Commit Graph

800 Commits

Author SHA1 Message Date
Tom Finegan
6ab4f8fa97 Limit string element size to 20 million bytes.
Avoids crashes in allocators when fuzzers or maliciously
crafted streams make elements appear extremely large.

BUG=b/68352235

Change-Id: I71c293d8abdff0d188a881c4366bc09182ac32f8
2018-01-30 15:00:40 -08:00
Tom Finegan
12b42e9920 Merge "Replace uses of deprecated std::auto_ptr with std::unique_ptr." 2018-01-24 20:57:01 +00:00
Lisa Velden
d707c67276 Replace uses of deprecated std::auto_ptr with std::unique_ptr.
Change-Id: I8d67fc6f3ce168f4d8b6330549f766dbf5374d61
2018-01-24 11:37:37 +01:00
Michael Bradshaw
8f638df2c3 Set a maximum limit on element recursion depth
The maximum recursion depth is set to 25. If that's not sufficient for
someone's needs, they're welcome to submit a patch that makes it
configurable.

This fixes a stack overflow found by AutoFuzz. The stack overflow was
caused by recursing too much. I've included the fuzzer's test cases in
the fuzzing/corpus directory. I've also created two (one for SimpleTag
and ChapterAtom each) additional test files, each comprised of 10,000
recursively nested elements. Manually running the fuzzer (with ASan and
UBSan) shows all inputs are now handled correctly, and no stack
overflows occur.

Change-Id: I8514259fd0788e71a58e3ccce2a0fb8a3523acfc
2018-01-22 13:50:14 -08:00
Tom Finegan
1653953c39 Silence -Wdeprecated-declarations in GCC 4.7+.
Change-Id: I63a8bdb0649452a8e50b579f61bc4ea5d7e294f7
2017-12-18 11:35:40 -08:00
Hui Su
9e37f34e48 Update VP9 level definition
Add luma picture max width and height constraint.

BUG=b/65412009

Change-Id: I25545eb632b29c4241e335896e6f284102e27623
2017-12-07 16:34:18 -08:00
Michael Bradshaw
b03c65468b Merge "webm_parser: Add new enum values" 2017-11-03 22:36:14 +00:00
Michael Bradshaw
8f709400a2 webm_parser: Add new enum values
For the new stereo mode, see https://github.com/google/spatial-media/blob/master/docs/spherical-video-v2-rfc.md#webm-matroska
For the new color primaries, see ISO/IEC 23001-8:2016

Change-Id: I92c2bb0fedc2b1895d893ad55095d29c811c0dcf
2017-11-03 11:41:03 -07:00
Tom Finegan
7dd0b80931 Avoid overflows in Block::GetTimeCode().
BUG=b/66854237

Change-Id: I721bfa0579597995ae0b488f69bcf17aba6c32c6
2017-09-30 12:14:05 -07:00
Tom Finegan
7baf4cb898 Merge "Fix include-what-you-use warning in common/file_util.cc." 2017-09-19 18:40:18 +00:00
Tom Finegan
e590bc2d5a Fix include-what-you-use warning in common/file_util.cc.
Add include for <string>.

Change-Id: I053fb2e6e36889e819703c601b2df8c6d313817f
2017-09-19 11:38:58 -07:00
Tom Finegan
fbc8ab96da Improve mingw support.
- Remove existing mingw-w64 toolchain file.
- Add x86 and x86_64 mingw-w64 toolchain files.
- Add gtest mingw work around (disable gtest cmake and build
  our own static lib).

Change-Id: Ic602df62f5485ccbd79deccf3aed2a4d35fef8ad
2017-09-18 13:19:36 -07:00
Tom Finegan
27eb0b9002 Fix builds with mingw x86 and x86_64.
- Deal with tmpnam_s() preproc issues in file_util.cc
  when building with mingw-w64..
- Add stdint.h include in mkvmuxer.cc.

Change-Id: I819a27e6d805d772a6e1863982a2eeafd27b2a0d
2017-09-18 13:19:17 -07:00
clang-format
22de626018 apply clang-format
Change-Id: I27aaabefca7e01a7762f50a17fb9219c19d82f1b
2017-08-27 18:33:01 -07:00
James Zern
960b81e356 .clang-format: update to 4.0.1
based on Google style with the following differences:
3a4
> # Generated with clang-format 4.0.1
10c11
< AlignTrailingComments: true
---
> AlignTrailingComments: false
15,16c16,17
< AllowShortIfStatementsOnASingleLine: true
< AllowShortLoopsOnASingleLine: true
---
> AllowShortIfStatementsOnASingleLine: false
> AllowShortLoopsOnASingleLine: false
23c24
< BraceWrapping:
---
> BraceWrapping:
37c38
< BreakBeforeTernaryOperators: true
---
> BreakBeforeTernaryOperators: false
51c52
< IncludeCategories:
---
> IncludeCategories:

Change-Id: I692c52b9d8c8421a9fc3097705763423a1437800
2017-08-27 18:32:45 -07:00
Vignesh Venkatasubramanian
86fa6dc2cb mkvparser: Fix potential overflow in Block::Parse
BUG=b/65045341

Change-Id: I198e72ea3859d2382a34e1e6dca957f9323af278
2017-08-25 11:28:01 -07:00
Vignesh Venkatasubramanian
245e7a258a mkvparser: Fix integer overflow in Block::GetTime
tc * scale could overflow theoretically (as it did in a fuzzed
file). The return -1 isn't really well defined, but that'll
probably do given this this is an extreme outlier case.

