18358 Commits

Author SHA1 Message Date
Ronald S. Bultje
e0febda22d h264: stricter reference limit enforcement.
Progressive images can have only 16 references, error out if there are
more, since the data is almost certainly corrupt, and the invalid value
will lead to random crashes or invalid writes later on.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-14 13:24:49 -07:00
Ronald S. Bultje
48cbe4b092 h264: increase reference poc list from 16 to 32.
Interlaced images can have 32 references (16 per field), so limiting the
array size to 16 leads to invalid writes.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-14 13:24:45 -07:00
Ronald S. Bultje
86020073db xa_adpcm: limit filter to prevent xa_adpcm_table[] array bounds overruns.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-14 13:24:40 -07:00
Michael Niedermayer
1f8ff2b13c snow: check reference frame indices.
Fixes NULL ptr dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-14 13:24:35 -07:00
Michael Niedermayer
c9837954e7 snow: reject unsupported chroma shifts.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-14 13:24:31 -07:00
Paul B Mahol
5b4d026a03 anm: convert to bytestream2 API
Protects from overreads.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-14 13:23:07 -07:00
Paul B Mahol
f1ce053cd0 bytestream: add more unchecked variants for bytestream2 API
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-14 13:23:07 -07:00
Paul B Mahol
a1c036e961 jvdec: unbreak video decoding
The safe bitstream reader broke it since the buffer size was specified
in bytes instead of bits.

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
CC: libav-stable@libav.org
2012-03-14 15:34:50 +01:00
Michael Niedermayer
6968a7d193 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  doc/general: update supported devices table.
  doc/general: add missing @tab to codecs table.
  h264: Fix invalid interlaced/progressive MB combinations for direct mode prediction.
  avconv: reindent
  avconv: link '-passlogfile' option to libx264 'stats' AVOption.
  libx264: add 'stats' private option for setting 2pass stats filename.
  libx264: fix help text for slice-max-size option.
  http: Clear the auth state on redirects
  http: Retry auth if it failed due to being stale
  rtsp: Resend new keepalive commands if they used stale auth
  rtsp: Retry authentication if failed due to being stale
  httpauth: Parse the stale field in digest auth
  dxva2_vc1: pass the overlap flag to the decoder
  dxva2_vc1: fix decoding of BI frames
  FATE: add shorthand to wavpack test
  dfa: convert to bytestream2 API
  anm decoder: move buffer allocation from decode_init() to decode_frame()
  h264: improve parsing of broken AVC SPS

Conflicts:
	ffmpeg.c
	libavcodec/anm.c
	libavcodec/dfa.c
	libavcodec/h264.c
	libavcodec/h264_direct.c
	libavcodec/h264_ps.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-14 02:10:11 +01:00
Michael Niedermayer
c2e3b564b3 mmvideo: restore initial y value.
This bug might have been exploitable (out of HEAP buffer writes)

Bug introduced by libav
	commit a55d5bdc6e28a2cfefc440d792de5cc4f02377e2
	Date:   Tue Mar 6 15:15:42 2012 -0800

	    algmm: convert to bytestream2 API.
2012-03-13 22:38:45 +01:00
Michael Niedermayer
67c90d2605 mmvideo: remove unused variable
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 22:15:42 +01:00
Michael Niedermayer
bf521d5a5b jpeglsdec: suppress unused var warning
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 22:13:13 +01:00
Michael Niedermayer
0fdb4dfd03 h264: Fix some mixed declarations and code.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 22:10:02 +01:00
Michael Niedermayer
c592679cca eatgq: remove unused ret variable.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 22:05:22 +01:00
Michael Niedermayer
d9399c4b66 eamad: Remove redundant initialization of mv_map.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 22:04:25 +01:00
Michael Niedermayer
9ff43569d2 g729dec: fix scalarproduct_int16 after API change
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 21:20:07 +01:00
Michael Niedermayer
758ec11153 h264: Fix invalid interlaced/progressive MB combinations for direct mode prediction.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-13 10:04:23 -07:00
Anton Khirnov
d533e395e1 libx264: add 'stats' private option for setting 2pass stats filename.
x264 always opens the file itself with fopen, so we cannot use the
standard lavc stats mechanism.

