Fixes: load of null pointer of type 'uint8_t' (aka 'unsigned char')
Fixes: 58256/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PDV_fuzzer-4776436325285888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When tak_get_nb_samples() fails, it will currently write
AVERROR_INVALIDDATA as TAKStreamInfo.frame_samples. The parser will then
use this negative value as a frame duration, which leads to various
breakage.
Avoid this by returning the error code from tak_parse_streaminfo()
directly; never store negative values in the parsed header.
One that is fine enough to represent all DV audio sample rates. Audio
packet durations are now sample-accurate.
This largely undoes commit 76fbb0052d. To
avoid breaking the issue fixed by that commit, resync audio timestamps
against video if they get more than one frame apart. The sample from
issue #8762 still works correctly after this commit.
Slightly changes the results of the lavf-dv seektest, due to the audio
timebase being more granular.
Current code will call avpriv_set_pts_info() for each video frame,
possibly setting a different timebase if the stream framerate changes.
This violates API conventions, as the timebase is supposed to stay
constant after stream creation.
Change the demuxer to set a single timebase that is fine enough to
handle all supported DV framerates.
The seek tests change slightly because the new timebase is more
granular.
Fixes: signed integer overflow: -2147483648 - 5 cannot be represented in type 'int'
Fixes: 58066/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5312995835379712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This makes the worst case much faster
Fixes: Timeout
Fixes: 51363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-5660734784143360
Fixes: 57957/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-5874095467397120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This allows the usage of codecs in builds that have a parser but no decoders
for remuxing scenarios with raw sources.
Signed-off-by: James Almer <jamrial@gmail.com>
Also remove the _minus8 part of the name to be in line with the rest of the
decoder, and fix the storage type for pps_palette_predictor_initializer,
to support hbd values.
Signed-off-by: James Almer <jamrial@gmail.com>
Support pixel formats 0x11412100, 0x11311100, and 0x41211100, and add
logic to perform 4x horizontal upsampling. This should fix various JPEG
files found in Ticket #8930.
Co-authored-by: <leo.izen@gmail.com>
- qsv_internal.h: Remove unnecessary include va_drm.h
- qsv_internal.h: Enable AVCODEC_QSV_LINUX_SESSION_HANDLE on Linux/VA only
- hwcontext_qsv.c: Do not allow child_device_type VAAPI for Windows until
support is added, keep D3D11/DXVA2 as more prioritary defaults.
Initial review at https://github.com/intel-media-ci/ffmpeg/pull/619/
Signed-off-by: Sil Vilerino <sivileri@microsoft.com>
Reviewed-by: Dmitry Rogozhkin <dmitry.v.rogozhkin@intel.com>
Reviewed-by: Wu, Tong1 <tong1.wu@intel.com>
framebuf is only allocated when the new width/height are larger than the old
but nothing sets the old so its always allocated.
Use av_fast_mallocz() instead.
Fixes: Timeout
Fixes: 55094/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5116909932904448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
num_ref_idx_l0_active_minus1, num_ref_idx_l1_active_minus1,
num_ref_idx_l0_default_active_minus1, and num_ref_idx_l1_default_active_minus1
are all in the range 0 to 14, inclusive.
Signed-off-by: James Almer <jamrial@gmail.com>
Support full range videos when transcoding, enabled the
YUVJ420P to avoid auto scale from YUVJ420P to YUV420P
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
The change introduced in b18a9c2971
created a regression for non-subsampled progressive RGB jpegs. This
should fix that.
Additionally, this should fix other RGB JPEGs broken before the recent
patches, such as those in Trac issue #10190.
The decoder is tagged as being FF_CODEC_CAP_SKIP_FRAME_FILL_PARAM, so might as
well make use of it.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
Also remove the _plus* and _minus* parts of some of these to be in line with
other similar fields in the decoder.
Signed-off-by: James Almer <jamrial@gmail.com>
The spec says: "The value of num_ref_loc_offsets shall be in the range of 0 to
vps_max_layers_minus1, inclusive".
Signed-off-by: James Almer <jamrial@gmail.com>
A single smvjpeg packet decodes into one large mjpeg frame, slices of
which are then returned as output frames. Packet duration covers all of
these slices.
Current code prefers deprecated AVFrame.pkt_duration over its
replacement AVFrame.duration whenever the former is set and not equal to
the latter. However, duration will only be actually used when the
caller sets the AV_CODEC_FLAG_FRAME_DURATION flag, which was added
_after_ AVFrame.duration.
This implies that any caller aware of AV_CODEC_FLAG_FRAME_DURATION is
also aware of AVFrame.duration. pkt_duration should then never be used.
Michael Niedermayer
James Almer
Anton Khirnov
Zhao Zhili
Paul B Mahol
Carl Eugen Hoyos
Sil Vilerino
caleb
Jun Zhao
Leo Izen