breeze/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2026-02-04 14:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
116,832 Commits 38 Branches 415 Tags
eddffbedb3443d5a4fe642de6e35b9e6a35cfda7
Commit Graph

26090 Commits

Author SHA1 Message Date
James Almer
a4228a0ac1 avformat/iamf_parser: use ffio_read_size() where useful 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-31 23:44:13 -03:00
Marvin Scholz
b6a0eab528 avformat/iamf_parse: Fix return of uninitialized value 
The ret value here is not yet intialized so the return would return
uninitialized data. What was probably meant to be checked here was the
return value of ffio_read_size, which can return an error.

Introduced in 38bcb3ba7b

Fixes: CID1618758
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-31 21:21:39 -03:00
James Almer
fa5d3cc653 avformat/iamf_parse: use get_bits_long() to read the remaining AAC extradata bits 
The output of put_bits_left() here can be as big as 27, which is a bit
count not supported by get_bits().

Fixes fate-iamf-stereo-demux when using --assert-level=2

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-31 14:51:32 -03:00
James Almer
38bcb3ba7b avformat/iamf_parse: fix parsing AAC DecoderConfigDescriptor 
Use ff_mp4_read_descr() to read both the tags and the vlc value
that comes after it, which was not being taken into account.

Ref: https://github.com/AOMediaCodec/libiamf/issues/119

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-31 11:11:42 -03:00
James Almer
9d095f127a avformat/isom: make parameters used for loging a pointer to void 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-31 11:11:42 -03:00
Michael Niedermayer
4e39795c75 avformat/mvdec: Check if name was fully read 
Fixes: use of uninitialized value
Fixes: 70901/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-6341913949569024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-28 17:38:28 +02:00
Michael Niedermayer
815d008681 avformat/argo_brp: Check that ASF chunk header is completely read 
Fixes: Use of uninitialized value
Fixes: 71280/clusterfuzz-testcase-minimized-ffmpeg_dem_ARGO_BRP_fuzzer-4692991866896384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-28 16:27:56 +02:00
Michael Niedermayer
796ff2d599 avformat/apetag: Check APETAGEX 
Fixes: Use of uninitialized value
Fixes: 71074/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5697034877730816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-28 16:27:54 +02:00
Stefan Oltmanns
d42cd5b75b avformat/vapoursynth: load library at runtime 
Signed-off-by: Stefan Oltmanns <stefan-oltmanns@gmx.net>
 2024-08-26 10:30:52 +02:00
Stefan Oltmanns
eac611f1a4 avformat/vapoursynth: Update to API version 4 
Signed-off-by: Stefan Oltmanns <stefan-oltmanns@gmx.net>
 2024-08-26 10:30:50 +02:00
Michael Niedermayer
7e5410eadb avformat/iamf_parse: clear padding 
Fixes: use of uninitialized value
Fixes: 70929/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5931276639469568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-18 23:05:40 +02:00
Dale Curtis
4230379835 avformat/mov: Fix nullptr dereference with invalid encryption metadata. 
Found by fuzzer.

Bug: https://crbug.com/356720789
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-18 22:43:55 +02:00
Dale Curtis
a31106d849 lavf/demux: don't reallocate a AVCodecContext when closing a non-open codec. 
This results in an unnecessary ~800k allocation with H.264. A
nearby callsite uses avcodec_is_open() to avoid this, so do the
same when exiting avformat_find_stream_info().

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2024-08-17 12:54:41 +02:00
Timo Rothenpieler
817c6a6762 avformat/hlsenc: correctly reset subtitle stream counter per-varstream 
Without resetting it, if there was a previous set of varstreams with
subtitles, it would subtract from all the streams, leading to chaos and
segfaults when trying to access for example stream -1.
 2024-08-16 20:22:09 +02:00
James Almer
66c05dc031 avformat/iamf_parse: ignore Audio Elements with an unsupported type 
Better fix for the NULL pointer dereference from d7f83fc2f4.

