Fixes crash based on a uninitialized array index read.
If the read does not crash then out of array writes based
on the same index might have been triggered afterwards.
Found-by: inferno@chromium.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Other cases are not supported and lead to inconsistencies which
can lead to out of array writes.
Reported-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The ogg decoder wasn't padding the input buffer with the appropriate
FF_INPUT_BUFFER_PADDING_SIZE bytes. Which led to uninitialized reads in
various pieces of parsing code when they thought they had more data than
they actually did.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
A lot of files do not mark keyframes correctly via
granule, so detect keyframe or not based on data
and complain if it mismatches.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
It would never be called when the searched-for position
was already in the index.
In the other cases, the ogg_reset at the end of the
read_timestamp function handled it.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
In this case, the pts values will be delayed by one, but
at the same time pts values might only be supplied for e.g.
keyframes.
This results on only the frame after the keyframe having a
pts value.
As a hack, make read_timestamp return the keyframe position
together with the pts from a following frame when seeking
to a keyframe.
Fixes trac issue #438.
However it causes the read_timestamp function to return a
pos value that is actually before the packet with the
indicated pts.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Fixes trac issue #438.
Seeking in that sample would cause ogg_read_timestamp to fail
because ogg_packet would go into a state where all packets
of stream 1 would be discarded until the end of the stream.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
* qatar/master:
mov: Don't av_malloc(0).
avconv: only allocate 1 AVFrame per input stream
avconv: fix memleaks due to not freeing the AVFrame for audio
h264-fate: remove -strict 1 except where necessary (mr4/5-tandberg).
misc Doxygen markup improvements
doxygen: eliminate Qt-style doxygen syntax
g722: Add a regression test for muxing/demuxing in wav
g722: Change bits per sample to 4
g722dec: Signal skipping the lower bits via AVOptions instead of bits_per_coded_sample
api-example: update to use avcodec_decode_audio4()
avplay: use avcodec_decode_audio4()
avplay: use a separate buffer for playing silence
avformat: use avcodec_decode_audio4() in avformat_find_stream_info()
avconv: use avcodec_decode_audio4() instead of avcodec_decode_audio3()
mov: Allow empty stts atom.
doc: document preferred Doxygen syntax and make patcheck detect it
Conflicts:
avconv.c
ffplay.c
libavcodec/mlpdec.c
libavcodec/version.h
libavformat/mov.c
tests/codec-regression.sh
tests/fate/h264.mak
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
rtpdec: Templatize the code for different g726 bitrate variants
rv40: move loop filter to rv34dsp context
lavf: make av_set_pts_info private.
rtpdec: Add support for G726 audio
rtpdec: Add an init function that can do custom codec context initialization
avconv: make copy_tb on by default.
matroskadec: don't set codec timebase.
rmdec: don't set codec timebase.
avconv: compute next_pts from input packet duration when possible.
lavf: estimate frame duration from r_frame_rate.
avconv: update InputStream.pts in the streamcopy case.
Conflicts:
avconv.c
libavdevice/alsa-audio-dec.c
libavdevice/bktr.c
libavdevice/fbdev.c
libavdevice/libdc1394.c
libavdevice/oss_audio.c
libavdevice/v4l.c
libavdevice/v4l2.c
libavdevice/vfwcap.c
libavdevice/x11grab.c
libavformat/au.c
libavformat/eacdata.c
libavformat/flvdec.c
libavformat/mpegts.c
libavformat/mxfenc.c
libavformat/rtpdec_g726.c
libavformat/wtv.c
libavformat/xmv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (53 commits)
probe: Restore identification of files with very large id3 tags and no extension.
probe: Remove id3 tag presence as a criteria to do file extension checking.
mpegts: MP4 SL support
mpegts: MP4 OD support
mpegts: Add support for Sections in PMT
mpegts: Replace the MP4 descriptor parser with a recursive parser.
mpegts: Add support for multiple mp4 descriptors
mpegts: Parse mpeg2 SL descriptors.
isom: Add MPEG4SYSTEMS dummy object type indication.
aacdec: allow output reconfiguration on channel changes
nellymoserenc: take float input samples instead of int16
nellymoserdec: use dsp functions for overlap and windowing
nellymoserdec: do not fail if there is extra data in the packet
nellymoserdec: fail if output buffer is too small
nellymoserdec: remove pointless buffer size check.
lavf: add init_put_byte() to the list of visible symbols.
seek-test: free options dictionary after use
snow: do not draw_edge if emu_edge is set
tools/pktdumper: update to recent avformat api
seek-test: update to recent avformat api
...
Conflicts:
doc/APIchanges
libavcodec/mpegaudiodec.c
libavcodec/nellymoserdec.c
libavcodec/snow.c
libavcodec/version.h
libavcodec/wmadec.c
libavformat/avformat.h
libavformat/mpegts.c
libavformat/mxfdec.c
libavformat/utils.c
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
presets: rename presets directory
lavc: make avcodec_get_context_defaults3 "officially" public
lavf: replace av_new_stream->avformat_new_stream part II.
lavf,lavd: replace av_new_stream->avformat_new_stream part I.
lavf: add avformat_new_stream as a replacement for av_new_stream.
