During error conditions matroska_parse_block may exit without
freeing the memory allocated for laces.
Found via valgrind: http://pastebin.com/E54k8QFU
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
During error conditions matroska_parse_block may exit without
freeing the memory allocated for laces.
Found via valgrind: http://pastebin.com/E54k8QFU
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
* qatar/master: (29 commits)
amrwb: remove duplicate arguments from extrapolate_isf().
amrwb: error out early if mode is invalid.
h264: change underread for 10bit QPEL to overread.
matroska: check buffer size for RM-style byte reordering.
vp8: disable mmx functions with sse/sse2 counterparts on x86-64.
vp8: change int stride to ptrdiff_t stride.
wma: fix invalid buffer size assumptions causing random overreads.
Windows Media Audio Lossless decoder
rv10/20: Fix slice overflow with checked bitstream reader.
h263dec: Disallow width/height changing with frame threads.
rv10/20: Fix a buffer overread caused by losing track of the remaining buffer size.
rmdec: Honor .RMF tag size rather than assuming 18.
g722: Fix the QMF scaling
r3d: don't set codec timebase.
electronicarts: set timebase for tgv video.
electronicarts: parse the framerate for cmv video.
ogg: don't set codec timebase
electronicarts: don't set codec timebase
avs: don't set codec timebase
wavpack: Fix an integer overflow
...
Conflicts:
libavcodec/arm/vp8dsp_init_arm.c
libavcodec/fraps.c
libavcodec/h264.c
libavcodec/mpeg4videodec.c
libavcodec/mpegvideo.c
libavcodec/msmpeg4.c
libavcodec/pnmdec.c
libavcodec/qpeg.c
libavcodec/rawenc.c
libavcodec/ulti.c
libavcodec/vcr1.c
libavcodec/version.h
libavcodec/wmalosslessdec.c
libavformat/electronicarts.c
libswscale/ppc/yuv2rgb_altivec.c
tests/ref/acodec/g722
tests/ref/fate/ea-cmv
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (34 commits)
mlp_parser: fix the channel mask value used for the top surround channel
vorbisenc: check all allocations for failure
roqaudioenc: return AVERROR codes instead of -1
roqaudioenc: set correct bit rate
roqaudioenc: use AVCodecContext.frame_size correctly.
roqaudioenc: remove unneeded sample_fmt check
ra144enc: use int16_t* for input samples rather than void*
ra144enc: set AVCodecContext.coded_frame
ra144enc: remove unneeded sample_fmt check
nellymoserenc: set AVCodecContext.coded_frame
nellymoserenc: improve error checking in encode_init()
nellymoserenc: return AVERROR codes instead of -1
libvorbis: improve error checking in oggvorbis_encode_init()
mpegaudioenc: return AVERROR codes instead of -1
libfaac: improve error checking and handling in Faac_encode_init()
avutil: add AVERROR_UNKNOWN
check for coded_frame allocation failure in several audio encoders
audio encoders: do not set coded_frame->key_frame.
g722enc: check for trellis data allocation error
libspeexenc: export encoder delay through AVCodecContext.delay
...
Conflicts:
doc/APIchanges
libavcodec/avcodec.h
libavcodec/fraps.c
libavcodec/kgv1dec.c
libavcodec/libfaac.c
libavcodec/libgsm.c
libavcodec/libvorbis.c
libavcodec/mlp_parser.c
libavcodec/roqaudioenc.c
libavcodec/vorbisenc.c
libavutil/avutil.h
libavutil/error.c
libavutil/error.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This prevents certain tags with a default value assigned to them (as per
the EBML syntax elements) from ever being assigned a NULL value. Other
parts of the code rely on these being non-NULL (i.e. they don't check for
NULL before e.g. using the string in strcmp() or similar), and thus in
effect this prevents crashes when reading of such specific tags fails,
either because of low memory or because of targeted file corruption.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
* qatar/master:
mpegvideo_enc: only allocate output packet when we know there will be output
Add names for more channel layouts to the channel layout map.
sunrast: Add a sample request for RMP_RAW colormap.
avcodec: do not override pts or duration from the audio encoder
Add prores regression test.
Enable already existing rso regression test.
Add regression test for "sox" format muxer/demuxer.
Add dpx encoding regression test.
swscale: K&R formatting cosmetics for PowerPC code (part I/II)
img2: Use ff_guess_image2_codec(filename) shorthand where appropriate.
