avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in apply_dependent_coupling_fixed()
Fixes: signed integer overflow: -2141499320 + -14469590 cannot be represented in type 'int' Fixes: 7351/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-6351214791884800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
oavcodec/aacpsdsp_template: Use unsigned for hs0X to prevent undefined behavior
Fixes: signed integer overflow: 1073741842 + 1784008138 cannot be represented in type 'int' Fixes: 6792/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5677589835284480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: shift exponent 33 is too large for 32-bit type 'int' Fixes: 6743/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G723_1_fuzzer-5823772687859712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header()
Fixes truncation
Fixes Assertion n <= 31 && value < (1U << n) failed at libavcodec/put_bits.h:169 Fixes: ffmpeg_crash_2.avi Found-by: Thuan Pham <thuanpv@comp.nus.edu.sg>, Marcel Böhme, Andrew Santosa and Alexandru RazvanCaciulescu with AFLSmart Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/mlpdec: Only change noise_type if the related fields are valid
Fixes: inconsistency
Fixes:runtime error: index 8 out of bounds for type 'int32_t [8]' Fixes: 6686/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5191383498358784 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This avoids inconsistent value combinations.
Alternatively it would be possible to add more checks and careful use of
temporary variables, but my try of this quickly seemed to become
a rather large change.
The disadvantage of this, is that the struct is copied back and forth.
Fixes: index 6 out of bounds for type 'const uint16_t [5][16]' Fixes: 6557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-4787296550256640 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Sat, 19 May 2018 18:01:56 +0000 (15:01 -0300)]
avcodec/libvpxenc: fix setting amount of threads used for encoding
The libvpx doxy says that a value of 0 for the g_threads field is
equivalent to a value of 1, whereas for avctx->thread_count it means
the maximum amount of threads possible for the host system.
Use av_cpu_count() to get the correct thread count when auto threads
is requested.
Reviewed-by: James Zern <jzern@google.com> Signed-off-by: James Almer <jamrial@gmail.com>
Mark Thompson [Tue, 15 May 2018 22:15:03 +0000 (23:15 +0100)]
hwcontext: Add test for device creation and derivation
This uses any devices it can find on the host system - on a system with no
hardware device support or in builds with no support included it will do
nothing and pass.
Jerome Borsboom [Fri, 18 May 2018 15:06:28 +0000 (17:06 +0200)]
avcodec/vc1: DIRECTBIT is only present in inter MBs
DIRECTBIT was decoded before the intra/inter MB branching when decoding
interlace frame B pictures. Resulting in mistakenly also decoding it for intra
MBs where this syntax element is not present.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Aman Gupta [Tue, 8 May 2018 23:12:12 +0000 (16:12 -0700)]
avformat/mpegts: add merge_pmt_versions option
This new optional flag makes it easier to deal with mpegts
samples where the PMT is updated and elementary streams move
to different PIDs in the middle of playback.
Previously, new AVStreams were created per PID, and it was up
to the user to figure out which streams had migrated to a new PID
(by iterating over the list of AVProgram and making guesses), and
switch seamlessly to the new AVStream during playback.
Transcoding or remuxing these streams with ffmpeg on the CLI was
also quite painful, and the user would need to extract each set
of PIDs into a separate file and then stitch them back together.
With this new option, the mpegts demuxer will automatically detect
PMT changes and feed data from the new PID to the original AVStream
that was created for the orignal PID. For mpegts samples with
stream_identifier_descriptor available, the unique ID is used to
merge PIDs together. If the stream id is not available, the demuxer
attempts to map PIDs based on their position within the PMT.
With this change, I am able to playback and transcode/remux these
two samples which previously caused issues:
Aman Gupta [Thu, 17 May 2018 22:31:11 +0000 (15:31 -0700)]
avformat/mpegts: keep track of PMT details in AVProgram/AVStream
With these fields, the user has enough information to
detect PMT changes and switch to new streams when the PMT
is updated with new ES pids.
To do so, the user would monitor the AVProgram they're interested
in for changes to pmt_version. If the version changes, they would
iterate over the program's streams to find new streams added with
the updated version number.
If new versions of streams are found, then the user would first try
to replace existing streams where stream_identifier matched.
If stream_identifier is not available, then the user would compare
pmt_stream_idx instead to replace the stream that was previously
at the same position within the PMT.
Aman Gupta [Thu, 17 May 2018 22:30:21 +0000 (15:30 -0700)]
avformat: add fields to AVProgram/AVStream for PMT change tracking
These fields will allow the mpegts demuxer to expose details about
the PMT/program which created the AVProgram and its AVStreams.