Use correct scaling table for bwd-pred MVs in second B-field
Ut Video decoder
Makefile: change presets extension to .avpreset
lavfi: add rgbtestsrc source, ported from MPlayer libmpcodecs
lavfi: add testsrc source
AVOptions: add documentation.
presets: update libx264 ffpresets
Conflicts:
Changelog
doc/APIchanges
doc/ffmpeg.texi
ffpresets/libx264-ipod320.ffpreset
ffpresets/libx264-ipod640.ffpreset
ffserver.c
libavcodec/avcodec.h
libavcodec/options.c
libavcodec/version.h
libavdevice/libdc1394.c
libavfilter/avfilter.h
libavfilter/vsrc_testsrc.c
libavformat/flvdec.c
libavformat/riff.c
libavformat/version.h
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Manual replacements are done in this commit.
In many cases, the id is some constant made up number (e.g. 0 for video
and 1 for audio), which is then not used in the demuxer for anything.
Those ids are removed.
This patch also introduces CODEC_ID_CELT.
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Diego Biurrun <diego@biurrun.de>
this fixes accuracy with normal ogg files while keeping support for ogg files
starting at times different from 0
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
doc: Improve references to external URLs.
h264: move decode_mb_skip() from h264.h to h.264_mvpred.h
ffplay: skip return value of avcodec_decode_video2 / avcodec_decode_subtitle2
dnxhdenc: Replace a forward declaration by the proper #include.
h264: move h264_mvpred.h include.
pix_fmt: Fix number of bits per component in yuv444p9be
lavf: deprecate AVFormatContext.timestamp
ffmpeg: merge input_files_ts_scale into InputStream.
ffmpeg: don't abuse a global for passing sample format from input to output
ffmpeg: don't abuse a global for passing channel layout from input to output
ffmpeg: factor common code from new_a/v/s/d_stream to new_output_stream()
matroskaenc: make SSA default subtitle codec.
oggdec: prevent heap corruption.
Conflicts:
doc/developer.texi
doc/faq.texi
doc/general.texi
ffmpeg.c
ffplay.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Specifically crafted samples can reinit ogg->streams[] while
reading samples, and thus we should not cache old pointers since
these may no longer be valid.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
* qatar/master: (36 commits)
ARM: allow unaligned buffer in fixed-point NEON FFT4
fate: test more FFT etc sizes
dca: set AVCodecContext frame_size for DTS audio
YASM: Shut up unused variable compiler warning with --disable-yasm.
x86_32: Fix build on x86_32 with --disable-yasm.
iirfilter: add fate test
doxygen: Add qmul docs.
ogg: propagate return values and return more meaningful error values
H.264: fix overreads of qscale_table
Remove unused static tables and static inline functions.
eval: clear Parser instances before using
dct-test: remove 'ref' function pointer from tables
build: Remove deleted 'check' target from .PHONY list.
oggdec: Abort Ogg header parsing when encountering a data packet.
Add LGPL license boilerplate to files lacking it.
mxfenc: small typo fix
doxygen: Fix documentation for some VP8 functions.
sha: use AV_RB32() instead of assuming buffer can be cast to uint32_t*
des: allow unaligned input and output buffers
aes: allow unaligned input and output buffers
...
Conflicts:
libavcodec/dct-test.c
libavcodec/libvpxenc.c
libavcodec/x86/dsputil_mmx.c
libavcodec/x86/h264_qpel_mmx.c
libavfilter/x86/gradfun.c
libavformat/oggdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
rational-test: Add proper main() declaration to fix gcc warnings.
configure: Add vdpau and dxva2 to configure results output.
Remove unused, never built libavutil/pca.[ch]
matroskadec: forward parsing errors to caller.
av_find_stream_info: simplify EAGAIN handling.
aacenc: Fix determination of Mid/Side Mode.
psymodel: Remove the single channel analysis function
aacenc: Implement dummy channel group analysis that just calls the single channel analysis for each channel.
psymodel: Add channels and channel groups to the psymodel.
ARM: remove check for PLD instruction
fate: move amr[nw]b test rules into separate files
ogg: fix double free when finding length of small chained oggs.
swscale: implement >8bit scaling support.
build: fix creation of tools dir with make 3.81
build: Mark all-yes Makefile target as phony.
pixfmt: fix YUV422/444 wrong endian comment
build: create output directories as needed
Add new yuv444 pixfmts to avcodec_align_dimensions2
Conflicts:
Makefile
configure
libavutil/pca.c
libavutil/pca.h
libavutil/pixfmt.h
libswscale/swscale.c
libswscale/utils.c
libswscale/x86/swscale_template.c
tests/ref/lavfi/pixdesc
tests/ref/lavfi/pixfmts_copy
tests/ref/lavfi/pixfmts_null
tests/ref/lavfi/pixfmts_scale
tests/ref/lavfi/pixfmts_vflip
Merged-by: Michael Niedermayer <michaelni@gmx.at>
ogg_save() copies streams[], but doesn't keep track of free()'ed
struct members. Thus, if in between a call to ogg_save() and
ogg_restore(), streams[].private was free()'ed, this would result
in a double free -> crash, which happened when e.g. playing small
chained ogg fragments.