CC: libav-stable@libav.org
2012-03-13 12:20:50 +01:00
Anton Khirnov
9d5c131ece libx264: fix help text for slice-max-size option.
CC: libav-stable@libav.org
2012-03-13 12:20:34 +01:00
Peter Ross
e05253bf49 iff: do not decode unsupported pbms with ham decoder
This prevents the segfault reported by ticket #1054
2012-03-13 21:56:19 +11:00
Hendrik Leppkes
7103c8350a dxva2_vc1: pass the overlap flag to the decoder
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2012-03-13 08:14:23 +01:00
Hendrik Leppkes
b2b0aa70ea dxva2_vc1: fix decoding of BI frames
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2012-03-13 08:14:22 +01:00
Paul B Mahol
29b0d94b43 dfa: convert to bytestream2 API
Protects from overreads.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 21:47:40 -07:00
Michael Niedermayer
b25a265a5c Merge remote-tracking branch 'qatar/master'
* qatar/master:
  pcm-mpeg: convert to bytestream2 API
  Revert "h264: clear trailing bits in partially parsed NAL units"
  remove iwmmxt optimizations
  mimic: do not continue if swap_buf_size is 0
  mimic: convert to bytestream2 API
  frwu: use MKTAG to check marker instead of AV_RL32
  txd: port to bytestream2 API
  c93: convert to bytestream2 API
  iff: make .long_name more descriptive
  FATE: add test for cdxl demuxer
  rtsp: Fix a typo

Conflicts:
	libavcodec/arm/dsputil_iwmmxt.c
	libavcodec/arm/dsputil_iwmmxt_rnd_template.c
	libavcodec/arm/mpegvideo_iwmmxt.c
	libavcodec/c93.c
	libavcodec/txd.c
	libavutil/arm/cpu.c
	tests/fate/demux.mak

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 01:56:33 +01:00
Lou Logan
2d38081b4f cosmetics: fix some typos
Patch attached.
From 2d4094fc0dcb4ccd0735eb7e1719e228ebb56bb9 Mon Sep 17 00:00:00 2001
From: Lou Logan <lou@lrcd.com>
Date: Mon, 12 Mar 2012 14:13:44 -0800
Subject: [PATCH] cosmetics: fix some typos

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 01:14:04 +01:00
Michael Niedermayer
105cac3407 vc1dec: Fix vc1 decoding with --disable-optimizations.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-13 01:14:04 +01:00
Peter Ross
015da6e394 anm decoder: move buffer allocation from decode_init() to decode_frame()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 16:44:39 -07:00
Michael Niedermayer
3aa661ec56 h264: improve parsing of broken AVC SPS
Parsing the entire NAL as SPS fixes decoding of some AVC bitstreams
with broken escaping. Since the size of the NAL unit is known and
checked against the buffer end we can parse it entirely without buffer
overreads.

Fixes playback of
http://streams.videolan.org/streams/mp4/Mr_MrsSmith-h264_aac.mp4

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
2012-03-13 00:31:52 +01:00
Paul B Mahol
bd3e07c82a pcm-mpeg: convert to bytestream2 API
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Janne Grunau <janne-libav@jannau.net>
2012-03-12 23:03:57 +01:00
Janne Grunau
8a6037c390 Revert "h264: clear trailing bits in partially parsed NAL units"
This reverts commit 729ebb2f185244b0ff06d48edbbbbb02ceb4ed4e.

There was an off-by-one error in the bit mask calculation clearing
actually the last valid bit and causing
http://bugzilla.libav.org/show_bug.cgi?id=227

The broken sample (Mr_MrsSmith-h264_aac.mp4) the commit was fixing
does not work after correcting the off-by-one error.