Clarify licensing information about files borrowed from libjpeg.
Mark mutable static data const where appropriate.
avplay: fix -threads option
dvbsubdec: avoid undefined signed left shift in RGBA macro
mlpdec: use av_log_ask_for_sample()
gif: K&R formatting cosmetics
png: make .long_name more descriptive
movdec: Adjust keyframe flagging in fragmented files
rv34: change most "int stride" into "ptrdiff_t stride".
Conflicts:
avprobe.c
ffplay.c
libavcodec/mlpdec.c
libavcodec/mpegvideo_enc.c
libavcodec/pngenc.c
libavcodec/x86/v210-init.c
libavfilter/vf_boxblur.c
libavfilter/vf_crop.c
libavfilter/vf_drawtext.c
libavfilter/vf_lut.c
libavfilter/vf_overlay.c
libavfilter/vf_pad.c
libavfilter/vf_scale.c
libavfilter/vf_select.c
libavfilter/vf_setpts.c
libavfilter/vf_settb.c
libavformat/img2.c
libavutil/audioconvert.c
tests/codec-regression.sh
tests/lavf-regression.sh
tests/ref/lavf/dpx
tests/ref/vsynth1/prores
tests/ref/vsynth2/prores
Merged-by: Michael Niedermayer <michaelni@gmx.at>
The parser was fixed so this workaround should no longer
be necessary.
This allows using stream-copy to fix files with keyframes
incorrectly marked.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
This allows handling matroska files with errors.
Fixes test4.mkv and test7.mkv from the official Matroska test suite.
These are also trac issues #544 and #545.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Prefix the functions/tables brktimegm, pcm_read_seek,
dv_offset_reset, voc_get_packet, codec_movaudio_tags,
codec_movvideo_tags.
After this, lavf has no global symbols without the proper prefix.
Signed-off-by: Martin Storsjö <martin@martin.st>
* qatar/master:
rtpdec: Use 4 byte startcodes for H.264
matroskadec: Mark variable as av_unused.
Move some conditionally used variables into the block where they are used.
Drop some completely unnecessary av_unused attributes.
swscale: Remove unused variable alpMmxFilter.
Drop unnecessary av_uninit attributes from some variable declarations.
movenc: Support muxing wmapro in ismv/isma
mpegtsenc: Add an AVOption for forcing a new PAT/PMT/SDT to be written
swscale: move YUV2PACKED16WRAPPER() macro down to where it is used.
swscale: handle gray16 as a "planar" YUV format (Y-only, of course).
swscale: use yuv2packed1() functions for unscaled chroma also.
swscale: fix incorrect chroma bias in yuv2rgb48_1_c().
swscale: fix invalid memory accesses in yuvpacked1() functions.
Move PS2 MMI code below the mips subdirectory, where it belongs.
mips: Move MMI function declarations to a header.
build: Set correct dependencies for rtmp* protocols implemented by librtmp.
Conflicts:
libavcodec/ac3enc_template.c
libavformat/mpegtsenc.c
libswscale/output.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
In particular, detect when the index is obviously broken.
This fixes the worst symptoms of trac issue #958 and makes
sense to allow seeking in files without index.
However it is possible that there still is an index parsing bug
with that file.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Otherwise when we run into levels beyond the max. allowed
playback will be permanently broken.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
a realloc()
BUG=100492
Review URL: http://codereview.chromium.org/8366004
Fixes: 1 of 2 for CVE-2011-3893
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
x86: cabac: replace explicit memory references with "m" operands
avplay: don't request a stereo downmix
wmapro: use av_float2int()
lavc: avoid invalid memcpy() in avcodec_default_release_buffer()
lavu: replace int/float punning functions
lavfi: install libavfilter/vsrc_buffer.h
Remove extraneous semicolons
sdp: Restore the original mp4 format h264 extradata if converted
rtpenc: Add support for mp4 format h264
rtpenc: Simplify code by introducing a separate end pointer
movenc: Use the actual converted sample for RTP hinting
Fix a bunch of common typos.
