Merge commit 'b0ca5fef09d1b1268ea0c8f89bf53cd38aaa85e7' into release/0.10
* commit 'b0ca5fef09d1b1268ea0c8f89bf53cd38aaa85e7': dv: Add a guard to not overread the ppcm array mpegvideo: Avoid 32-bit wrapping of linesize multiplications mjpegb: Detect changing number of planes in interlaced video matroskadec: Check that .lang was allocated and set before reading it ape demuxer: check for EOF in potentially long loops lavf: avoid integer overflow when estimating bitrate pictordec: break out of both decoding loops when y drops below 0 ac3: Return proper error codes Conflicts: libavcodec/pictordec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer
@@ -297,7 +297,7 @@ static int parse_frame_header(AC3DecodeContext *s)
|
||||
return ff_eac3_parse_header(s);
|
||||
} else {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "E-AC-3 support not compiled in\n");
|
||||
return -1;
|
||||
return AVERROR(ENOSYS);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -822,12 +822,12 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
if (start_subband >= end_subband) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "invalid spectral extension "
|
||||
"range (%d >= %d)\n", start_subband, end_subband);
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
if (dst_start_freq >= src_start_freq) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "invalid spectral extension "
|
||||
"copy start bin (%d >= %d)\n", dst_start_freq, src_start_freq);
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
|
||||
s->spx_dst_start_freq = dst_start_freq;
|
||||
@@ -904,7 +904,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
|
||||
if (channel_mode < AC3_CHMODE_STEREO) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "coupling not allowed in mono or dual-mono\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
|
||||
/* check for enhanced coupling */
|
||||
@@ -934,7 +934,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
if (cpl_start_subband >= cpl_end_subband) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "invalid coupling range (%d >= %d)\n",
|
||||
cpl_start_subband, cpl_end_subband);
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
s->start_freq[CPL_CH] = cpl_start_subband * 12 + 37;
|
||||
s->end_freq[CPL_CH] = cpl_end_subband * 12 + 37;
|
||||
@@ -956,7 +956,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
if (!blk) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "new coupling strategy must "
|
||||
"be present in block 0\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
} else {
|
||||
s->cpl_in_use[blk] = s->cpl_in_use[blk-1];
|
||||
}
|
||||
@@ -986,7 +986,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
} else if (!blk) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "new coupling coordinates must "
|
||||
"be present in block 0\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
} else {
|
||||
/* channel not in coupling */
|
||||
@@ -1041,7 +1041,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
int bandwidth_code = get_bits(gbc, 6);
|
||||
if (bandwidth_code > 60) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "bandwidth code = %d > 60\n", bandwidth_code);
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
s->end_freq[ch] = bandwidth_code * 3 + 73;
|
||||
}
|
||||
@@ -1064,7 +1064,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
s->num_exp_groups[ch], s->dexps[ch][0],
|
||||
&s->dexps[ch][s->start_freq[ch]+!!ch])) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "exponent out-of-range\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
if (ch != CPL_CH && ch != s->lfe_ch)
|
||||
skip_bits(gbc, 2); /* skip gainrng */
|
||||
@@ -1084,7 +1084,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
} else if (!blk) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "new bit allocation info must "
|
||||
"be present in block 0\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1115,7 +1115,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
}
|
||||
} else if (!s->eac3 && !blk) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "new snr offsets must be present in block 0\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1154,7 +1154,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
} else if (!s->eac3 && !blk) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "new coupling leak info must "
|
||||
"be present in block 0\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
s->first_cpl_leak = 0;
|
||||
}
|
||||
@@ -1166,7 +1166,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
s->dba_mode[ch] = get_bits(gbc, 2);
|
||||
