Fixes: signed integer overflow: 2147483647 + 32 cannot be represented in type 'int'
Fixes: 49014/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_fuzzer-6314973315334144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Streams with all zero sample_delta in 'stts' have all zero dts.
They have higher chance be chose by mov_find_next_sample(), which
leads to seek again and again.
For example, GoPro created a 'GoPro SOS' stream:
Stream #0:4[0x5](eng): Data: none (fdsc / 0x63736466), 13 kb/s (default)
Metadata:
creation_time : 2022-06-21T08:49:19.000000Z
handler_name : GoPro SOS
With 'ffprobe -show_frames http://example.com/gopro.mp4', ffprobe
blocks until all samples in 'GoPro SOS' stream are consumed first.
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
This function needs more cleanup and it lacks error handling
Fixes: use of uninitialized memory
Fixes: CID700776
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 315680096256 * 134215943 cannot be represented in type 'long long'
Fixes: 48713/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-5886272312311808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Data does not have to be decrypted in 16-byte blocks for AES-CTR mode, so
existing buggy code can be hugely simplified.
Fixes ticket #9829.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes memleaks when the trailer is never written or when shift_data()
fails when writing the trailer.
Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
The packets given to muxers need not be writable,
so it is best to access them via const uint8_t*.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Some files I have from circa year 2000 are 16:9 NTSC DV video
encoded as QuickTime with Radius SoftDV. This marked 4:3 videos
with the box 'dvc ' for NTSC or 'dvcp' for PAL, which are already
supported, but 16:9 videos as 'dvl ' or 'dvlp', which were not.
Adding these to the list for DV codec processing gives the
expected metadata and playback.
I have not tested PAL as I have no sample data, only NTSC.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes: signed integer overflow: 9223372036848019263 + 134232320 cannot be represented in type 'long'
Fixes: 48155/clusterfuzz-testcase-minimized-ffmpeg_dem_CINE_fuzzer-5751429207293952
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Also warn the user that for single images -update should be used, for sequences
a proper pattern should be specified.
Fixes ticket #9748.
Signed-off-by: Marton Balint <cus@passwd.hu>
In order to not generate 0 sized packets or create a huge index table
needlessly.
Fixes: Timeout
Fixes: 43717/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5206008287330304
Fixes: 45738/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-6142535657979904
Signed-off-by: Marton Balint <cus@passwd.hu>
Modifying avformat_find_stream_info() behaviour based on the number of EAGAINs
it encounters is a hack which usually only hides the real issue if such thing
happen.
This reverts commit b0cac7082d.
If the stream's channel layout is first set into a native layout using codec
private parameters, this code here could potentially result in an invalid
native layout where popcnt(ch_layout.u.mask) != ch_layout.nb_channels being
propagated.
Fixes: Timeout printing a billion channels
Fixes: 48099/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-6754782204788736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
The packets muxers receive are not guaranteed to be writable,
so they must not be modified. Ergo only access the packet's data
via a const uint8_t*.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Regression since c9de096851.
Fixes Coverity ID 1506839.
Reviewed-by: Jan Ekström <jeebjp@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
This leaves out RealAudio DolbyNet, which utilizes bsids 9 and 10,
It is not clear whether the interpreted bit rate value (divided by
2 or 4 depending on the variant), or the original bit rate value
should be utilized to receive the bit_rate_code index.
Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
Add the AC-3 frame type, as well as early exit from additional packet
parsing in case of AC-3, as only a single packet is required to get
the required information.
Additionally, expose ac3_bit_rate_code via the eac3_info struct as
it is required for AC3SpecificBox.
Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
This simplifies the code to no longer have #ifs in a manner which
does not require handling avpriv_ac3_parse_header returning ENOSYS.
As an existing example, the MPEG-TS muxer already requires the AC-3
parser, and in order to fix existing issues with the current AC-3
movenc code, switching to use the AC-3 parser is required, so this
is an enabling change for that.
Signed-off-by: Jan Ekström <jan.ekstrom@24i.com>
Update the still AVIF parser to only read the primary item. With this
patch, AVIF still images with exif/icc/alpha channel will no longer
fail to parse.
For example, this patch enables parsing of files in:
https://github.com/AOMediaCodec/av1-avif/tree/master/testFiles/Microsoft
Adding two fate tests:
1) demuxing of still image with 1 item - this test will pass regardless
of this patch.
2) demuxing of still image with 2 items - this test will fail without
this patch and will pass with patch applied.
Partially fixes trac ticket #7621
Signed-off-by: Vignesh Venkatasubramanian <vigneshv@google.com>
Signed-off-by: James Zern <jzern@google.com>
Add pat and pmt table at start of each segment in single_file mode enhanced
compatibility of hls stream. Because some hls clients separate parsing segment
of hls stream, the absence of pat/pmt will cause parsing to fail.
Reviewed-by: Steven Liu <liuqi05@kuaishou.com>
Signed-off-by: huheng <heng.hu.1989@gmail.com>
Michael Niedermayer
Anton Khirnov
Zhao Zhili
Paul B Mahol
ShuangxiLi
Andreas Rheinhardt
Brion Vibber
Marton Balint
Martijn van Beurden
James Almer
Jan Ekström
Vignesh Venkatasubramanian
huheng
Li Kai