Conflicts:
doc/developer.texi
doc/eval.texi
doc/filters.texi
doc/protocols.texi
ffmpeg.c
ffplay.c
libavcodec/mpegvideo.h
libavcodec/x86/cabac.h
libavfilter/Makefile
libavformat/avformat.h
libavformat/cafdec.c
libavformat/flvdec.c
libavformat/flvenc.c
libavformat/gxfenc.c
libavformat/img2.c
libavformat/movenc.c
libavformat/mpegts.c
libavformat/rtpenc_h264.c
libavformat/utils.c
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
The existing functions defined in intfloat_readwrite.[ch] are
both slow and incorrect (infinities are not handled).
This introduces a new header with fast, inline conversion
functions using direct union punning assuming an IEEE-754
system, an assumption already made throughout the code.
The one use of Intel/Motorola extended 80-bit format is
replaced by simpler code sufficient under the present
constraints (positive normal values).
The old functions are marked deprecated and retained for
compatibility.
Signed-off-by: Mans Rullgard <mans@mansr.com>
* qatar/master:
mov: Don't av_malloc(0).
avconv: only allocate 1 AVFrame per input stream
avconv: fix memleaks due to not freeing the AVFrame for audio
h264-fate: remove -strict 1 except where necessary (mr4/5-tandberg).
misc Doxygen markup improvements
doxygen: eliminate Qt-style doxygen syntax
g722: Add a regression test for muxing/demuxing in wav
g722: Change bits per sample to 4
g722dec: Signal skipping the lower bits via AVOptions instead of bits_per_coded_sample
api-example: update to use avcodec_decode_audio4()
avplay: use avcodec_decode_audio4()
avplay: use a separate buffer for playing silence
avformat: use avcodec_decode_audio4() in avformat_find_stream_info()
avconv: use avcodec_decode_audio4() instead of avcodec_decode_audio3()
mov: Allow empty stts atom.
doc: document preferred Doxygen syntax and make patcheck detect it
Conflicts:
avconv.c
ffplay.c
libavcodec/mlpdec.c
libavcodec/version.h
libavformat/mov.c
tests/codec-regression.sh
tests/fate/h264.mak
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
rtpdec: Templatize the code for different g726 bitrate variants
rv40: move loop filter to rv34dsp context
lavf: make av_set_pts_info private.
rtpdec: Add support for G726 audio
rtpdec: Add an init function that can do custom codec context initialization
avconv: make copy_tb on by default.
matroskadec: don't set codec timebase.
rmdec: don't set codec timebase.
avconv: compute next_pts from input packet duration when possible.
lavf: estimate frame duration from r_frame_rate.
avconv: update InputStream.pts in the streamcopy case.
Conflicts:
avconv.c
libavdevice/alsa-audio-dec.c
libavdevice/bktr.c
libavdevice/fbdev.c
libavdevice/libdc1394.c
libavdevice/oss_audio.c
libavdevice/v4l.c
libavdevice/v4l2.c
libavdevice/vfwcap.c
libavdevice/x11grab.c
libavformat/au.c
libavformat/eacdata.c
libavformat/flvdec.c
libavformat/mpegts.c
libavformat/mxfenc.c
libavformat/rtpdec_g726.c
libavformat/wtv.c
libavformat/xmv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
http: Remove the custom function for disabling chunked posts
rtsp: Disable chunked http post through AVOptions
movdec: Set frame_size for AMR
h264_weight: remove duplication functions.
swscale: align vertical filtersize by 2 on x86.
libavfilter: reindent.
matroskadec: empty blocks are in fact valid.
avfilter: don't abort() on zero-size allocations.
h264: improve calculation of codec delay.
movenc: Set a correct packet size for AMR-NB mode 15, "no data"
avformat: Add functions for doing global network initialization
avformat: Add the https protocol
avformat: Add the tls protocol, using OpenSSL or gnutls
avformat: Initialize gnutls in ff_tls_init()
w32threads: Wrap the mutex functions in inline functions returning int
configure: Allow linking to the gnutls library
avformat: Add ff_tls_init()/deinit() that initialize OpenSSL
configure: Allow linking to openssl
avcodec: Allow locking and unlocking an avformat specific mutex
avformat: Split out functions from network.h to a new file, network.c
Conflicts:
Changelog
configure
doc/APIchanges
libavcodec/internal.h
libavcodec/version.h
libavfilter/formats.c
libavformat/matroskadec.c
libavformat/mov.c
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This reverts commit 5dd514af937ff4d74c3c263e4ca428b14b62d5f1.
Silently ignoring errors allows some broken files to simply be played, instead of failing.
