Fixes: 3.82046e+18 is outside the range of representable values of type 'unsigned int'
Fixes: 62276/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6381436594421760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e849eb2343)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 9223372036630775808 + 1000000000 cannot be represented in type 'long'
Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-5406131992526848
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Deprecate AVStream.side_data and its helpers in favor of the AVStream's
codecpar.coded_side_data.
This will considerably simplify the propagation of global side data to decoders
and from encoders. Instead of having to do it inside packets, it will be
available during init().
Global and frame specific side data will therefore be distinct.
Signed-off-by: James Almer <jamrial@gmail.com>
Most users of ffio_init_context() simply want to wrap
a buffer into an AVIOContext; they do not provide
function pointers at all.
Therefore this commit adds shortcuts for these two common
operations. This also allows to accept const data when reading
(i.e. the const is now cast away at a central place in
ffio_init_read_context() instead of at several callers).
This also allows to constify the data in ff_text_init_buf().
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
These defines are also used in other contexts than just AVCodecContext
ones, e.g. in libavformat. Furthermore, given that these defines are
public, the AV-prefix is the right one, so deprecate (and not just move)
the FF-macros.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
and also perform the remainder of the subtitle parsing directly
after mkv_parse_subtitle_codec().
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Namely to a place after the AVStream has already been created,
so that it can be directly attached to it.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
More exactly, factor codec-specific video parsing out of
matroska_parse_tracks(). This is intended to improve readability.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
If the size of the data of an EbmlBin is > 0, its data is always
present, as ebml_read_binary() always leaves the buffer
in a consistent state (even on error).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
More exactly, factor codec-specific audio parsing out of
matroska_parse_tracks(). This is intended to improve readability.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Up until now, matroska_parse_tracks() has two main ways
to set AVCodecParameters.extradata: A generic way via CodecPrivate
(possibly with an offset) and by allocating a buffer manually;
the pointer to this buffer is stored in a stack pointer.
In particular, the latter method is problematic, as the buffer
needs to be freed manually in case of error (currently there
are no error conditions between the place where it is set
to AVCodecParameters.extradata).
Most of these buffers are very small (<= 22B), so replace
the pointer to an allocated buffer with a stack buffer
and set the extradata directly for the one place where
the buffer may not be small.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
winbase.h defines IGNORE and is included via bzlib.h when compiling
for Windows. So rename this macro to NOTHING.
Also rename the muxer macro for consistency.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
This simplification reduces codesize.
(It even reduces the size of .rodata here, because
the jump table used by the compiler is bigger than
the actual array.)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
The Matroska spec requires it to be equal to the highest BlockAddID value in a
BlockAdditions, but being purely an informative element, only abort if strict
compliance is requested, as demuxing is otherwise unaffected.
Signed-off-by: James Almer <jamrial@gmail.com>
Maybe timestamp / duration validity should be checked earlier
Fixes: 50993/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6586894739177472
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If the stream's channel layout is first set into a native layout using codec
private parameters, this code here could potentially result in an invalid
native layout where popcnt(ch_layout.u.mask) != ch_layout.nb_channels being
propagated.
Fixes: Timeout printing a billion channels
Fixes: 48099/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-6754782204788736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
This ignores >64bit
Alternatively we could support that if it occurs in reality
Fixes: negation of -9223372036854775808
Fixes: integer overflows
Fixes: 46072/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-5029840966778880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
There is no reason to think that an attachment will contain text
subtitles. Furthermore, attachments are exported in extradata, so the
AV_CODEC_ID_TEXT decoder would not do anything useful with them anyway.
The code is only called if size is > 0 so buf should not be NULL
Helps: CID610554
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: division by 0
Fixes: 44615/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6681108677263360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>