ff_scale_eval_dimensions blindly assumes that two inputs are always
available as of 3385989b98be7940044e4f0a6b431a0a00abf2fa. This is
notably not the case when the function is called for the scale
filter. With the scale filter inputs[1] does not exist.
ff_scale_eval_dimensions now has an updated scale2ref check that
makes certain two inputs are actually available before attempting to
access the second one.
Thanks to James Almer for reporting this bug. This should fix the 820
Valgrind tests I single-handedly managed to break.
Signed-off-by: Kevin Mark <kmark937@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Shivraj Patil [Thu, 1 Jun 2017 08:37:19 +0000 (14:07 +0530)]
Disable MSA optimization for big endian arch
The current upstreamed code has been written and tested for Little Endian systems.
We do have plans to add the Big Endian support in near future, but till that time, need to disable all to avoid its usage and failures.
Signed-off-by: Shivraj Patil <shivraj.patil@imgtec.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Ganapathy Kasi [Wed, 31 May 2017 02:03:14 +0000 (19:03 -0700)]
avcodec/nvenc: fix hw accelerated transcode with bframes
hw accelerated transcode (h264_cuvid -> h264_nvenc with -hwaccel cuvid) was
broken after the filtergraph initialization was changed to intialize decoder
first followed by encoder (commit af1761f7b5b1b72197dc40934953b775c2d951cc).
During initialzing encoder with bframes, local buffers are allocated
internally in encoder which fails since no cuda context is available. Now
pushing the correct cuda context before encoder initialization fixes the issue.
Also adding push/pop cuda ctx during create/destroy/map/unmap resources and
destroy encoder session.
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Kevin Mark [Tue, 30 May 2017 17:34:29 +0000 (13:34 -0400)]
libavfilter/scale2ref: Add constants for the primary input
Variables pertaining to the main video are now available when
using the scale2ref filter. This allows, as an example, scaling a
video with another as a reference point while maintaining the
original aspect ratio of the primary/non-reference video.
Consider the following graph: scale2ref=iw/6:-1 [main][ref]
This will scale [main] to 1/6 the width of [ref] while maintaining
the aspect ratio. This works well when the AR of [ref] is equal to
the AR of [main] only. What the above filter really does is
maintain the AR of [ref] when scaling [main]. So in all non-same-AR
situations [main] will appear stretched or compressed to conform to
the same AR of the reference video. Without doing this calculation
externally there is no way to scale in reference to another input
while maintaining AR in libavfilter.
To make this possible, we introduce eight new constants to be used
in the w and h expressions only in the scale2ref filter:
* main_w/main_h: width/height of the main input video
* main_a: aspect ratio of the main input video
* main_sar: sample aspect ratio of the main input video
* main_dar: display aspect ratio of the main input video
* main_hsub/main_vsub: horiz/vert chroma subsample vals of main
* mdar: a shorthand alias of main_dar
Of course, not all of these constants are needed for maintaining the
AR, but adding additional constants in line of what is available for
in/out allows for other scaling possibilities I have not imagined.
So to now scale a video to 1/6 the size of another video using the
width and maintaining its own aspect ratio you can do this:
scale2ref=iw/6:ow/mdar [main][ref]
This is ideal for picture-in-picture configurations where you could
have a square or 4:3 video overlaid on a corner of a larger 16:9
feed all while keeping the scaled video in the corner at its correct
aspect ratio and always the same size relative to the larger video.
I've tried to re-use as much code as possible. I could not find a way
to avoid duplication of the var_names array. It must now be kept in
sync with the other (the normal one and the scale2ref one) for
everything to work which does not seem ideal. For every new variable
introduced/removed into/from the normal scale filter one must be
added/removed to/from the scale2ref version. Suggestions on how to
avoid var_names duplication are welcome.
var_values has been increased to always be large enough for the
additional scale2ref variables. I do not forsee this being a problem
as the names variable will always be the correct size. From my
understanding of av_expr_parse_and_eval it will stop processing
variables when it runs out of names even though there may be
additional (potentially uninitialized) entries in the values array.
The ideal solution here would be using a variable-length array but
that is unsupported in C90.
