xaymar/FFmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,382 Commits 35 Branches 386 Tags
a56eaa024fcd34a886776e9ec00ca4fd51432e96
Commit Graph

17439 Commits

Author SHA1 Message Date
Michael Niedermayer a56eaa024f mpeg4: dont reset picture_num for xvid 
Fixes Ticket1162

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a4e359a3f9)
 2012-04-04 08:38:18 +02:00
Michael Niedermayer fdc6f6507c h264: fix seeking in low delay streams without IDR 
Fixes Ticket1165

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3360b8517a)
 2012-04-04 08:38:06 +02:00
Franz Brauße f9bdc93723 smacker audio: sign-extend the initial 16-bit predicted value 
Fixes Bug #265

Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
(cherry picked from commit 12cbbbb4ab)
 2012-04-01 13:57:49 +02:00
Michael Niedermayer abfafb6c81 pngenc: Fix incorrect mask used for interlaced mode. 
Fixes Ticket1109

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 15db6a9590)
 2012-03-21 10:50:58 +01:00
Kelly Anderson 0a224ab102 libx264: fix duplicate stats entry 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-17 08:56:59 +01:00
Michael Niedermayer 001f4c7dc6 jpeglsdec: Prevent out of array write. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 00ab9cdae1)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 16:46:30 +01:00
Michael Niedermayer 313ddbfe48 proresdec: Fix read via negative index in a global array. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 0065080320)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 16:42:49 +01:00
Michael Niedermayer 7f5bd6c72b diracdec: Correct the bytestream end pointer. 
This fixes some arith decoder overreads and a potential infinite loop.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 0f13cc732b)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 16:00:07 +01:00
Michael Niedermayer 0be85fd80f diracdec: Check for negative quants which would cause out of array reads. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5cd8afee99)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 15:59:30 +01:00
Michael Niedermayer 9f253ebb41 diracdec: Fix integer overflow leading to out of global array read. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 9729f140ae)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 15:59:21 +01:00
Michael Niedermayer 6242dae507 sonic: update to new API 
Fixes Ticket1075

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6f9803e5e0)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 15:23:10 +01:00
Michael Niedermayer 1749b0d74d mmvideo: restore initial y value. 
This bug might have been exploitable (out of HEAP buffer writes)

Bug introduced by libav
	commit a55d5bdc6e
	Date:   Tue Mar 6 15:15:42 2012 -0800

	    algmm: convert to bytestream2 API.
(cherry picked from commit c2e3b564b3)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 14:46:08 +01:00
Michael Niedermayer 568e9062bd Merge remote-tracking branch 'qatar/release/0.8' into release/0.10 
* qatar/release/0.8: (154 commits)
  Update Changelog for the 0.8.1 Release
  dca: include libavutil/mathematics.h for possibly missing M_SQRT1_2
  dca: don't use av_clip_uintp2().
  snow: check reference frame indices.
  snow: reject unsupported chroma shifts.
  xa_adpcm: limit filter to prevent xa_adpcm_table[] array bounds overruns.
  h264: increase reference poc list from 16 to 32.
  h264: stricter reference limit enforcement.
  h264: improve parsing of broken AVC SPS
  Replace computations of remaining bits with calls to get_bits_left().
  png: convert to bytestream2 API.
  roqvideo: convert to bytestream2 API.
  smc: port to bytestream2 API.
  tgq: convert to bytestream2 API.
  algmm: convert to bytestream2 API.
  jvdec: unbreak video decoding
  h264: Fix invalid interlaced/progressive MB combinations for direct mode prediction.
  libx264: add 'stats' private option for setting 2pass stats filename.
  libx264: fix help text for slice-max-size option.
  avconv: reindent
  ...