In mpegts, a PMT which advertises streams has a version number
which can be incremented at any time. When the version changes,
the pids which correspond to each of it's streams can also change.
Since ffmpeg creates a new AVStream per pid by default, an API user
needs the ability to (a) detect when the PMT changed, and (b) tell
which AVStream were added to replace earlier streams.
This has been a long-standing issue with ffmpeg's handling of mpegts
streams with PMT changes, and I found two related patches in the wild
that attempt to solve the same problem:
The first is in MythTV's ffmpeg fork, where they added a
void (*streams_changed)(void*); to AVFormatContext and call it from
their fork of the mpegts demuxer whenever the PMT changes.
The second was proposed by XBMC in
https://ffmpeg.org/pipermail/ffmpeg-devel/2012-December/135036.html,
where they created a new AVMEDIA_TYPE_DATA stream with id=0 and
attempted to send packets to it whenever the PMT changed.
Aman Gupta [Fri, 4 May 2018 22:41:30 +0000 (15:41 -0700)]
avcodec/videotoolbox: fix decoding of some HEVC videos
In a normal hwaccel, the AVHWFramesContext sets AVFrame.hw_frames_ctx
when it initializes a new AVFrame in av_hwframe_get_buffer().
But the VT hwaccel doesn't know what hw_frames_ctx to assign when
the AVFrame is first created, because it depends on the format of
the pixbuf that the decoder eventually decides to return. Thus
newly created AVFrames always have a NULL hw_frames_ctx, and the
hwaccel would only assign the ctx once a frame was done decoding.
This worked fine with the H264 decoder, but with the HEVC decoder
the frame's data may be moved to another empty AVFrame. Since the
empty AVFrame never had hw_frames_ctx set, a frame with a NULL
ctx could be returned to the API user.
This patch works around the issue by moving the derived
hw_frames_ctx from the AVFrame to a new VTHWFrame which now holds
both the CVPixelBufferRef and the AVBuffer. The hw_frames_ctx
is only copied to the AVFrame right before it is about to be
returned to the user in videotoolbox_postproc_frame() (since
in the case of VT, the hw_frames_ctx is only there for the API
user anyway).
Fixes playback on macOS and iOS of some hevc videos like
https://s3.amazonaws.com/tmm1/videotoolbox/germany-hevc-zdf.ts
Aman Gupta [Tue, 8 May 2018 19:49:43 +0000 (12:49 -0700)]
avformat/mpegts: add skip_unknown_pmt option
Some filtered mpegts streams may erroneously include PMTs for
programs that are not advertised in the PAT. This confuses ffmpeg
and most players because multiple audio/video streams are created
and it is unclear which ones actually contain data.
See for example https://tmm1.s3.amazonaws.com/unknown-pmts.ts
In this sample, the PAT advertises exactly one program. But the
pid it points to for the program's PMT contains PMTs for other
programs as well. This is because the broadcaster decided to
re-use the same pid for multiple program PMTs.
The hardware that filtered the original multi-program stream
into a single-program stream did so by rewriting the PAT to
contain only the program that was requested. But since it just
passed through the PMT pid referenced in the PAT, multiple PMTs
are still present for the other programs.
The FATE tests for MSVC versions older than 2013 are untested in FATE
and apparently are no longer supported.
This commit makes the configure process error out in case an older version
is used, and suggests to use a supported version of MSVC to compile.
This also changes the documentation to reflect this.
As discussed on IRC:
2018-05-12 19:45:16 jamrial then again, most of those were for old msvc, and i think we're not supporting versions older than 2013 (first one c99 compliant) anymore
2018-05-12 19:45:43 +JEEB yea, I think 2013 update 2 is needed
22:53 <@atomnuker> nevcairiel: which commit broke/unsupported support for msvc 2013?
23:23 <@atomnuker> okay, it was JEEB
23:25 <+JEEB> which was for 2012 and older
23:25 <+JEEB> and IIRC we no longer test those in FATE so that was my assumption
23:26 <+JEEB> 2013 is when MS got trolled enough to actually update their C part
23:26 <+JEEB> aand actually advertised FFmpeg support
23:26 <+JEEB> (although it was semi-failing until VS2013 update 1 or 2)
Aman Gupta [Tue, 15 May 2018 22:56:45 +0000 (15:56 -0700)]
avformat: add skip_estimate_duration_from_pts
For seekable mpegts streams, duration is calculated from
pts by seeking to the end of the file for a pts and subtracting
the initial pts to compute a duration.