This patch does not remove any functionality and is strictly a
feature patch. There are no API changes. Behavior does not change for
any previously valid inputs.
The applicable documentation has also been updated.
Signed-off-by: Kevin Mark <kmark937@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Srinath K R [Thu, 1 Jun 2017 07:58:07 +0000 (13:28 +0530)]
avcodec/nvenc: Add default value for AVCodecContext::refs
AVCodecContext::refs is used to control the DPB size to be used by the
encoder. The default value for AVCodecContext::refs as set in
libavcodec/options_table.h is 1.
This patch sets AVCodecContext::refs to 0 for h264_nvenc and hevc_nvenc in
order to let the driver take the decision of the correct DPB size to use in
all cases.
Signed-off-by: Srinath K R <skr@nvidia.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
avcodec/cinepak: Check input packet size before frame reallocation
Reduces time spend decoding 1917/clusterfuzz-testcase-minimized-5023221273329664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/avidec: Limit formats in gab2 to srt and ass/ssa
This prevents part of one exploit leading to an information leak
Found-by: Emil Lerner and Pavel Cheremushkin Reported-by: Thierry Foucu <tfoucu@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: shift exponent 40 is too large for 32-bit type 'unsigned int' Fixes: 1898/clusterfuzz-testcase-minimized-5970744880136192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
lavc: remove libschroedinger encoding and decoding wrappers
The library has stopped being developed and Debian has removed it
from its repositories citing security issues.
The native Dirac decoder supports everything the library has and basic
encoding support is still provided via the native vc2 (Dirac Pro, intra
only version of Dirac) encoder. Hence, there's no reason to still support
linking to the library and potentially leading users into security issues.
avcodec/truemotion2: Fix passing null pointer to memset()
Fixes part of: 1888/clusterfuzz-testcase-minimized-5237704826552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/truemotion2: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes part of: 1888/clusterfuzz-testcase-minimized-5237704826552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/aac_defines: Add missing () to AAC_HALF_SUM() macro
Fixes: runtime error: shift exponent 1073741848 is too large for 32-bit type 'INTFLOAT' (aka 'int') Fixes: 1880/clusterfuzz-testcase-minimized-4900645322620928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 211633430 + 2147483647 cannot be represented in type 'int' Fixes: 1874/clusterfuzz-testcase-minimized-5037763613163520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
the timeDataSize argument to aacDecoder_DecodeFrame() seems undocumented and until
2016 04 (203e3f28fbebec7011342017fafc2a0bda0ce530) unused.
after that commit libfdk-aacdec interprets it as size in sample units and memsets that on error.
FFmpeg as well as others (like GStreamer) did interpret it as size in bytes
Fixes: 1442/clusterfuzz-testcase-minimized-4540199973421056 (This requires recent libfdk to reproduce) Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/aacps: Check border_position to be monotone
Fixes: runtime error: left shift of negative value -67108864 Fixes: 1738/clusterfuzz-testcase-minimized-6734814327603200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
erankor [Wed, 17 May 2017 09:32:06 +0000 (12:32 +0300)]
movenc: encryption with time code track fix
instead of deciding whether to encrypt based on the encryption scheme,
decide according to whether cenc was initialized or not.
mov_create_timecode_track calls ff_mov_write_packet with a track that
doesn't have cenc initialized.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/mlpdec: Do not leave invalid values in matrix_out_ch[] on error
Fixes: runtime error: index 12 out of bounds for type 'uint8_t [8]' Fixes: 1832/clusterfuzz-testcase-minimized-6574546079449088 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/diracdec: Fix off by 1 error in quant check
Fixes: out of array read Fixes: 1781/clusterfuzz-testcase-minimized-4617176877105152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Ronald S. Bultje [Wed, 24 May 2017 15:46:07 +0000 (11:46 -0400)]
hevc: fix race condition in max_ra/seq_decode.
These variables are shared between frame threads, but they are updated
post-setup_finished() if a EOB/EOS slice type occurs. Moving the EOB/EOS
slices to the next frame thread instance (by parsing them leading into
the next picture instead of trailing behind the last picture) effectively
prevents this race condition.
This fixes tsan failures on hevc-conformance-NoOutPrior_A_Qualcomm_1.