10723 Commits

Author SHA1 Message Date
Anton Khirnov
ec4c483976 lavf: add a protocol whitelist/blacklist for file opened internally
Should make the default behaviour safer for careless callers that open
random untrusted files.

Bug-Id: CVE-2016-1897
Bug-Id: CVE-2016-1898
2016-02-22 11:48:30 +01:00
Anton Khirnov
8c0ceafb0f urlprotocol: receive a list of protocols from the caller
This way, the decisions about which protocols are available for use in
any given situations can be delegated to the caller.
2016-02-22 11:45:31 +01:00
Anton Khirnov
cae448cfbf aviobuf: add a private data struct for avio_open()ed contexts
It will be useful in the following commits.
2016-02-22 11:36:47 +01:00
Anton Khirnov
832a202c47 protocols: make the list of protocols static
Disallow other code to touch it directly, now it's only accessible
through a blacklisting/whitelisting function.
2016-02-22 11:35:57 +01:00
Anton Khirnov
7d61dc95d7 lavf: move urlcontext_child_class_next() to protocols.c
It needs to access the list of protocols directly, so it more properly
belongs there.
2016-02-22 11:35:52 +01:00
Anton Khirnov
0fa00d0591 lavf: move avio_enum_protocols() to protocols.c
It's a more appropriate place for it.
2016-02-22 11:35:46 +01:00
Anton Khirnov
2758cdedfb lavf: reorganize URLProtocols
Instead of a linked list constructed at av_register_all(), store them
in a constant array of pointers.

Since no registration is necessary now, this removes some global state
from lavf. This will also allow the urlprotocol layer caller to limit
the available protocols in a simple and flexible way in the following
commits.
2016-02-22 11:30:58 +01:00
Anton Khirnov
225e84e745 hls: disallow opening nested files in child demuxers 2016-02-22 11:30:33 +01:00
Anton Khirnov
e192cd9ce2 smoothstreamingenc: do not open the files as read+write
They are only written to, never read.
2016-02-22 11:30:24 +01:00
Anton Khirnov
d082078a88 dashenc: eliminate ffurl_* usage
Now all IO should go through the IO callbacks and be interceptable by
the caller.
2016-02-22 11:29:00 +01:00
Anton Khirnov
7fbb3b5b98 lavf: use the io_open callbacks for files opened from open_input() as well
There is no real reason to treat them differently.
2016-02-22 11:28:35 +01:00
Anton Khirnov
dc6527ed90 nutenc: do not use AVCodecContext.frame_size
It will in general not be available. Use block_align if known or fall
back to av_get_audio_frame_duration().
2016-02-22 11:28:00 +01:00
Luca Barbato
bf7be043fc matroska: Always consider S_TEXT/UTF8 as SRT when demuxing
Reported-By: Maxim Koitsov <maksbotan@gentoo.org>
2016-02-22 09:40:16 +01:00
Diego Biurrun
8d918a98aa rtpdec: Use the right logging context 2016-02-19 20:38:18 +01:00
Luca Barbato
f273f7fb25 mkv: Force the full parsing of mp3
Some muxer might or might not fit incomplete mp3 frames in
their packets.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-19 17:35:33 +01:00
Luca Barbato
3ef98937f5 mov: Force the full parsing of mp3
Some muxer might or might not fit incomplete mp3 frames in
their packets.

Bug-Id: 899

CC: libav-stable@libav.org

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-19 17:35:26 +01:00
Diego Biurrun
0d1229f1d2 voc: Split ff_voc_get_packet into a separate file 2016-02-18 15:35:46 +01:00
Diego Biurrun
624e235502 build: Introduce iso_media component 2016-02-18 15:35:46 +01:00
Diego Biurrun
82454c3a82 build: Let the WTV demuxer select the MPEG-TS demuxer
The WTV demuxer depends on large parts of the MPEG-TS demuxer internals
anyway and fails to build without it.
2016-02-18 15:35:45 +01:00
Diego Biurrun
29c2d06d67 cosmetics: Drop empty comment lines 2016-02-18 15:35:30 +01:00
Vittorio Giovara
b92962436b mov: Fix the format specifier type for size
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-16 18:25:47 +01:00
Luca Barbato
5eb562831b mov: Use the correct type for size
An AVIO offset is int64_t.

Bug-Id: 921
2016-02-14 11:44:38 +01:00
Luca Barbato
e579d8b29c lavf: Dump the cpb side data information 2016-02-13 14:03:52 +01:00
Andreas Cadhalpun
2e6ba1993e asfdec: make sure packet_size is non-zero before seeking
This fixes infinite loops due to seeking back.

Signed-off-by: Alexandra Hájková <alexandra@khirnov.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-07 03:12:33 +01:00
Andreas Cadhalpun
bf50607ab7 asfdec: check for too small size in asf_read_unknown
This fixes infinite loops due to seeking back.

Signed-off-by: Alexandra Hájková <alexandra@khirnov.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-07 03:12:33 +01:00
Andreas Cadhalpun
e4d1621c6e asfdec: check avio_skip in asf_read_simple_index
The loop can be very long, even though the file is very short.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra@khirnov.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-07 03:12:33 +01:00
Andreas Cadhalpun
a32dbf2aed asfdec: break if EOF is reached after asf_read_packet_header
asf_read_payload can unset eof_reached, so check it also before calling
that function.

