32853 Commits

Author SHA1 Message Date
Paul B Mahol
d4eeadcbbf truespeech: align buffer
DSPContext.bswap_buf() requires aligned output

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-31 21:42:33 -08:00
Mans Rullgard
034b03e7a0 ac3: Do not read past the end of ff_ac3_band_start_tab.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-31 18:32:14 -08:00
Alex Converse
2d1c0dea5f dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936.
Found with asan.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-31 18:32:13 -08:00
Michael Niedermayer
5a396bb3a6 dv: Fix null pointer dereference due to ach=0
dv: Fix null pointer dereference due to ach=0

Fixes part2 of CVE-2011-3929

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-31 18:32:13 -08:00
Michael Niedermayer
635bcfccd4 dv: check stype
dv: check stype

Fixes part1 of CVE-2011-3929
Possibly fixes part of CVE-2011-3936

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-31 18:32:13 -08:00
Janne Grunau
e67e3a3f4a fate-golomb: extend golomb-test to get_ue_golomb_long()
get_ue_golomb_long() is only tested for values up to 2^15 - 2 since
we can not write larger values.
Silence the test on success and return a non-zero value on error.
Use an heap scratch buffer instead of large stack buffer.
Remove unneeded includes.
2012-02-01 01:18:55 +01:00
Alex Converse
c0bc7bd1e7 swfdec: Simplify sample rate calculation. 2012-01-31 15:55:46 -08:00
Diego Biurrun
52afc97168 fate: add golomb-test 2012-01-31 19:56:13 +01:00
Diego Biurrun
9e3a2736bd golomb-test: K&R formatting cosmetics 2012-01-31 19:56:13 +01:00
Diego Biurrun
631f96f959 h264: Split h264-test off into a separate file - golomb-test.c.
The new name is more appropriate as only golomb functions are tested.
2012-01-31 19:56:12 +01:00
Diego Biurrun
4ff46af039 h264-test: cleanup: drop timer invocations, commented out code and other cruft 2012-01-31 19:56:11 +01:00
Diego Biurrun
3856a2aaa6 h264-test: Remove unused DSP and AVCodec contexts and related init calls.
This also avoids a segfault on startup.
2012-01-31 19:56:09 +01:00
Diego Biurrun
b010178e84 adpcm: Add missing stdint.h #include to fix standalone header compilation. 2012-01-31 19:13:00 +01:00
Anton Khirnov
dd6d3b0e02 lavf: add functions for accessing the fourcc<->CodecID mapping tables.
Fixes bug 212.
2012-01-31 16:53:35 +01:00
Anton Khirnov
bc90199848 lavc: set AVCodecContext.codec in avcodec_get_context_defaults3().
This way, if the AVCodecContext is allocated for a specific codec, the
caller doesn't need to store this codec separately and then pass it
again to avcodec_open2().

It also allows to set codec private options using av_opt_set_* before
opening the codec.
2012-01-31 16:53:35 +01:00
Anton Khirnov
0e72ad95f9 lavc: make avcodec_close() work properly on unopened codecs.
I.e. free the priv_data and other stuff allocated in
avcodec_alloc_context3() and not segfault.
2012-01-31 07:56:21 +01:00
Anton Khirnov
af08d9aeea lavc: add avcodec_is_open().
It allows to check whether an AVCodecContext is open in a documented
way. Right now the undocumented way this check is done in lavf/lavc is
by checking whether AVCodecContext.codec is NULL. However it's desirable
to be able to set AVCodecContext.codec before avcodec_open2().
2012-01-31 07:55:24 +01:00
Anton Khirnov
f7fe41a04f lavf: rename AVInputFormat.value to raw_codec_id.
It's only used by raw demuxers for storing the codec id.
2012-01-31 07:50:31 +01:00
Anton Khirnov
9a463917d3 lavf: remove the pointless value field from flv and iv8
The demuxers don't use it in any way.
2012-01-31 07:48:03 +01:00
Anton Khirnov
afa4069e3b lavc/lavf: remove unnecessary symbols from the symbol version script. 2012-01-31 07:26:31 +01:00
Anton Khirnov
f5f49a66a2 lavc: reorder AVCodec fields.
Put all private fields at the end and mark them as such so they can be
easily changed/removed.

This breaks ABI.
2012-01-31 07:26:18 +01:00
Anton Khirnov
183eaa9a25 lavf: reorder AVInput/OutputFormat fields.
Put all private fields at the end and mark them as such so they can be
easily changed/removed.

This breaks ABI.
2012-01-31 07:21:06 +01:00
Alex Converse
f372ce119b mp3dec: Fix a heap-buffer-overflow
In some cases, what is left to read from ptr is smaller than EXTRABYTES.

Based on a patch by Thierry Foucu <tfoucu@gmail.com>.

Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-30 16:49:15 -08:00
Justin Ruggles
a3a0691bde adpcmenc: remove some unneeded casts 2012-01-30 19:12:55 -05:00
Justin Ruggles
149f2058a4 adpcmenc: use int16_t and uint8_t instead of short and unsigned char. 2012-01-30 19:12:55 -05:00
Justin Ruggles
dd88ae831a adpcmenc: fix adpcm_ms extradata allocation
Add FF_INPUT_BUFFER_PADDING_SIZE.
If allocation fails, also free memory which was allocated previously in
adpcm_encode_init().
2012-01-30 19:12:55 -05:00
Justin Ruggles
877a1d409c adpcmenc: return proper AVERROR codes instead of -1 2012-01-30 19:12:55 -05:00
Justin Ruggles
cb023d9afe adpcmenc: check for coded_frame allocation failure 2012-01-30 19:12:55 -05:00
Justin Ruggles
ddf70db6d7 adpcmenc: Do not set coded_frame->key_frame.
It is already set in avcodec_alloc_frame().
2012-01-30 19:12:54 -05:00
Justin Ruggles
3c4add27f7 mpc7: check for allocation failure 2012-01-30 19:11:29 -05:00
Justin Ruggles
eac31dd163 mpc7: align local temp buffer
DSPContext.bswap_buf() requires aligned output
2012-01-30 19:11:29 -05:00
Christophe Gisquet
e5c9de2ab7 rv40: x86 SIMD for biweight
Provide MMX, SSE2 and SSSE3 versions, with a fast-path when the weights are
multiples of 512 (which is often the case when the values round up nicely).

