Comply with "For purposes other than determining the amount of data in the decoding units
of the bitstream, decoders shall ignore all data that follow the value 63 for nuh_layer_id in a NAL unit"
Rec. ITU-T H.265 v8 (08/2021) Page 67
Fixes: index 63 out of bounds for type 'const int8_t[63]' (aka 'const signed char[63]')
Fixes: clusterfuzz-testcase-fuzzer_loadfile-5109286752026624
Reported-by: Kacper Michajlow <kasper93@gmail.com>
Found-by: ossfuzz
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 360e7cafd0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This should have been documented long ago and i thought it was
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7051825b01)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: use of uninitialized value (untested)
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5505802505355264
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96d45c3b21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: use of uninitialized value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6656646223298560-cut
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e30d957a9b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Likely a tighter check can be done
Fixes: signed integer overflow: 3305606804154370442 * 8 cannot be represented in type 'long'
Fixes: 70449/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4771166007918592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4122406f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This basically ignores the overflow without undefined behavior, alternatively we could detect and error out
Fixes: signed integer overflow: 6310596683470275584 + 7660622966157213696 cannot be represented in type 'long'
Fixes: 70433/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5483347233538048
Fixes: 369662284/clusterfuzz-testcase-minimized-media_metadata_parser_fuzzer-5327368763670528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 057b8c2066)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
We always write minimal slices, the size calculation is wrong in some
corner cases but as its always 1x1 (minus1) we can for now just hard-code it
This helps with ticket 5548
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d514655bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
A sample rate <= 0 is invalid.
Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
Fixes ticket #11385.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 1446e37d3d)
Should ensure avcodec_send_packet() doesn't return EAGAIN in scenarios where it's not
meant to (e.g., ffmpeg_dec.c where avcodec_receive_frame() is called in a loop to drain
all produced frames before trying to submit more packets).
Fixes ticket #11377.
Reviewed-by: Ronald S. Bultje <rsbultje@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit d1d9b0813a)
As per section 3.11.1 of the IAMF spec, the sample rate used in Codec Config
for Opus shall be 48kHz, regardless of the original sample rate used during
encoding.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 76049d1c45)
When subblock durations are constant, the last block may be smaller and the
value needs to be calculated.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit fb5e8ea971)
Section 3.6.1 of the IAMF spec states "When constant_subblock_duration is equal to 0, the summation of all
subblock_duration in this parameter block SHALL be equal to duration.".
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit d38fc25519)
ambisonics mode > 1 does not initialize any layer but layer 0
is unconditionally dereferenced
Fixes: poc-2024-11
Fixes: null pointer dereference
Found-by: 苏童 <220235212@seu.edu.cn>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4cc1495aca)
This corresponds to commit 9278a14cf406f8edb5052c42b83750112bf5b515
in dav1d.
Omitting the C-only functions doesn't speed up benchmarking
anyway (as those has to be benchmarked before we know if we have
any corresponding assembly functions), and being able to benchmark
those functions without corresponding assembly can be valuable in
a number of cases.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 4b524649ff)
Ensure downmixed is only set once during init, as it used to be.
Fixes a regression since acbb2777e2.
Fixes ticket #11321
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 0e07a70611)
xHE-AAC is a profile where some frames depend on other key frames, named IPF.
By setting the codec as Intra Only, all frames output by decoders and all
packets output by encoders/demuxers will be unconditionally flaged as
keyframes, which is incorrect.
Should fix ticket #11272.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 40bd6d8355)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 8d2d2519e0)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 99f87251e0)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 281b7fc02e)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 495c891e39)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit d3dd14bf5b)
Don't depend on the generic code setting this.
This is in preparation for a following change.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit ffdace5ad4)