This fixes infinite loops.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra@khirnov.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-02-07 03:12:33 +01:00
Vittorio Giovara
e80307140f yuv4mpegenc: Use AV_CEIL_RSHIFT where needed 2016-01-25 12:02:44 -05:00
Anton Khirnov
81306fd4bd hls: eliminate ffurl_* usage
Now all IO should go through the IO callbacks and be interceptable by
the caller.
2016-01-24 16:50:13 +01:00
Anton Khirnov
9f61abc811 lavf: allow custom IO for all files
Some (de)muxers open additional files beyond the main IO context.
Currently, they call avio_open() directly, which prevents the caller
from using custom IO for such streams.

This commit adds callbacks to AVFormatContext that default to
avio_open2()/avio_close(), but can be overridden by the caller. All
muxers and demuxers using AVIO are switched to using those callbacks
instead of calling avio_open()/avio_close() directly.

(de)muxers that use the URLProtocol layer directly instead of AVIO
remain unconverted for now. This should be fixed in later commits.
2016-01-24 16:45:32 +01:00
Piotr Bandurski
55c7e5bf7c riff: add C210 FourCC (Canopus C210) 2016-01-21 15:33:19 -05:00
Piotr Bandurski
7c4059ae1e riff: add YUYV FourCC (Drastic YUYV) 2016-01-21 15:33:19 -05:00
Derek Buitenhuis
65d29dd274 mov: Add an option to toggle dref opening
This feature is mostly only used by NLE software, and is
both of dubious value being enabled by default, and a
possible security risk.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-01-21 14:32:39 +01:00
Martin Storsjö
e4eb13ca77 flvdec: Add sanity checking of the last packet size
For http, this avoids spurious warnings about failed requests (e.g.
HTTP error 416 Requested Range Not Satisfiable), if the last packet
is truncated and the size read is bogus.

Signed-off-by: Martin Storsjö <martin@martin.st>
2016-01-19 14:24:35 +02:00
Michael Niedermayer
09f4822e4e flvdec: perform duration search just once
When loading a truncated flv file, it would previously try to do a seek to
the end of every packet read. For some input protocols (such as http), such
repeated seek attempts are cripple the reading performance.

Signed-off-by: Martin Storsjö <martin@martin.st>
2016-01-19 14:24:34 +02:00
Andreas Cadhalpun
9cdddb93bb nutdec: only copy the header if it exists
Fixes runtime error: null pointer passed as argument 2, which is
declared to never be null

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2016-01-13 09:44:44 +01:00
Andreas Cadhalpun
5b83b24ccb nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2016-01-13 09:37:11 +01:00
Anton Khirnov
9cce011b1d movenc-test: stop setting the GLOBAL_HEADER codec flag
This test does no encoding, setting the flag was done just to silence
the warning removed in the previous commit.
2016-01-12 09:12:24 +01:00
Anton Khirnov
521dc78366 mux: drop the warning about global headers
The AVStream codec context is often not (and should not be) the actual
encoding context, so this warning will be spurious in many cases.
2016-01-12 09:12:24 +01:00
Clément Bœsch
7570c9e04f swfdec: support compressed swf
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2016-01-11 15:32:56 -05:00
Alexandra Hájková
34d45b3616 asfdec: Fix typo in comment
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2016-01-11 21:00:49 +01:00
Alexandra Hájková
066281372d asfdec: Remove unused function parameters
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2016-01-07 08:20:21 +01:00
Andreas Cadhalpun
2aec600ae7 asfdec: reject size > INT64_MAX in asf_read_unknown
Both avio_skip and detect_unknown_subobject use int64_t for the size
parameter.

This fixes a segmentation fault due to infinite recursion.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2016-01-07 08:20:21 +01:00
Andreas Cadhalpun
c69461d737 asfdec: only set asf_pkt->data_size after sanity checks
Otherwise invalid values are used unchecked in the next run.
This can cause NULL pointer dereferencing.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Alexandra Hájková <alexandra.khirnova@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2016-01-07 08:20:21 +01:00
Diego Biurrun
69a68593ce Remove stray line breaks from avpriv_{report_missing_feature|request_samples} 2015-12-26 10:28:03 +01:00
Diego Biurrun
5049f6b772 rtpdec_jpeg: Coalesce redundant error checks 2015-12-26 10:26:29 +01:00
Stefan Pöschel
dbce017913 mpegtsenc: add flag to embed an AC-3 ES the DVB way
So far an AC-3 elementary stream is refered to in the PMT according to
System A (ATSC). However System B (DVB) has a different way to signal an AC-3
ES within the PMT. This different way can be enabled by a new flag. The flag is
more generally named 'system_b' as there are further differences between ATSC
and DVB (e.g. the signalling of E-AC-3) which should then also be covered by it
in the future.

Bug-Id: 73

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2015-12-14 15:16:33 +01:00
Anton Khirnov
5bc223b15d r3d: fix an invalid read introduced in 6bf4c1d 2015-12-14 12:12:42 +01:00
Martin Storsjö
64f8c439fd rtmpproto: Include the full path as app when "slist=" is found
This matches what librtmp does. This fixes automatic url parsing of
crunchyroll urls.

Signed-off-by: Martin Storsjö <martin@martin.st>
2015-12-13 23:23:06 +02:00
Anton Khirnov
9f0b6e6827 vocdec: do not create the stream in read_header()
The stream parameters are not known until we read a packet, so postpone
creating it until then.
2015-12-12 21:27:11 +01:00