(cherry picked from commit 7804b0693375c1a7ba1046f7a3579e9f63c2b15a)
The intended goal (as confirmed with its author) of fixing a crash has been
fixed differently prior to the application of this patch and this patch does
notsucessfully propagate parse errors either.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (53 commits)
probe: Restore identification of files with very large id3 tags and no extension.
probe: Remove id3 tag presence as a criteria to do file extension checking.
mpegts: MP4 SL support
mpegts: MP4 OD support
mpegts: Add support for Sections in PMT
mpegts: Replace the MP4 descriptor parser with a recursive parser.
mpegts: Add support for multiple mp4 descriptors
mpegts: Parse mpeg2 SL descriptors.
isom: Add MPEG4SYSTEMS dummy object type indication.
aacdec: allow output reconfiguration on channel changes
nellymoserenc: take float input samples instead of int16
nellymoserdec: use dsp functions for overlap and windowing
nellymoserdec: do not fail if there is extra data in the packet
nellymoserdec: fail if output buffer is too small
nellymoserdec: remove pointless buffer size check.
lavf: add init_put_byte() to the list of visible symbols.
seek-test: free options dictionary after use
snow: do not draw_edge if emu_edge is set
tools/pktdumper: update to recent avformat api
seek-test: update to recent avformat api
...
Conflicts:
doc/APIchanges
libavcodec/mpegaudiodec.c
libavcodec/nellymoserdec.c
libavcodec/snow.c
libavcodec/version.h
libavcodec/wmadec.c
libavformat/avformat.h
libavformat/mpegts.c
libavformat/mxfdec.c
libavformat/utils.c
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (47 commits)
lavc: hide private symbols.
lavc: deprecate img_get_alpha_info().
lavc: use avpriv_ prefix for ff_toupper4.
lavc: use avpriv_ prefix for ff_copy_bits and align_put_bits.
lavc: use avpriv_ prefix for ff_ac3_parse_header.
lavc: use avpriv_ prefix for ff_frame_rate_tab.
lavc: rename ff_find_start_code to avpriv_mpv_find_start_code
lavc: use avpriv_ prefix for ff_split_xiph_headers.
lavc: use avpriv_ prefix for ff_dirac_parse_sequence_header.
lavc: use avpriv_ prefix for some dv symbols used in lavf.
lavc: use avpriv_ prefix for some flac symbols used in lavf.
lavc: use avpriv_ prefix for some mpeg4audio symbols used in lavf.
lavc: use avpriv_ prefix for some mpegaudio symbols used in lavf.
lavc: use avpriv_ prefix for ff_aac_parse_header().
lavf: hide private symbols.
lavf: use avpriv_ prefix for some dv functions.
lavf: use avpriv_ prefix for ff_new_chapter().
avcodec: add CODEC_CAP_DELAY note to avcodec_decode_audio3() documentation
avcodec: clarify the CODEC_CAP_DELAY note in avcodec_decode_video2()
avcodec: clarify documentation of CODEC_CAP_DELAY
...
Conflicts:
configure
doc/general.texi
libavcodec/Makefile
libavcodec/aacdec.c
libavcodec/allcodecs.c
libavcodec/avcodec.h
libavcodec/dv.c
libavcodec/dvdata.c
libavcodec/dvdata.h
libavcodec/libspeexenc.c
libavcodec/mpegvideo.c
libavcodec/version.h
libavformat/avidec.c
libavformat/dv.c
libavformat/dv.h
libavformat/flvenc.c
libavformat/mov.c
libavformat/mp3enc.c
libavformat/oggparsespeex.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
presets: rename presets directory
lavc: make avcodec_get_context_defaults3 "officially" public
lavf: replace av_new_stream->avformat_new_stream part II.
lavf,lavd: replace av_new_stream->avformat_new_stream part I.
lavf: add avformat_new_stream as a replacement for av_new_stream.
