This makes it easier for users of the CBS API to get alloc/free right -
all subelements use the buffer API so that it's clear how to free them.
It also allows eliding some redundant copies: the packet -> fragment copy
disappears after this change if the input packet is refcounted, and more
codec-specific cases are now possible (but not included in this patch).
This is harmless and should not be a warning - unknown units are passed
through to the write functions unchanged, and no other code will interact
with them.
This removes the arbitrary limit on the allowed number of slices and
parameter buffers.
From ffmpeg commit e4a6eb70f4.
Signed-off-by: Mark Thompson <sw@jkqxz.net>
Fixes: signed integer overflow: -2072 + -2147483646 cannot be represented in type 'int'
Fixes: 6097/clusterfuzz-testcase-minimized-5034145253163008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 6037/clusterfuzz-testcase-minimized-5030249784934400
Fixes: signed integer overflow: 256 * 16992036 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1625276744 + -1041893960 cannot be represented in type 'int'
Fixes: 5948/clusterfuzz-testcase-minimized-5791479856365568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 361 * -6295541 cannot be represented in type 'int'
Fixes: 5911/clusterfuzz-testcase-minimized-6450382197751808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Timeout
Fixes: 5796/clusterfuzz-testcase-minimized-5206729085157376
Does someone have a valid sample that triggers this path ?
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Defined in a recent revision of https://www.webmproject.org/docs/container/
This prevents storing the contents of CodecPrivate into extradata for
a codec that doesn't need nor expect any. It will among other things
prevent matroska specific binary data from being dumped onto other
formats during remuxing.
Signed-off-by: James Almer <jamrial@gmail.com>
* commit 'cc1c94dacd0642ac1a6cad45deb65071f127d91a':
configure: Pass the right machine types to dlltool for arm and arm64 mingw
Merged-by: James Almer <jamrial@gmail.com>
* commit '97eee953e639bd4d17a9f9398293775277d00505':
Revert "configure: Stop using dlltool to create an import library"
This commit is a noop, see 6d8bef8c05
Merged-by: James Almer <jamrial@gmail.com>
The GCC generated import libraries don't work properly when being imported
by MSVC, resulting in missing symbols at runtime.
This reverts 5b5365fe9 and partially reverts changes from 98a9b1f0d
This refactor splits up the main mediacodec decode loop into two
send/receive helpers, which are then used to rewrite the receive_frame
callback and take full advantage of the new decoding api. Since we
can now request packets on demand with ff_decode_get_packet(), the
fifo buffer is no longer necessary and has been removed.
This change was motivated by behavior observed on certain Android TV
devices, featuring hardware mpeg2/h264 decoders which also deinterlace
content (to produce multiple frames per field). Previously, this code
caused buffering issues because queueInputBuffer() was always invoked
before each dequeueOutputBuffer(), even though twice as many output
buffers were being generated.
With this patch, the decoder will always attempt to drain new frames
first before sending more data into the underlying codec.
Signed-off-by: Matthieu Bouron <matthieu.bouron@gmail.com>
This reverts commit 67c72f08a4.
While the linker produced import libraries might work with MSVC in
simple test cases, they don't if e.g. linking to multiple GNU ld
produced import libraries at the same time. (They end up importing
functions from the wrong libraries.) The ones produced by dlltool
work fine though.
This issue was pointed out by Hendrik Leppkes.
Signed-off-by: Martin Storsjö <martin@martin.st>
Prefer direct in/out channel count values over channel layout, when
available. Fixes a pan filter bug (ticket #6790).
Signed-off-by: Tobias Rapp <t.rapp@noa-archive.com>
Fixes: 5894/clusterfuzz-testcase-minimized-5315325420634112
Fixes: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 3 + 2147483647 cannot be represented in type 'int'
Fixes: 5888/clusterfuzz-testcase-minimized-5634701067812864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
These tests cover specific rounding behaviour, to ensure that I don't
introduce any regressions with the rewritten "activate" callback based
fps filter.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 5567/clusterfuzz-testcase-minimized-5769966247739392
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
PCM_S16BE stream packets in MPEG-PS have a 3-byte header and
are recognized as PCM_DVD by the demuxer which prevents their
correct remuxing in MPEG-1/2 PS.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: integer overflows
Reported-by: "Xiaohan Wang (王消寒)" <xhwang@chromium.org>
Based on limits in "8.5 Transform coefficient decoding process and picture
construction process prior to deblocking filter process"
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This makes sure no field is ever used uninitialized.
Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
And remove the function altogether while at it. It's a duplicate of
another.
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
This effectively copies the side data elements from src instead of
potentially merging them with those already existing in dst.
This by extension also removes the only dependency on existing values
in the dst packet.
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
Right now, the PTS always starts out as 0, which causes problems on a
seek or when inserting this filter mid-stream.
Initialize it instead to AV_NOPTS_VALUE and copy the PTS from the first
frame instead if this is the case.
When ff_h264_decode_mb_cavlc() failed due to wrong sl->qscale values,
e.g. dquant out of range, set the qscale to be a valid value before
returning -1 and exiting the function. The qscale value can be used
later e.g. in loop filter.
BUG=806122
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Mark Thompson
Jun Zhao
Vishwanath Dixit
Michael Niedermayer
James Almer
Gyan Doshi
Hendrik Leppkes
Aman Gupta
Martin Storsjö
Tobias Rapp
Calvin Walton
Jérôme Martinez
Yusuke Nakamura
Niklas Haas
Carl Eugen Hoyos
Xiaohan Wang