avformat/http: Fix leak when using deprecated option
When the deprecated option "user-agent" was set to something different
than its default value, said option would always precede and overwrite
the ordinary user_agent option (regardless of whether it was explicitly
set) which leads to a leak of the user_agent option (which has a default
value, so the leak happens always).
Fix this by setting the same destination for both options; the last
option applied wins then.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Jan Ekström [Mon, 22 Feb 2021 12:21:09 +0000 (14:21 +0200)]
avcodec: enable usage of err_recognition for encoders
Enables the usage of such values as AV_EF_EXPLODE in encoders, which
can be useful in cases such as subtitle encoders where they have the
responsibility to validate the correctness of an incoming ASS dialog line.
Stefano Sabatini [Mon, 16 Nov 2020 07:38:39 +0000 (09:38 +0200)]
avutil/{avstring,bprint}: add XML escaping from ffprobe to avutil
Base escaping only escapes values required for base character data
according to part 2.4 of XML, and if additional flags are added
single and double quotes can additionally be escaped in order
to handle single and double quoted attributes.
Co-authored-by: Jan Ekström <jan.ekstrom@24i.com> Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
Some FATE tests use files created by other FATE tests as input files;
this mostly affects the seek tests which use files from vsynth_lena as
well as acodec-pcm as input files. In order to make this possible the
temporary files of all the vsynth* and all acodec-pcm tests are kept.
Yet only a fraction of these files are actually used. This commit
changes this to only keep the files that are actually needed for other
tests. This reduces the size of the tests/data/fate folder after a full
FATE run from 2024727441B to 138739312B.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
While this usage of strncpy is correct, said function nevertheless has
the disadvantage of not automatically ensuring that the destination
string is zero-terminated. So av_strlcpy should be preferred.
This also removes a -Wstringop-truncation warning from GCC (it doesn't
matter whether the buffer is truncated, as long as it can fit all
the names of the supported codecs).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/lxfdec: Fix multiple integer overflows related to track_size
Fixes: signed integer overflow: 538976288 * 8 cannot be represented in type 'int' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_LXF_fuzzer-6634030636335104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -9223372036854775808 + -242 cannot be represented in type 'long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MCC_fuzzer-6723018395090944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -9223372053736 * 1000000 cannot be represented in type 'long' Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_CONCAT_fuzzer-6607924558430208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/mspdec: Check packet_size more completely
Fixes: OOM Fixes: 28348/clusterfuzz-testcase-minimized-ffmpeg_dem_MSP_fuzzer-4612055872831488 Fixes: 28360/clusterfuzz-testcase-minimized-ffmpeg_dem_MSP_fuzzer-6245230626078720 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/aiffdec: Check that SSND is at least 8 bytes
Fixes: Infinite loop Fixes: 30874/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-5933710488764416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1300248894420254720 * 16 cannot be represented in type 'long' Fixes: 30879/clusterfuzz-testcase-minimized-ffmpeg_dem_DCSTR_fuzzer-5094464215449600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The fourccs used by the Megalux Frame format to determine the pixel
format are actually no fourccs at all as they are a single byte.
Furthermore, their range is continuous (1-5), so they are actually
ordinary indices. So treat them as such and don't use PixelFormatTags
for them.
Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat: Deprecate AVFMT_FLAG_PRIV_OPT, remove av_demuxer_open on bump
This flag was added in 492026209b9b58eaf6d2ea56423f6b1e1a8a76a5
in conjunction with av_demuxer_open() to allow to pass private
options to demuxers. It worked as follows: av_open_input_stream()
(the predecessor of avformat_open_input()) would not call the
read_header function if this flag is set. Instead the user could set
private options of the demuxer via the format's private class after
avformat_open_input() and then call av_demuxer_open() which called
the format's read_header function.
This approach was abandoned in e37f161e66e042d6c2c7470c4d9881df9427fc4a
and av_demuxer_open() deprecated; instead the AVDictionary based way of
passing private options to the demuxer was choosen. Yet
AVFMT_FLAG_PRIV_OPT has never been deprecated and av_demuxer_open()
never removed. This commit implements the deprecation of the flag and
schedules av_demuxer_open for removal on the next major bump.
Given that av_demuxer_open() has been deprecated in 2012 and that this
flag is useless without it, the flag will be ignored after the next
major version bump.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/mobiclip: Avoid undefined integer overflow in MV computation
Fixes: signed integer overflow: 1 + 2147483647 cannot be represented in type 'int' Fixes: 30877/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-4775601145774080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/dashdec: Ensure strings are zero-terminated
strncpy only ensures that one does not write beyond the end of the
destination buffer; in case of truncation it does not zero-terminate
the destination buffer. This makes using it the way it is now in the
DASH demuxer dangerous. So use av_strlcpy instead.
Also don't write anything if there is no id: The buffer has already been
zeroed initially.
The DASH testset from the Universität Klagenfurt contains samples with
ids that are too long. E.g.
http://ftp.itec.aau.at/datasets/DASHDataset2014/TearsOfSteel/1sec/TearsOfSteel_1s_simple_2014_05_09.mpd
Reviewed-by: Steven Liu <lq@chinaffmpeg.org> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The obstacle to do so was in filter_codec_opts: It uses searches
the AVCodec for options via the AV_OPT_SEARCH_FAKE_OBJ method, which
requires using a void * that points to a pointer to a const AVClass.