BUG=b/64953172

Change-Id: Id4aba673c3f85dee6ee25cc5f4b2db73b30ca8b3
2017-08-23 12:12:19 -07:00
Neil Birkbeck
2e76d22782 Add command line support for projection_type
Add command line for projection_type, projection_pose_{yaw,pitch,roll}.
Use a file for projection_private data to allow setting the contents
for cubemap, equirect, or mesh.

Change-Id: I45f20c68a5d01150d0fb3882ad1c587a8b9f63f2
2017-08-07 18:15:01 -07:00
Tom Finegan
9af1e59995 Avoid float overflows due to casts of out of range values.
BUG=b/37478056

Change-Id: I4eb9e6be25de6c682a252c7a1252ef040edd9eb1
2017-07-28 14:19:07 -07:00
Jerome Jiang
0ae757087f Fix android build failure with NDK r15b.
BUG=webm:1447

Change-Id: I8defe45cb94eb9c209ba72ce446786f24c14c0b8
2017-07-17 14:00:18 -07:00
James Zern
a97c484bfd Merge "disable -Wdeprecated-declarations in legacy code" 2017-06-22 02:02:16 +00:00
James Zern
90967863b2 mkvparser: fix float conversion warning
Change-Id: I2b79a6af431f9c51e5c32c75da18645674ebbb4d
2017-06-20 19:20:01 -07:00
James Zern
84e82579f7 disable -Wdeprecated-declarations in legacy code
this avoids downstream projects from needing to add this flag to their
build.

BUG=webm:1445

Change-Id: I03f3cc20496bc52245b6c3c013ae3c13936f4b4f
2017-06-20 19:18:42 -07:00
James Zern
a98f4950f6 AddGenericFrame: fix memory leak on failure
quiets a static analysis warning

Change-Id: I9fac3c495beefb0a76d0476573b95700662e082c
2017-05-01 18:50:20 -07:00
James Zern
da131dd350 AddCuePoint: fix memory leak on failure
quiets a static analysis warning

Change-Id: I288ab6216ecd066f7d6542a7465db1f182859c32
2017-05-01 15:18:38 -07:00
James Zern
b0cea9ce24 Add(Audio|Video)Track: fix memory leak on failure
quiets a static analysis warning

Change-Id: Iaa6909e94deae81ace3e65f37ab746d72031620f
2017-05-01 15:17:30 -07:00
Tom Finegan
a65b9e0287 Merge changes I7e467d31,Ia8633cab
* changes:
  Add test for projection parse failures.
  Add test for primary chromaticity parse failures.
2017-04-28 22:42:04 +00:00
James Zern
5261a679b7 webm_info: check vp9 ParseUncompressedHeader return
avoids potential side effects

BUG=webm:1416,webm:1417

Change-Id: I4acd4c9f86be20fa3c06af6c87c1ce538a50c84c
2017-04-21 15:16:17 -07:00
James Zern
85f7e2e428 webm_info,PrintVP9Info: validate alt ref sizes
fixes out of bounds reads with corrupted bitstreams

BUG=webm:1416,webm:1417

Change-Id: Ia643708b4b74d153a7b1dee1c4cbcab7f79d7111
2017-04-21 15:15:26 -07:00
James Zern
9b97ca197d vp9_header_parser_tests: check parser return
ensure ParseUncompressedHeader() succeeds with valid bitstreams

Change-Id: I1e3900fc08f3b6b2e86bc2f59fd8fd96bc26ad0f
2017-04-21 15:15:26 -07:00
James Zern
300d6d8719 CuePoint::Find: check Track pointer
replace assert with a check of the pointer, this is a public function so
should be tolerant of invalid parameters

BUG=webm:1415

Change-Id: I28a3a2ef905d62f11928dbbe54c119411d2b1f74
2017-04-19 23:24:27 -07:00
James Zern
50c44bb44d webm_info,OutputCues: fix indexing of tracks
use GetTrackByIndex() rather than GetTrackByNumber(). the former is
0-based the latter is by track id, this loop iterates through all tracks
based on the track count.
fixes a segfault with tracks non-starting at 1 / increasing by 1.

BUG=webm:1415

Change-Id: I916328575d0871cf4090b1d123644d6f01e6ffb1
2017-04-19 23:10:33 -07:00
James Zern
a0d27f0d51 mkvparser,Block::Parse: remove incorrect assert
this path has been error checked since:
986b64b mkvparser: Add error checking in Block::Parse.

