Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8003816e1619e77d8de051883264aa090e0d78cc)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 21a53dd08dce7cc5b3fdf9c4826b4b74d8300ea0)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit db27f50e0658e91758e8a17fdcf390e6bc93c1d2)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The previous code assumed if an atom was marked with a 64-bit
size extension, it actually had that data available. The new
code verfies there's enough data in the atom for this to be
done.
Failure to verify causes total_size > atom.size which will
result in negative size calculations later on.
Found-by: Paul Mehta <paul@paulmehta.com>
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3ebd76a9c57558e284e94da367dd23b435e6a6d0)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Paul Mehta <paul@paulmehta.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3859868c75313e318ebc5d0d33baada62d45dd75)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The code previously added 1 to len without checking its size,
resulting in an overflow which can corrupt value[-1] -- which
may be used to store unaligned ptr information for certain
allocators.
Found-by: Paul Mehta <paul@paulmehta.com>
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Also see [FFmpeg-devel] [PATCH] avformat/mov: strengthen some table allocations
which contains more fixes but is unfinished
Fixes: signal_sigabrt_7ffff6ac7bb9_3484_cov_1830000177_starfox2.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1b5d11240692025f036e945bc37968735679320a)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This reverts commit 691dec62011fe9993809fbc793126b40cac0c584.
The commit did not fix ticket #3215, it was fixed one commit earlier.
The revert may break other use-cases but they should be fixed differently,
the offending commit introduced too many problems.
Fixes ticket #3377.
Fixes ticket #3378.
(cherry picked from commit 54bbe3e2a645b4f7b36efac2bca331d3be98592a)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The correct point that seperates ISO and MAC language codes is 0x400
according to the current QT spec. Old QT specs did not list where this
seperation is but apparently only defined the meaning of the first 137.
(cherry picked from commit 9e71cc81f3655cacf0f91860fba3043f13b64059)
This uses STTS and TRUN information to calculate the fps
It seems to work with more files than the previous code
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The track duration is often not reliable or is not the duration
represented by the number of frames. In those cases, avg_frame_rate
was reported incorrectly. Removing this code falls back to the
default calculation in avformat_find_stream_info().
This is a partial revert of commit c3aeaa540.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* commit '2620df13104ddaa136158eb6bb1195adbf9d7692':
mov: Free an earlier allocated array if allocating a new one
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'd51f09962d5b4bc999fb70c040f330dd1873212e':
mov: Free intermediate arrays in the normal cleanup function
Conflicts:
libavformat/mov.c
See: a6b3e6d0b49b47c9b874e59b88a8051af338f520
Merged-by: Michael Niedermayer <michaelni@gmx.at>
It could probably also be considered an error if the pointer isn't
null at this point, but then we might risk rejecting some
slightly broken files that we might have handled so far.
Sample-Id: 00000496-google
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
These arrays are normally freed at the end of mov_read_trak,
but make sure they're freed in case mov_read_trak returned
early (due to errors) or in case the atoms that allocate arrays
are encountered at some other point than within a trak (which
we don't have checks against).
Sample-Id: 00000496-google
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f3f90a8606a_3018_Sequence_1-Apple_ProRes_422_LT.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes: msan_uninit-mem_7f58816b71e3_7025_mov_svq3___svq3_weird_prediction2.mov
Fixes use of uninitialized memory
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes: msan_uninit-mem_7f4960453a02_7264_mr_cork_jpeg.mov
Fixes use of uninitialized memory
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f46d5199ee1_9456_vc1-wmapro.ism
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This was never done for avi files, the decoder always produced
output no matter if a palette was computed or not.
Since a non-standard palette was needed, this simplifies the code.
See issue 1067 and ticket #165.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized data
Fixes: msan_uninit-mem_7ff57193e77e_2715_RAW512K_Stream_004.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array read
Fixes: signal_sigsegv_6f1855_3910_avid_test_alpha.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Generate extradata with SPS/PPS based on container dimensions.
Authors of this commit are: Reimar and Thomas Mundt
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Fixes playback of some AAC streams, which are otherwise mangled by the
parser, and stss is typically only valid for video anyway.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'b698542ad83284fbb8c22404e3cafeb2dd739d38':
mov: Don't allocate arrays with av_malloc that will be realloced
Merged-by: Michael Niedermayer <michaelni@gmx.at>