Conflicts:
	Changelog
	RELEASE
	avconv.c
	doc/APIchanges
	ffplay.c
	libavcodec/Makefile
	libavcodec/aacdec.c
	libavcodec/alsdec.c
	libavcodec/atrac3.c
	libavcodec/avcodec.h
	libavcodec/dvdata.c
	libavcodec/fraps.c
	libavcodec/golomb.h
	libavcodec/h264.c
	libavcodec/h264.h
	libavcodec/h264_cabac.c
	libavcodec/h264_cavlc.c
	libavcodec/h264_direct.c
	libavcodec/h264_parser.c
	libavcodec/h264_ps.c
	libavcodec/h264idct_template.c
	libavcodec/indeo3.c
	libavcodec/kgv1dec.c
	libavcodec/kmvc.c
	libavcodec/mjpegbdec.c
	libavcodec/mmvideo.c
	libavcodec/mpegaudiodec.c
	libavcodec/mpegvideo.h
	libavcodec/options.c
	libavcodec/pngdec.c
	libavcodec/roqvideodec.c
	libavcodec/shorten.c
	libavcodec/svq3.c
	libavcodec/utils.c
	libavcodec/version.h
	libavcodec/wmadec.c
	libavcodec/xxan.c
	libavformat/Makefile
	libavformat/asfdec.c
	libavformat/dv.c
	libavformat/mov.c
	libavformat/nsvdec.c
	libavformat/utils.c
	libavformat/version.h
	libavutil/avutil.h
	libavutil/error.c
	libavutil/error.h
	libswscale/swscale.c
	libswscale/utils.c
	libswscale/x86/swscale_template.c
	tests/ref/acodec/g722

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 09:01:08 +01:00
Michael Niedermayer 5dbc75870f qpeg: Fix out of array writes. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 06:29:10 +01:00
Fabian Greffrath c91a14638e srtdec: fix a format string vulnerability. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit aaa1173de7)
 2012-03-16 06:29:10 +01:00
Nathan Caldwell c00c380724 aacenc: Fix LONG_START windowing. 
Forgot to add the equivalent amount to the incoming sample pointer as the output pointer.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 2e626dd513)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 06:29:10 +01:00
Nathan Caldwell 43625c5128 aacenc: Fix a bug where deinterleaved samples were stored in the wrong place. 
10l: Forgot to adjust deinterleave for new location of incoming samples in 7946a5a.

This produced incorrect, but surprisingly listenable results.

Thanks to Justin Ruggles for the report.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit dc7e7d4dd9)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2012-03-16 06:29:10 +01:00
Kostya Shishkov 1ee0cd1ad7 dca: include libavutil/mathematics.h for possibly missing M_SQRT1_2 
Signed-off-by: Janne Grunau <janne-libav@jannau.net>
 2012-03-14 23:32:15 +01:00
Ronald S. Bultje b594732475 dca: don't use av_clip_uintp2(). 
The argument is not a literal, thus causing the ARM v6 or later
builds to break.

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
 2012-03-14 23:30:19 +01:00
Michael Niedermayer ce15406e78 snow: check reference frame indices. 
Fixes NULL ptr dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 1f8ff2b13c)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:35:09 +01:00
Michael Niedermayer c9e95636a8 snow: reject unsupported chroma shifts. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit c9837954e7)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:34:55 +01:00
Ronald S. Bultje 6e5c07f4c8 xa_adpcm: limit filter to prevent xa_adpcm_table[] array bounds overruns. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 86020073db)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:34:36 +01:00
Ronald S. Bultje c999a8ed65 h264: increase reference poc list from 16 to 32. 
Interlaced images can have 32 references (16 per field), so limiting the
array size to 16 leads to invalid writes.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 48cbe4b092)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:34:13 +01:00
Ronald S. Bultje 4d343a6f47 h264: stricter reference limit enforcement. 
Progressive images can have only 16 references, error out if there are
more, since the data is almost certainly corrupt, and the invalid value
will lead to random crashes or invalid writes later on.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit e0febda22d)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:33:15 +01:00
Michael Niedermayer a81a6d9c80 h264: improve parsing of broken AVC SPS 
Parsing the entire NAL as SPS fixes decoding of some AVC bitstreams
with broken escaping. Since the size of the NAL unit is known and
checked against the buffer end we can parse it entirely without buffer
overreads.

Fixes playback of
http://streams.videolan.org/streams/mp4/Mr_MrsSmith-h264_aac.mp4

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
(cherry picked from commit 3aa661ec56)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:27:22 +01:00
Alex Converse 48f0eeb2e5 Replace computations of remaining bits with calls to get_bits_left(). 
(cherry picked from commit 3574a85ce5)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:27:16 +01:00
Ronald S. Bultje d26e47bf6c png: convert to bytestream2 API. 
Protects against overreads in the input buffer.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 4c25269ced)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:14:28 +01:00
Ronald S. Bultje 568a474a08 roqvideo: convert to bytestream2 API. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit cdf1577162)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:09:40 +01:00
Ronald S. Bultje 9a66cdbc16 smc: port to bytestream2 API. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 8febcb9fc1)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:09:28 +01:00
Ronald S. Bultje ddb1149e25 tgq: convert to bytestream2 API. 
This protects against input buffer overreads.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 1255eed533)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:09:19 +01:00
Ronald S. Bultje f6778f58d4 algmm: convert to bytestream2 API. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit a55d5bdc6e)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:09:19 +01:00
Paul B Mahol e4e4d92641 jvdec: unbreak video decoding 
The safe bitstream reader broke it since the buffer size was specified
in bytes instead of bits.