When using const AVCodec *, one can not simply use a pointer that points
to the AVCodec's pointer to its AVClass, as said pointer is const, too.
This is fixed by using a temporary pointer to the AVClass.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/matroskadec: Add support for FlagOriginal
Needs a CountedElement in order to distinguish the case of the element
not being present and the element being present with a value of zero.
(It has been argued by Ridley Combs that one should only ever use the
AV_DISPOSITION_DUB field for audio tracks. Yet given that there is no
definition for the disposition flags, one can also interpret it to mean
that e.g. a subtitle track is meant to be used with the dubbed audio
track or the original audio track. This commit interprets this flag in
this sense, which also allows to maintain it on remuxing.)
Reviewed-by: Anton Khirnov <anton@khirnov.net> Reviewed-by: Ridley Combs <rcombs@rcombs.me> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/mov: Extend data_size check in mov_read_udta_string()
Fixes: signed integer overflow: -2147483634 - 16 cannot be represented in type 'int' Fixes: 28322/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5711888402612224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/voc_packet: Add a basic check on max_size
Fixes: signed integer overflow: -2147483648 - 4 cannot be represented in type 'int' Fixes: 28127/clusterfuzz-testcase-minimized-ffmpeg_dem_VOC_fuzzer-4880586455646208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is possible because their size is known at compile-time; so they
can be put directly into the context and don't need to be allocated for
every frame.
Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/roqvideo: Use dedicated context for encoder
Up until now, the RoQ video decoder and encoder used the same context;
and said context contained several fields that are only used by the
encoder. This commit changes this and uses a dedicated context for the
encoder; it contains the common context as first element in order to use
functions common to the de- and encoder.
Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/dxtory: Fix undefined shift with negative linesize
Fixes: left shift of negative value -128 Fixes: 30746/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXTORY_fuzzer-5906271469436928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/libx264: Don't use init_static_data for newer versions
x264 versions >= 153 can support multiple bitdepths; they also don't
export x264_bit_depth any more. The actual check whether a bitdepth
is supported is therefore performed at runtime in x264_encoder_open.
Ergo it is unnecessary to use init_static_data for these versions:
One can already set ff_libx264_encoder.pix_fmts to the value that
X264_init_static always sets it to.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/pcm(dec|enc): Don't include disabled (de)muxers
Also make the macro used for the demuxers spec-compliant. The earlier
macro was not, because the ... argument of a variadic macro must not be
left out. GCC and Clang warn about this when using -pedantic.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
For test video which has duration of 10 sec, leak is 4 Kb.
For 100 sec video, leak will be 33 Kb. Most likely,
leaked memory will grow linearly to the number of input frames.
Marton Balint [Sat, 6 Feb 2021 23:55:25 +0000 (00:55 +0100)]
avdevice: use av_gettime_relative() for elapsed time calculations
av_gettime_relative() is using the monotonic clock therefore more suitable for
elapsed time calculations. Packet timestamps are still kept absolute, although
that should be configurable in the future.
This code was written when the allocation functions used parameters of
type unsigned. This is no longer true today and therefore we only need
to check whether the multiplication of the array's size stays within
a size_t -- and this can be offloaded to av_realloc_array.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/wavenc: Fix leak and segfault on reallocation error
Up until now, the wav muxer used a reallocation of the form ptr =
av_realloc(ptr, size); that leaks upon error. Furthermore, if a
failed reallocation happened when writing the trailer, a segfault
would occur due to avio_write(NULL, size) because the muxer only
prints an error message upon allocation error, but does not return
the error.
Moreover setting the pointer to the buffer to NULL on error seems to
be done on purpose in order to record that an error has occured so that
outputting the peak values is no longer attempted. This behaviour has
been retained by simply disabling whether peak data should be written
if an error occurs.
Finally, the reallocation is now done once per peak block and not once
per peak block per channel; it is also done with av_fast_realloc and not
with a linear size increase.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Lynne [Sat, 27 Feb 2021 03:11:04 +0000 (04:11 +0100)]
lavu/tx: invert permutation lookups
out[lut[i]] = in[i] lookups were 4.04 times(!) slower than
out[i] = in[lut[i]] lookups for an out-of-place FFT of length 4096.
The permutes remain unchanged for anything but out-of-place monolithic
FFT, as those benefit quite a lot from the current order (it means
there's only 1 lookup necessary to add to an offset, rather than
a full gather).
The code was based around non-power-of-two FFTs, so this wasn't
benchmarked early on.
avcodec: Add missing FF_API define for libavcodec pix fmt API
avcodec_find_best_pix_fmt2 has been deprecated and replaced by
avcodec_find_best_pix_fmt_of_2 in 2a54ae9df8cbc1717b3929222ac75f384e2ff240.
avcodec_find_best_pix_fmt_of_2 and avcodec_get_pix_fmt_loss meanwhile
were deprecated in 617e866e25b72fa5d9f9d6bbcbd7e4bd69e63a54 when these
functions were de facto moved to libavutil; this has been mentioned in
APIchanges in f7a1c5e4d2294a8970ede7f6deb2fe0a64e202a5. Yet the
attribute_deprecated was never set for the latter two functions and they
were not wrapped in an FF_API define. This commit does this.
Reviewed-by: Paul B Mahol <onemda@gmail.com> Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>