This can be expensive in terms of added latency during
probe, especially when streaming over a network. This new
option lets you skip the duration calculation, which is useful
when you don't care about the value and want to save some overhead.
This patch is particularly useful when dealing with live mpegts
streams. Normally such streams are not seekable, so durations
are not calculated. However in my case I am dealing with a seekable
live mpegts stream (networked access to a .ts file which is still
being appended to).
Carl Eugen Hoyos [Thu, 10 May 2018 20:45:07 +0000 (22:45 +0200)]
lavc/v210dec: Skip Canopus C210 extradata.
Unbreaks files with unknown extradata, the Canopus decoder accepts both files
with and without this extradata (24 byte "INFO", 16 byte "RDRT", rest "FIEL").
Reported-by: Peter Bubestinger Tested-by: Piotr Bandurski
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); Fixes: 6500/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-4523620274536448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/fic: Check available input space for cursor
Fixes: out of array read Fixes: 6546/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FIC_fuzzer-6317064647081984 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/mpeg4videodec: Check bps (VOL header) before VOP for studio profile
Fixes: runtime error: shift exponent -1 is negative Fixes: 7486/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4977380939530240 Fixes: runtime error: index 36 out of bounds for type 'const uint8_t [32]' Fixes: 7566/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6536620682510336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: left shift of 1876744317 by 16 places cannot be represented in type 'int' Fixes: 6799/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5115274731716608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This changes for example
-rwxr-x--- 1 michael michael 144803654 May 14 12:54 tools/target_dec_ac3_fixed_fuzzer*
to
-rwxr-x--- 1 michael michael 30333852 May 14 12:51 tools/target_dec_ac3_fixed_fuzzer*
Which should massively decrease space requirements
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Mark Thompson [Mon, 14 May 2018 21:58:56 +0000 (22:58 +0100)]
hwcontext: Do not call device_init again when deriving an existing device
The change in 309d660775e2b47af6723a0477c4d753bc0c54f4 to call device_init
when doing derivation missed this case - we should only call it if we
actually made a new device.
Marton Balint [Sun, 13 May 2018 20:14:22 +0000 (22:14 +0200)]
avformat/webm_chunk: always use a static buffer for get_chunk_filename
My conversation from AVFormatContext->filename to AVFormatContext->url was
wrong in this case because get_chunk_filename uses filename as an output
buffer, and not as an input buffer.
Reino Wijnsma [Mon, 7 May 2018 15:59:43 +0000 (17:59 +0200)]
configure: add pkg-config check for libmysofa
This does require libmysofa with today's latest commit (https://github.com/hoene/libmysofa/commit/08f243d1ec35f6f794aedeb4b187d9f9353bdbc1).
They already had a pkg-config file, but the dependencies weren't setup right. Until now.
Niklas Haas [Sun, 13 May 2018 15:07:48 +0000 (17:07 +0200)]
configure: fix configure check for lilv-0
This should be included as `<lilv/lilv.h>`, same as is done in af_lv2.c.
Forcing the extra lilv-0 breaks platforms where the include dir is
`/usr/include/lilv/lilv.h` rather than
`/usr/include/lilv-0/lilv/lilv.h`.
The new include path works for both, because the `pkg-config --cflags`
includes `-I/usr/include/lilv-0`.
Aman Gupta [Wed, 9 May 2018 21:20:48 +0000 (14:20 -0700)]
avformat/mpegts: parse sections with multiple tables
Fixes PMT parsing in some mpegts streams which contain
multiple tables within the PMT pid. Previously, the parser
assumed only one table was present in each packet, and discarded
the rest of the section data after attempting to parse the first
table.
A similar issue was documented in the BeyondTV software[1], which
helped me diagnose the same bug in the ffmpeg mpegts demuxer. I also
tried DVBInspector, libdvbpsi's dvbinfo, and tstools' tsinfo to
help debug. The former two properly read PMTs with multiple tables,
whereas the last has the same bug as ffmpeg.
I've created a minimal sample[2] which contains the combined PMT.
Here's what ffmpeg probe shows before and after this patch:
Before:
Input #0, mpegts, from 'combined-pmt-tids.ts':
Duration: 00:00:01.08, start: 4932.966167, bitrate: 741 kb/s
Program 1
No Program
Stream #0:0[0xf9d]: Audio: ac3, 48000 Hz, mono, fltp, 96 kb/s
Stream #0:1[0xf9b]: Audio: mp3, 0 channels, fltp
Stream #0:2[0xf9c]: Unknown: none
With the patch, the PMT is parsed correctly so the streams are
created in the correct order, are associated with "Program 1",
and their codecs are set correctly.