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
CC: libav-stable@libav.org
(cherry picked from commit a1c036e961)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:02:23 +01:00
Michael Niedermayer de0ff4ce69 h264: Fix invalid interlaced/progressive MB combinations for direct mode prediction. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 758ec11153)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:00:52 +01:00
Anton Khirnov 6548cb2578 libx264: add 'stats' private option for setting 2pass stats filename. 
x264 always opens the file itself with fopen, so we cannot use the
standard lavc stats mechanism.

CC: libav-stable@libav.org
(cherry picked from commit d533e395e1)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:00:12 +01:00
Anton Khirnov f6257cf4b7 libx264: fix help text for slice-max-size option. 
CC: libav-stable@libav.org
(cherry picked from commit 9d5c131ece)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 21:00:02 +01:00
Janne Grunau d94256d36c Revert "h264: clear trailing bits in partially parsed NAL units" 
This reverts commit 729ebb2f18.

There was an off-by-one error in the bit mask calculation clearing
actually the last valid bit and causing
http://bugzilla.libav.org/show_bug.cgi?id=227

The broken sample (Mr_MrsSmith-h264_aac.mp4) the commit was fixing
does not work after correcting the off-by-one error.

CC: libav-stable@libav.org
(cherry picked from commit 8a6037c390)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:56:55 +01:00
Ronald S. Bultje 7bb97a61df mpc: pad mpc_CC/SCF[] tables to allow for negative indices. 
MPC8 allows indices of mpc_CC up to -1, and mpc_SCF up to -6, thus pad
the tables by that much on the left end.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit d7eabd5042)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:48:29 +01:00
Ronald S. Bultje c65eadee5d xxan: protect against chroma LUT overreads. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit f77bfa8376)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje a43f4bd601 xxan: convert to bytestream2 API. 
Protects against overreads.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 5518827816)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje 8f881885c2 xxan: don't read before start of buffer in av_memcpy_backptr(). 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit f1279e286b)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje 26521d87ba dsicinvideo: validate buffer offset before copying pixels. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit c95fefa042)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje e1a4143793 cook: error out on quant_index values outside [-63, 63] range. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 97e48b2f54)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje b9482a6efd cook: extend channel uncoupling tables so the full bit range is covered. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 37cc8600d0)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-14 20:47:19 +01:00
Ronald S. Bultje 88c3cc019c cook: expand dither_tab[], and make sure indexes into it don't overflow. 
Fixes overflows in accessing dither_tab[].

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 442c3a8cb1)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:40:29 +01:00
Ronald S. Bultje 9980e4df3b huffyuv: add padding to classic (v1) huffman tables. 
We slightly overread the input buffer, so we require
padding at the end of the buffer, as is documented in the
get_bits API. Without padding, we'll read uninitialized
data or beyond the end of the .rodata, which may crash.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 4ffe5e2aa5)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:36:39 +01:00
Ronald S. Bultje d4f2786cda avs: fix infinite loop on end-of-stream. 
The codec would keep returning the last decoded frame if the stream
contains B-frames, since it wouldn't clear that frame from the list of
frames to be returned to the user.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 83f15a1228)

Conflicts:

	libavcodec/cavsdec.c

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:36:02 +01:00
Alex Converse 2744fdbd9e tiffdec: Prevent illegal memory access caused by recycled pointers. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit fd0be63049)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:30:55 +01:00
Ronald S. Bultje 1fcc2c6091 wma: fix off-by-one in array bounds check. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit b4bccf3e4e)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:30:39 +01:00
Ronald S. Bultje 74871ac70a dv: check buffer size before reading profile. 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit e97efecec8)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:30:21 +01:00
Ronald S. Bultje 9cb7f6e54a raw: move buffer size check up. 
This way, it protects against overreads for 4bpp/2bpp content also.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit cc5dd632ce)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2012-03-13 23:23:58 +01:00