BUG=webm:1405

Change-Id: I1c17c05076455f25ab888555d71d7b27c032e9dd
2017-04-18 12:45:43 -07:00
James Zern
784fc1bb7c vttdemux,CloseFiles: check file pointer before closing
BUG=webm:1405

Change-Id: I7729277c632d40d478aa80ca6a009f95038196fb
2017-04-17 15:55:17 -07:00
Tom Finegan
c59278c4b4 Merge ".gitattributes: force mkv/webm to be treated as binary" 2017-04-12 15:55:58 +00:00
James Zern
b4522c1cdf .gitattributes: force mkv/webm to be treated as binary
Change-Id: I91463cd9b709dcfbb4aedc128b89f98f40550f69
2017-04-11 12:45:30 -07:00
Tom Finegan
a118f3d570 Add test for projection parse failures.
Specifically for failures due a value too large to express as float.

BUG=b/36454364

Change-Id: I7e467d31ec49d865bc346b45d122411d13a74f76
2017-04-10 10:00:28 -07:00
Tom Finegan
d39847954d Add test for primary chromaticity parse failures.
Specifically for failures due to field size being too large.

BUG=webm:1381

Change-Id: Ia8633cab96d10ab485de1ab796a643e3c26a9923
2017-04-10 09:54:17 -07:00
Tom Finegan
9bbec4c905 Fix permissions on test file.
Change-Id: I062b685899e9125a4da29914357a494d2c63e256
2017-04-10 09:32:51 -07:00
James Zern
2cef4d51a2 mkvparser:Parse: s/FLT_MIN/-FLT_MAX/
FLT_MIN is the smallest finite value (numeric_limits::min()) -FLT_MAX is
the correct for the most negative (numeric_limits::lowest())

http://en.cppreference.com/w/cpp/types/numeric_limits

BUG=b/36255773
BUG=webm:1381

Change-Id: Iaaff611acffc3df28fef12af81ac5299791f0148
2017-03-23 16:27:41 -07:00
Vignesh Venkatasubramanian
35a3c88728 mkvmuxer: Turn off estimate_file_duration_ by default
Users who want this feature can explicitly turn it on. Since it
involves estimating, it should be off by default.

Change-Id: I3e934169d19b68a276c21d694179350c5b315a5a
2017-03-23 12:27:48 -07:00
Tom Finegan
5a418303e3 mkvparser: Avoid double free when Chromaticity parse fails.
PrimaryChromaticity::Parse never owns the PrimaryChromaticity
it allocates-- avoid freeing it because doing so results in a
double free when the MasteringMetadata dtor runs.

BUG=webm:1381

Change-Id: Ief0159f6ab667234e3fdc51c65f23ef5efb32a71
2017-03-21 10:44:09 -07:00
Tom Finegan
67e3ffa908 mkvparser: Avoid casts of values too large for float in Projection elements.
Return a parse error when values are out of range.

BUG=b/36255773

Change-Id: I977c41c9108b97592f3707bf8c01373cf36f2365
2017-03-20 14:03:19 -07:00
James Zern
87bcddf0e5 vttdemux::ChapterAtomParser: check for NULL display string
prevents segfault due to strlen(NULL)

BUG=webm:1382

Change-Id: I536663e287d151e11bf7074349a34d922cb9856a
2017-03-09 12:50:41 -08:00
Vignesh Venkatasubramanian
992a330ec0 Merge "Update .gitignore" 2017-03-08 02:41:03 +00:00
Vignesh Venkatasubramanian
a534a24f58 Update .gitignore
Update .gitignore to reflect recent changes in binary names.

Change-Id: I4c010c5b948a2824c259fac37ad812be19d9e200
2017-03-07 13:53:44 -08:00
Vignesh Venkatasubramanian
a0d67d081c mkvmuxer: Fix hard-coded data size in EbmlElementSize
EbmlElementSize for char* assumes that the varint encoding of
payload size is always 1-byte. Fix that by using the correct
number of bytes.

mkvinfo of the new gold file: http://pastebin.com/ncR7DqEf

Change-Id: I2d10708de77b2b8089900a8719ee3797dfb6994c
2017-03-07 11:42:16 -08:00
KO Myung-Hun
c36112caa0 mkvparser: #include sys/type.h
On OS/2, off_t requires sys/types.h.

Change-Id: Ic307347a62754b0b6d940c4d89228038f5f4e84b
2017-02-01 20:13:14 +00:00
Tom Finegan
686664eba2 Fix cmake generation warnings on Windows.
A target must exist before its properties can be set. Defer
libwebm target rename on windows until after creation of the
webm library target.

Change-Id: I29c5e90f1f653a00ff156316c03b0ffd78e9a998
2017-01-26 07:57:32 -08:00
Tom Finegan
2b2c196558 cmake: Fix required flag check.
It always passed after first test due to lack of CACHE in unset()
call. Also:

- Fix flag name in error message.
- Use actual flag instead of hard coded -std=c++11

Change-Id: I29c0dc4fd0f5ce97f658919a5739e15831a00281
2017-01-23 10:58:45 -08:00