: 25419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-5632544761184256 Fixes: 25433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FASTAUDIO_fuzzer-6215671900536832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Suggested-by: Paul B Mahol <onemda@gmail.com>
See: [FFmpeg-devel] [PATCH 1/3] avcodec/fastaudio: Check channel Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Anton Khirnov [Fri, 22 May 2020 13:59:46 +0000 (15:59 +0200)]
avcodec: deprecate thread_safe_callbacks
They add considerable complexity to frame-threading implementation,
which includes an unavoidably leaking error path, while the advantages
of this option to the users are highly dubious.
It should be always possible and desirable for the callers to make their
get_buffer2() implementation thread-safe, so deprecate this option.
avformat/mpc8: correct integer overflow in mpc8_parse_seektable()
Fixes: signed integer overflow: -4683718486770919638 * 2 cannot be represented in type 'long' Fixes: 26704/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6327056939614208 Fixes: 27550/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6259212652642304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of 65536 by 15 places cannot be represented in type 'int' Fixes: 26801/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-5164313092030464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/flacenc: Fix memleak when writing attached pictures fails
The FLAC muxer currently stores an attached picture corresponding to an
AVStream in AVStream.priv_data. The AVPacket contained therein is
unreferenced after it has been written. The AVPacket structure itself is
then freed generically as AVStream.priv_data.
And this can lead to memleaks if an attached picture is not written:
It might be because the trailer is never written or because writing
a previous attached picture failed in case error_recognition is set
to explode.
Therefore free the packets properly (i.e. with av_packet_free())
in the muxer's deinit function.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Niklas Haas [Wed, 25 Nov 2020 11:50:33 +0000 (12:50 +0100)]
hwcontext_vulkan: optionally enable more functionality
These two extensions and two features are both optionally used by
libplacebo to speed up rendering, so it makes sense for libavutil to
automatically enable them as well.
Lynne [Tue, 24 Nov 2020 23:20:06 +0000 (00:20 +0100)]
hwcontext_vulkan: always attempt to map host memory when transferring
This relies on the fact that host memory is always going to be required
to be aligned to the platform's page size, which means we can adjust
the pointers when we map them to buffers and therefore skip an entire
copy. This has already had extensive testing in libplacebo without
problems, so its safe to use here as well.
Speeds up downloads and uploads on platforms which do not pool their
memory hugely, but less so on platforms that do.
We can pool the buffers ourselves, but that can come as a later patch
if necessary.
Lynne [Sun, 22 Nov 2020 22:08:33 +0000 (23:08 +0100)]
lavfi/vulkan: allow calling glslang_uninit without a prior init
Allows us to uninit cleanly.
This assert was also somewhat pointless as we assert every other
function, so another assert would be triggered long before this
one is.
Lynne [Thu, 12 Nov 2020 11:48:20 +0000 (12:48 +0100)]
libdav1d: use film grain export flag to export AVFilmGrainParams side data
This patch is relatively straightforward with one exception:
the decoder option flag.
The option was introduced to troubleshoot but its existence is conflicting
and redundant now that we have a codec-generic flag.
Hence this patch deprecates it.
The way it interacts with AV_CODEC_EXPORT_DATA_FILM_GRAIN is as follows:
If filmgrain is unset and AV_CODEC_EXPORT_DATA_FILM_GRAIN is
present, disable film grain application and export side data.
If filmgrain is set to 0, disable film grain and export side data.
If filmgrain is set to 1, apply film grain but export side data if
the AV_CODEC_EXPORT_DATA_FILM_GRAIN flag is set. This may result in
double film grain application, but the user has requested it by setting
both.
avcodec/mpeg12enc: Always initialize MPEG-2 intra VLC table lengths
The MPEG-1/2 encoders initialize several tables once during the first
time one of the encoders is initialized; the table for MPEG-2 intra VLC
lengths is only initialized if it is used for this encoder instance.
This implies that if the first MPEG-1/2 encoder to be initialized does
not use it, it will never be initialized even if a later encoder
instance makes use of them. Fix this by initializing this table
unconditionally.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Musee Ullah [Mon, 23 Nov 2020 19:52:01 +0000 (13:52 -0600)]
avfilter/vf_xfade: ensure metadata is copied to transition frames
I was having an issue where, using a filter chain of xfade -> ass, the
colors on the subtitles were incorrect only on the frames where xfade
was being used. This resolves that issue for me.