Use correct scaling table for bwd-pred MVs in second B-field
Ut Video decoder
Makefile: change presets extension to .avpreset
lavfi: add rgbtestsrc source, ported from MPlayer libmpcodecs
lavfi: add testsrc source
AVOptions: add documentation.
presets: update libx264 ffpresets
Conflicts:
Changelog
doc/APIchanges
doc/ffmpeg.texi
ffpresets/libx264-ipod320.ffpreset
ffpresets/libx264-ipod640.ffpreset
ffserver.c
libavcodec/avcodec.h
libavcodec/options.c
libavcodec/version.h
libavdevice/libdc1394.c
libavfilter/avfilter.h
libavfilter/vsrc_testsrc.c
libavformat/flvdec.c
libavformat/riff.c
libavformat/version.h
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
prores: get correct size for coded V plane if alpha is present
prores: do not set pixel format on codec init
pthread: prevent updating AVCodecContext from itself in frame_thread_free
pthread: copy coded frame dimensions in update_context_from_thread
vp8: prevent read from uninitialized memory in decode_mvs
vp8: force reallocation in update_thread_context after frame size change
vp8: fix return value if update_dimensions fails
matroskadec: fix out of bounds write
adpcmdec: calculate actual number of output samples for each decoder.
adpcmdec: check remaining buffer size before decoding next block in the ADPCM IMA WAV decoder.
adpcmdec: do not terminate early in ADPCM IMA Duck DK3 decoder.
adpcmdec: remove unneeded buf_size==0 check.
adpcmdec: remove unneeded zeroing of *data_size
dnxhdenc: fixed signed multiplication overflow
Conflicts:
tests/ref/fate/prores-alpha
tests/ref/fate/truemotion1-24
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (23 commits)
avconv: Reformat s16 volume adjustment.
ARM: NEON optimised vector_fmac_scalar()
dca: use vector_fmac_scalar from dsputil
dsputil: add vector_fmac_scalar()
latmenc: Fix private options
vf_unsharp: store hsub/vsub in the filter context
vf_unsharp: adopt a more natural order of params in apply_unsharp()
vf_unsharp: rename method "unsharpen" to "apply_unsharp"
vf_scale: apply the same transform to the aspect during init that is applied per frame
vf_pad: fix "vsub" variable value computation
vf_scale: add a "sar" variable
lavfi: fix realloc size computation in avfilter_add_format()
vsrc_color: use internal timebase
lavfi: fix signature for avfilter_graph_parse() and avfilter_graph_config()
graphparser: prefer void * over AVClass * for log contexts
avfiltergraph: use meaningful error codes
avconv: Initialize return value for codec copy path.
fate: use 'run' helper for seek-test
fate: remove seek-mpeg2reuse test
Fix memory (re)allocation in matroskadec.c, related to MSVR-11-0080.
...
Conflicts:
doc/filters.texi
libavfilter/avfilter.h
libavfilter/avfiltergraph.c
libavfilter/avfiltergraph.h
libavfilter/graphparser.c
libavfilter/vf_scale.c
libavfilter/vsrc_color.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
avconv: use different variables for decoded and filtered frame.
avconv: add support for copying attachments.
matroskaenc: write attachments.
matroskadec: export mimetype of attachments as metadata.
avconv: factorize common code from new_*_stream()
doc/avconv: expand documentation for some options.
doc/avconv: document -timelimit.
Conflicts:
avconv.c
cmdutils.c
tests/codec-regression.sh
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Whitespace of the patch cleaned up by Aurel
Some of the issues have been reported by Steve Manzuik / Microsoft Vulnerability Research (MSVR)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 956c901c68eff78288f40e3c8f41ee2fa081d4a8)
Further suggestions from Kostya <kostya.shishkov@gmail.com> have been
implemented by Reinhard Tartler <siretart@tauware.de>
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
This change fixes a bug where seeking doesn't work properly for
matroska files that have the CUES element before the first cluster.
This bug was accidentally introduced a few months ago by my deferred CUES
loading patch<http://git.videolan.org/?p=ffmpeg.git;a=commit;h=31ad14c21e0735387ba8082c6e3436241f7ccfc8>
.
When the CUES element appears before the first cluster in the file, the data
is parsed and placed in matroska->index but that data is never added to the
seek index. Currently the transfer from matroska->index to the seek index
only happens when matroska_parse_cues() is called.
Matroska_parse_cues() only gets called on a seek if cues_parsing_deferred is
set. Cues_parsing_deferred only gets set if parsing the CUES requires
seeking past the first cluster. There is no code to handle the case where
CUES is before the first cluster.
This fix essentially restores the matroska->index processing that was
happening at the end of matroska_read_header() before I made my CUES
deferral change. In the case where CUES is before the first
cluster, matroska->index will have data and the seek index will be updated.
In the case where CUES is later in the file, matroska->index will be empty
and cues_parsing_deferred will be set so loading will happen later.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>