Fixes rare race condition leading to null pointer dereferences.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit '0b300daad2f5cb59a7c06dde5ac701685e6edf16':
h264: error out on unset current_picture_ptr for h->current_slice > 0
avprobe: report per stream bit rate if set by the decoder
aac: avoid a memcpy in sbr_qmf_analysis
Conflicts:
avprobe.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '9d46eaec7a90bd8f5cd9e45398c6d17804182320':
build: The FLAC encoder also depends on the flacdsp code
img2: K&R formatting cosmetics
h264: check context state before decoding slice data partitions
flashsv: make sure data for zlib priming is available
Conflicts:
libavcodec/Makefile
libavformat/img2.c
libavformat/img2dec.c
libavformat/img2enc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '6e5cdf26281945ddea3aaf5eca4d127791f23ca8':
h264: check ref_count validity for num_ref_idx_active_override_flag
h264: add missing new line to log message
dcadec: skip QMF on unused channels
wavenc: write fact chunk sample count at the correct file position
riff: do not add empty metadata tags in INFO chunk
Conflicts:
libavcodec/dcadec.c
libavcodec/h264.c
libavformat/riff.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This does not seem to have an effect currently. Fate-h264 passes with
THREADS=1..16 and both threading types as before. It fixes however a
segfault during error resilience with my adaptive-frame-mt patchset.
A picture in use during error resilience gets realloced in another
thread in the fuzzed sample sample_varPAR.avi_s226019.
* commit '5ae72f54532960cb9eae82a1c9e8d505106c022b':
flashsv: check for keyframe before using differential coding
h264: enable low delay only if no delayed frames were seen
x86: fix build without inline asm
Conflicts:
libavcodec/h264.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Dropping frames is undesirable but that is the only way by which the
decoder could return to low delay mode. Instead emit a warning and
continue with delayed frames.
Fixes a crash in fuzzed sample nasa-8s2.ts_s20033 caused by a larger
than expected has_b_frames value. Low delay keeps getting re-enabled
from a presumely broken SPS.
CC: libav-stable@libav.org
s->mb_x is reset to zero a couple of lines above. It does not make
sense to call ff_er_add_slice() with 0 as endx when the end of the
macroblock row was reached. Fixes unnecessary and counterproductive
error resilience in https://bugzilla.libav.org/show_bug.cgi?id=394.
CC: libav-stable@libav.org
* qatar/master:
mingw/cygwin: Stop adding -fno-common to gcc CFLAGS
Restructure av_log_missing_feature message
rtp: Support packetization/depacketization of opus
file: Set the return value type for lseek to int64_t.
ppc: fix Altivec build with old compilers
build: add LTO support for PGI compiler
build: add -Mdse to PGI optimisation flags
rtpenc_vp8: Update the packetizer to the latest spec version
rtpdec_vp8: Make the depacketizer implement the latest spec draft
doc: allow building with old texi2html versions
avutil: skip old_pix_fmts.h since it is just a list
Conflicts:
libavcodec/aacdec.c
libavcodec/h264.c
libavcodec/ppc/fmtconvert_altivec.c
libavcodec/utils.c
libavformat/file.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Some invocations include a verb in the log message, others do not. Yet
av_log_missing_feature expects callers to provide a verb. Change the
function to include a verb instead and update the callers accordingly.
The result is a more natural function API and correct English in the
function invocations.
* qatar/master:
h264: avoid stuck buffer pointer in decode_nal_units
mpeg12: fix the semantics of the int* parameter of decode()
Conflicts:
libavcodec/mpeg12.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
When decode_nal_units() previously encountered a NAL_END_SEQUENCE,
and there are some junk bytes left in the input buffer, but no start codes,
buf_index gets stuck 3 bytes before the end of the buffer.
This can trigger an infinite loop in the caller code, eg. in
try_decode_trame(), as avcodec_decode_video() then keeps returning zeroes,
with 3 bytes of the input packet still available.
With this change, the remaining bytes are skipped so the whole packet gets
consumed.
CC:libav-stable@libav.org
Signed-off-by: Jindřich Makovička <makovick@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
* commit '0db2d94280e260af5f3ad7993c5a6357462f17c9':
dsputil: workaround __VA_ARGS__ missing tokenization for MSVC
configure: add section for libc-specific hacks
build: disable ranlib on mingw
parser: Don't use pc as context for av_dlog
h264: Remove an assert on current_picture_ptr being null
Conflicts:
configure
libavcodec/h264.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
It is possible in various error paths as well as gap handling
that this has already been allocated. It is not clear why that
would be a problem with the current code, thus disable the
assert to avoid a common assert failure when asserts are enabled.
Signed-off-by: Martin Storsjö <martin@martin.st>
The h264_vdpau decoder crashed if output colorspace was not 8-bit 420.
Add a check to error out instead (current hardware does not support
other colorspaces, so successful decoding is not possible).
Check implemented at a different place by michael, thus blame for bugs goes to michael
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>