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-14 23:55:40 -03:00
Michael Niedermayer
7ad937f0c8 avformat/av1dec: Better fix for 70872/clusterfuzz-testcase-minimized-ffmpeg_dem_OBU_fuzzer-6005782487826432 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-14 19:05:17 +02:00
Michael Niedermayer
66ee75d76c avformat/mpeg: Check an avio_read() for failure 
Fixes: use-of-uninitialized-value
Fixes: 70849/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGPS_fuzzer-4684401009557504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-14 18:21:00 +02:00
Michael Niedermayer
d7f83fc2f4 avformat/iamfdec: Check nb_layers before dereferencing layer 
Fixes: dereferencing pointers near NULL
Fixes: 70432/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5255672845893632
Fixes: 70877/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5348547432611840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-14 18:20:59 +02:00
Michael Niedermayer
6996e1238e avformat/av1dec: Check bits left before get_leb128() 
Fixes: use of uninitialized value
Fixes: 70872/clusterfuzz-testcase-minimized-ffmpeg_dem_OBU_fuzzer-6005782487826432

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-14 18:20:58 +02:00
Michael Niedermayer
4dc7dfe65a avformat/segafilm: Set keyframe 
Fixes: use of uninitialized value
Fixes: 70871/clusterfuzz-testcase-minimized-ffmpeg_dem_SEGAFILM_fuzzer-5883617752973312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-14 18:20:58 +02:00
Stephen Hutchinson
ea7375c9e9 avformat/avisynth: move avs_planes* consts into relevant function 
These consts are only used in the switch(planar) case located in
avisynth_create_stream_video and nowhere else in the demuxer,
so move them into that function directly.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
 2024-08-13 15:09:53 -04:00
Stephen Hutchinson
48d6cd35a2 avformat/avisynth: remove library allocation from global state 
As part of this, the mutexes are no longer necessary, and
avisynth_read_close needs to check that avs->avs_library.library
still exists before it attempts to call avisynth_context_destroy
and dlclose.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
 2024-08-13 15:09:53 -04:00
Stephen Hutchinson
8f01ce2898 avformat/avisynth: remove mutex lock from avisynth_read_close 
Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
 2024-08-13 15:09:53 -04:00
Stephen Hutchinson
c0fddbae79 avformat/avisynth: remove atexit() handler 
The atexit() handler in the avisynth demuxer was added because
there was a conflict in AvxSynth that arose due to their use
of C++ global objects, particularly in relation to having
added a logging function relying on log4cpp.

This conflict was responsible for causing a segfault on exit.
It did not affect Windows with the (at the time) upstream
AviSynth 2.5 and 2.6, nor does it affect AviSynth+.

Unfortunately, none of this was actually shielded by ifdefs
indicating the fact it was only needed for AvxSynth, so four
years ago when AviSynth+ replaced AvxSynth as the handler
for AviSynth scripts on Unix-like OSes, the fact that the
atexit handler was no longer necessary was overlooked.

Signed-off-by: Stephen Hutchinson <qyot27@gmail.com>
 2024-08-13 15:09:53 -04:00
James Almer
472fbee812 avformat/movenc: don't look at previous track_id as it may not be set 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-12 11:41:38 -03:00
Michael Niedermayer
191a685010 avformat/lmlm4: Eliminate some AVERROR(EIO) 
Found by code review related to CID732224 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-11 13:21:12 +02:00
Michael Niedermayer
239f7e6c71 avformat/lmlm4: Move subtraction after check 
This is not a bugfix in code but coverity only, it does look a little nicer though

Fixes: CID732224

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-11 13:21:11 +02:00
Michael Niedermayer
c390234da2 avformat/wtvdec: Check length of read mpeg2_descriptor 
Fixes: Use of uninitialized value
Fixes: 70900/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6286909377150976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-08 19:10:05 +02:00
Michael Niedermayer
c95ea03104 avformat/wtvdec: clear sectors 
The code can leave uninitialized holes in the array.
Fixes: use of uninitialized values
Fixes: 70883/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6698694567591936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-08 18:24:31 +02:00
Kacper Michajłow
b534e402d8 avformat/mov: ensure required number of bytes is read 
Fixes: use-of-uninitialized-value

Found by OSS-Fuzz.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-08 18:23:39 +02:00
James Almer
94165d1b79 avformat/iamf: use aligned intreadwrite macros where possible 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-07 00:16:21 -03:00
James Almer
49a6e448d7 avformat/movenc: use stream indexes when generating track ids 
In some scenarios nb_tracks isn't the same as nb_streams, so a given id may end
up being used for two separate streams.

e.g. when muxing an IAMF track followed by a video track, if the IAMF track
consists of several streams, the video track would end up having an id of 2,
which may also be used by one of the IAMF streams.