CC: libav-stable@libav.org
2012-03-12 22:46:56 +01:00
Janne Grunau
363bd1c62c remove iwmmxt optimizations
The were broken since August of 2010 without anyone noticing until
three weeks ago. Nobody cares about it anymore and hopefully Marvell
will support NEON like in the PXA978 from now on.
2012-03-12 22:46:56 +01:00
Nico Weber
599888a480 Move struc FFTContext below SECTION_RODATA
Yasm creates an implicit unaligned text section if "struc" is used
outside of any section:
http://tortall.lighthouseapp.com/projects/78676-yasm/tickets/247

Since yasm only honors the "align" annotation on the first declaration
of a section, this implicit text section causes all text section
alignments to be ignored. Also fixes a yasm warning about it agnoring
alignment.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-12 21:54:37 +01:00
Paul B Mahol
33c5c3ad07 mimic: do not continue if swap_buf_size is 0
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 11:47:48 -07:00
Paul B Mahol
dba425ad7a mimic: convert to bytestream2 API
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 11:46:34 -07:00
Paul B Mahol
05d089a80b frwu: use MKTAG to check marker instead of AV_RL32
Using intreadwrite.h for this is overkill.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 11:41:02 -07:00
Paul B Mahol
919f355438 txd: port to bytestream2 API
Protects against overreads.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-03-12 11:37:47 -07:00
Paul B Mahol
85aded741e c93: convert to bytestream2 API
Protects against overreads.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-03-12 17:13:42 +02:00
Hendrik Leppkes
0aedd8c0bd dxva2_vc1: pass the overlap flag to the decoder
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-12 06:12:35 +01:00
Hendrik Leppkes
a3c5aefff2 dxva2_vc1: fix decoding of BI frames
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-12 06:11:21 +01:00
ami_stuff
86b6e49d92 iff: check for pbm tag
more robust

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-12 05:09:37 +01:00
Michael Niedermayer
1c27359867 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  dsicinvideo: validate buffer offset before copying pixels.
  cook: error out on quant_index values outside [-63, 63] range.
  mpc: pad mpc_CC/SCF[] tables to allow for negative indices.

Conflicts:
	libavcodec/cook.c
	libavcodec/dsicinav.c
	libavcodec/mpc.c
	libavcodec/mpc7.c
	libavcodec/mpcdata.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-12 04:35:06 +01:00
Thilo Borgmann
599881b028 alsdec: Fix out of ltp_gain_values read.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-11 16:56:23 +01:00
Thilo Borgmann
daeffccd98 alsdec: pretty print for another log message
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-11 16:55:42 +01:00
Ronald S. Bultje
c95fefa042 dsicinvideo: validate buffer offset before copying pixels.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-11 07:28:54 -07:00
Ronald S. Bultje
97e48b2f54 cook: error out on quant_index values outside [-63, 63] range.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-10 17:51:28 -08:00
Michael Niedermayer
c3c2db49a7 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  cook: expand dither_tab[], and make sure indexes into it don't overflow.
  xxan: reindent xan_unpack_luma().
  xxan: protect against chroma LUT overreads.
  xxan: convert to bytestream2 API.
  xxan: don't read before start of buffer in av_memcpy_backptr().
  vp8: convert mbedge loopfilter x86 assembly to use named arguments.
  vp8: convert inner loopfilter x86 assembly to use named arguments.

Conflicts:
	libavcodec/xxan.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-11 01:12:52 +01:00
Ronald S. Bultje
d7eabd5042 mpc: pad mpc_CC/SCF[] tables to allow for negative indices.
MPC8 allows indices of mpc_CC up to -1, and mpc_SCF up to -6, thus pad
the tables by that much on the left end.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-10 14:28:08 -08:00
Michael Niedermayer
2440040c7b vc1: add missing entries to ff_vc1_fps_nr.
Fixes out of array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-10 23:12:42 +01:00
Michael Niedermayer
8e9a0a3568 mpc7: check subband index
This fixes a overread

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-10 23:12:42 +01:00
Michael Niedermayer
ecc31630f9 mjpegb: Detect changing nb of planes in interlaced video.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-10 23:12:42 +01:00