*_TIMER report for the 16x16 and 8x8 cases:
C:
9015 decicycles in 16, 524257 runs, 31 skips
2656 decicycles in 8, 524271 runs, 17 skips
MMX:
4156 decicycles in 16, 262090 runs, 54 skips
1206 decicycles in 8, 262131 runs, 13 skips
MMX on fast-path:
2760 decicycles in 16, 524222 runs, 66 skips
995 decicycles in 8, 524252 runs, 36 skips
SSE2:
2163 decicycles in 16, 262131 runs, 13 skips
832 decicycles in 8, 262137 runs, 7 skips
SSE2 with fast path:
1783 decicycles in 16, 524276 runs, 12 skips
711 decicycles in 8, 524283 runs, 5 skips
SSSE3:
2117 decicycles in 16, 262136 runs, 8 skips
814 decicycles in 8, 262143 runs, 1 skips
SSSE3 with fast path:
1315 decicycles in 16, 524285 runs, 3 skips
578 decicycles in 8, 524286 runs, 2 skips

This means around a 4% speedup for some sequences.

Signed-off-by: Diego Biurrun <diego@biurrun.de>
2012-01-30 23:58:25 +01:00
Diego Biurrun
91bafb52ae x86: Give RV40 init file a more suitable name. 2012-01-30 23:58:24 +01:00
Diego Biurrun
c30b198381 x86: Place mm_flags variable declaration below the appropriate #ifdef.
This fixes some unused variable warnings with YASM disabled.
2012-01-30 23:58:23 +01:00
Martin Storsjö
75ab1e62d4 movdec: Ignore sample_degradation_priority bits when checking first_sample_flags
This makes the first packet of a track fragment run to get
the keyframe flag set properly if sample_degradation_priority
is nonzero.

This makes the keyframes flag be set properly for ismv files
created by Microsoft.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-31 00:13:31 +02:00
Martin Storsjö
89f6e8a20c flvdec: Interpret a toplevel 'object' type metadata item as normal metadata, too
Previously, we've only passed the key string on to the recursive
amf_parse_object for the mixedarray type, not for 'object'. By
passing the key string on, the recursive amf_parse_object can
store the amf objects as metadata.

This kind of data was seen in data from XSplit Broadcaster, received
over RTMP via Wowza. This patch allows reading this metadata.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-30 23:34:47 +02:00
Anton Khirnov
d7edd359ec avconv: deprecate the -deinterlace option
Its quality is horrible, yadif should always be used instead.
2012-01-30 21:43:08 +01:00
Martin Storsjö
c9b309e8cb doc: Fix the name of the new function
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-30 21:29:56 +02:00
Justin Ruggles
89eea6df28 aacenc: make sure to encode enough frames to cover all input samples.
Currently, any samples in the final frame are not decoded because they are
only represented by one frame instead of two. So we encode two final frames to
cover both the analysis delay and the MDCT delay.
2012-01-30 14:20:24 -05:00
Justin Ruggles
f44005b610 aacenc: only use the number of input samples provided by the user.
Fixes handling of CODEC_CAP_SMALL_LAST_FRAME.
2012-01-30 14:20:24 -05:00
Alex Converse
48f1e5212c wmadec: Verify bitstream size makes sense before calling init_get_bits.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
2012-01-30 10:54:24 -08:00
Alex Converse
ae35210a5d kmvc: Log into a context at a log level constant. 2012-01-30 10:54:24 -08:00
Alex Converse
dfa37fe8a3 mpeg12: Pad framerate tab to 16 entries.
There are many places where we read an unchecked 4-bit index into it.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
2012-01-30 10:19:01 -08:00
Michael Niedermayer
a02e8df973 kgv1dec: Increase offsets array size so it is large enough.
Fixes CVE-2011-3945

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 807a045ab7f51993a2c1b3116016cbbd4f3d20d6)

Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-30 10:16:23 -08:00
Alex Converse
386741f887 kmvc: Check palsize.
Fixes: CVE-2011-3952

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Based on fix by Michael Niedermayer
2012-01-30 10:16:17 -08:00
Alex Converse
c898431ca5 nsvdec: Propagate errors
Related to CVE-2011-3940.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
2012-01-30 10:15:41 -08:00
Alex Converse
8fd8a48263 nsvdec: Be more careful with av_malloc().
Check results for av_malloc() and fix an overflow in one call.

Related to CVE-2011-3940.

Based in part on work from Michael Niedermayer.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
2012-01-30 10:15:19 -08:00
Michael Niedermayer
6a89b41d97 nsvdec: Fix use of uninitialized streams.
Fixes CVE-2011-3940 (Out of bounds read resulting in out of bounds write)

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5c011706bc752d34bc6ada31d7df2ca0c9af7c6b)

Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-30 10:14:06 -08:00
Martin Storsjö
b7d3dd907f movenc: cosmetics: Get rid of camelCase identifiers
Also add spacing around operators on touched lines, and split
one line to match the common style.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-30 19:24:39 +02:00
Paul B Mahol
08d8029ea8 swscale: more generic check for planar destination formats with alpha
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-30 07:37:13 -08:00