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-07 00:16:21 -03:00
Kacper Michajłow
792a9979eb avformat/rtpproto: free ip filters on open error 
Found by OSS-Fuzz.

Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-07 00:59:19 +02:00
Kacper Michajłow
8485f7a378 avformat/srtpproto: pass options to nested protocol 
This fixes passing options dict.

Fixes some timeouts found by OSS-Fuzz.

Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-07 00:59:19 +02:00
Kacper Michajłow
2b5f000d3f avformat/jpegxl_anim_dec: ensure input padding is zeroed 
Fixes use of uninitialized value, reported by MSAN.

Found by OSS-Fuzz.

Signed-off-by: Kacper Michajłow <kasper93@gmail.com>

Fixes: 70837/clusterfuzz-testcase-minimized-ffmpeg_dem_JPEGXL_ANIM_fuzzer-5089407768526848
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-05 23:17:46 +02:00
Michael Niedermayer
3978e81809 avformat/img2dec: Clear padding data after EOF 
Fixes: use-of-uninitialized-value
Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-05 23:17:46 +02:00
Michael Niedermayer
79a1cf30d1 avformat/wavdec: Check if there are 16 bytes before testing them 
Fixes: use-of-uninitialized-value
Fixes: 70839/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5212907590189056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-05 23:17:45 +02:00
James Almer
5b87869c09 avformat/mov: fix track handling when mixing IAMF and video tracks 
Fixes crashes when muxing the two together.

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-08-04 12:09:40 -03:00
Michael Niedermayer
ed96ac87a9 avformat/iamf_parse: Check for 0 samples 
Fixes: division by zero
Fixes: 70561/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-6199435013455872
Fixes: 70565/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5783790316748800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-08-01 00:18:02 +02:00
James Almer
92b317245c avformat/mov: use AV_WL*A 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-07-29 21:33:31 -03:00
James Almer
f1fcc3ca5f avformat/matroskadec: use AV_WL32A 
Signed-off-by: James Almer <jamrial@gmail.com>
 2024-07-29 21:33:31 -03:00
James Almer
e7d3ff8dcd avformat/mov: check that child boxes of trak are only present inside it 
Based on the check done for the stco box.

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-07-28 17:28:19 -03:00
James Almer
2aa63784b5 avformat/mov: check that sample and chunk count is 1 for HEIF 
Fixes NULL pointer dereference in broken/fuzzed streams.

Signed-off-by: James Almer <jamrial@gmail.com>
 2024-07-28 17:28:19 -03:00
Niklas Haas
3d5d60d041 avformat/dump: implement dv_md_compression 2024-07-28 12:20:07 +02:00
Niklas Haas
ce8166a19c avformat/mpegts: implement dv_md_compression 2024-07-28 12:20:07 +02:00
Niklas Haas
b3a9fab9da avformat/dovi_isom: implement dv_md_compression 2024-07-28 12:20:07 +02:00
Michael Niedermayer
586f6fda1d avformat/mov: add an EOF check in IPRP 
Fixes: Timeout
Fixes: 69230/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-6540512101203968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-07-23 23:21:13 +02:00
Michael Niedermayer
55af81b5a4 Revert "avformat/udp: Fix temporary buffer race" 
This is not needed

This reverts commit 7b2f67ea77.
 2024-07-23 23:21:13 +02:00
aaron
53d0f9afb4 avcodec/electronicarts: decode framerate 
Reviewed-by: Peter Ross <pross@xvid.org>
 2024-07-23 06:40:30 +10:00
Michael Niedermayer
696685df0c avformat/xmv: Check this_packet_size 
Fixes: CID1604489 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2024-07-21 17:02:12 +02:00