if (s->dba_mode[ch] == DBA_RESERVED) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "delta bit allocation strategy reserved\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
bit_alloc_stages[ch] = FFMAX(bit_alloc_stages[ch], 2);
|
||||
}
|
||||
@@ -1207,7 +1207,7 @@ static int decode_audio_block(AC3DecodeContext *s, int blk)
|
||||
s->dba_offsets[ch], s->dba_lengths[ch],
|
||||
s->dba_values[ch], s->mask[ch])) {
|
||||
av_log(s->avctx, AV_LOG_ERROR, "error in bit allocation\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
}
|
||||
if (bit_alloc_stages[ch] > 0) {
|
||||
@@ -1328,7 +1328,7 @@ static int ac3_decode_frame(AVCodecContext * avctx, void *data,
|
||||
switch (err) {
|
||||
case AAC_AC3_PARSE_ERROR_SYNC:
|
||||
av_log(avctx, AV_LOG_ERROR, "frame sync error\n");
|
||||
return -1;
|
||||
return AVERROR_INVALIDDATA;
|
||||
case AAC_AC3_PARSE_ERROR_BSID:
|
||||
av_log(avctx, AV_LOG_ERROR, "invalid bitstream id\n");
|
||||
break;
|
||||
|
||||
@@ -255,6 +255,13 @@ int ff_mjpeg_decode_sof(MJpegDecodeContext *s)
|
||||
if (nb_components <= 0 ||
|
||||
nb_components > MAX_COMPONENTS)
|
||||
return -1;
|
||||
if (s->interlaced && (s->bottom_field == !s->interlace_polarity)) {
|
||||
if (nb_components != s->nb_components) {
|
||||
av_log(s->avctx, AV_LOG_ERROR,
|
||||
"nb_components changing in interlaced picture\n");
|
||||
return AVERROR_INVALIDDATA;
|
||||
}
|
||||
}
|
||||
if (s->ls && !(s->bits <= 8 || nb_components == 1)) {
|
||||
av_log(s->avctx, AV_LOG_ERROR,
|
||||
"only <= 8 bits/component or 16-bit gray accepted for JPEG-LS\n");
|
||||
|
||||
@@ -244,7 +244,8 @@ void mpeg_motion_internal(MpegEncContext *s,
|
||||
{
|
||||
uint8_t *ptr_y, *ptr_cb, *ptr_cr;
|
||||
int dxy, uvdxy, mx, my, src_x, src_y,
|
||||
uvsrc_x, uvsrc_y, v_edge_pos, uvlinesize, linesize;
|
||||
uvsrc_x, uvsrc_y, v_edge_pos;
|
||||
ptrdiff_t uvlinesize, linesize;
|
||||
|
||||
#if 0
|
||||
if(s->quarter_sample)
|
||||
|
||||
@@ -235,6 +235,8 @@ static int decode_frame(AVCodecContext *avctx,
|
||||
|
||||
if (bits_per_plane == 8) {
|
||||
picmemset_8bpp(s, val, run, &x, &y);
|
||||
if (y < 0)
|
||||
goto finish;
|
||||
} else {
|
||||
picmemset(s, val, run, &x, &y, &plane, bits_per_plane);
|
||||
}
|
||||
@@ -247,6 +249,7 @@ static int decode_frame(AVCodecContext *avctx,
|
||||
y--;
|
||||
}
|
||||
}
|
||||
finish:
|
||||
|
||||
*data_size = sizeof(AVFrame);
|
||||
*(AVFrame*)data = s->frame;
|
||||
|
||||
@@ -276,7 +276,9 @@ static int ape_read_header(AVFormatContext * s, AVFormatParameters * ap)
|
||||
ape->seektable = av_malloc(ape->seektablelength);
|
||||
if (!ape->seektable)
|
||||
return AVERROR(ENOMEM);
|
||||
for (i = 0; i < ape->seektablelength / sizeof(uint32_t); i++)
|
||||
for (i = 0;
|
||||
i < ape->seektablelength / sizeof(uint32_t) && !pb->eof_reached;
|
||||
i++)
|
||||
ape->seektable[i] = avio_rl32(pb);
|
||||
}else{
|
||||
av_log(s, AV_LOG_ERROR, "Missing seektable\n");
|
||||
|
||||
@@ -106,7 +106,7 @@ static const uint8_t* dv_extract_pack(uint8_t* frame, enum dv_pack_type t)
|
||||
* 3. Audio is always returned as 16bit linear samples: 12bit nonlinear samples
|
||||
* are converted into 16bit linear ones.
|
||||
*/
|
||||
static int dv_extract_audio(uint8_t* frame, uint8_t* ppcm[4],
|
||||
static int dv_extract_audio(uint8_t *frame, uint8_t **ppcm,
|
||||
const DVprofile *sys)
|
||||
{
|
||||
int size, chan, i, j, d, of, smpls, freq, quant, half_ch;
|
||||
@@ -374,7 +374,7 @@ int avpriv_dv_produce_packet(DVDemuxContext *c, AVPacket *pkt,
|
||||
uint8_t* buf, int buf_size, int64_t pos)
|
||||
{
|
||||
int size, i;
|
||||
uint8_t *ppcm[4] = {0};
|
||||
uint8_t *ppcm[5] = { 0 };
|
||||
|
||||
if (buf_size < DV_PROFILE_BYTES ||
|
||||
!(c->sys = avpriv_dv_frame_profile(c->sys, buf, buf_size)) ||
|
||||
|
||||
@@ -1114,7 +1114,8 @@ static void matroska_convert_tag(AVFormatContext *s, EbmlList *list,
|
||||
int i;
|
||||
|
||||
for (i=0; i < list->nb_elem; i++) {
|
||||
const char *lang = strcmp(tags[i].lang, "und") ? tags[i].lang : NULL;
|
||||
const char *lang = tags[i].lang && strcmp(tags[i].lang, "und") ?
|
||||
tags[i].lang : NULL;
|
||||
|
||||
if (!tags[i].name) {
|
||||
av_log(s, AV_LOG_WARNING, "Skipping invalid tag with no TagName.\n");
|
||||
|
||||
@@ -2057,9 +2057,14 @@ static void estimate_timings_from_bit_rate(AVFormatContext *ic)
|
||||
bit_rate = 0;
|
||||
for(i=0;i<ic->nb_streams;i++) {
|
||||
st = ic->streams[i];
|
||||
if (st->codec->bit_rate > 0)
|
||||
if (st->codec->bit_rate > 0) {
|
||||
if (INT_MAX - st->codec->bit_rate > bit_rate) {
|
||||
bit_rate = 0;
|
||||
break;
|
||||
}
|
||||
bit_rate += st->codec->bit_rate;
|
||||
}
|
||||
}
|
||||
ic->bit_rate = bit_rate;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user