Since the decoder is not flagged as init cleanup capable, hevc_decode_free()
is being called manually if the hevc_decode_extradata() call fails at the end
of hevc_decode_init().
In a frame threading scenario, however, if AVCodec->init() returns an error,
ff_frame_thread_free() will be called regardless of the above flag being set
or not, resulting in hevc_decode_free() being called a second time for the
same context.
Workaround this by ensuring pointers are not dereferenced if they are NULL,
and set the decoder as init cleanup capable while at it.
Fixes ticket #9099.
Signed-off-by: James Almer <jamrial@gmail.com>
Several compile-time checks can be improved because mcsel is not used
for MPEG-1/2 (it is only used for MPEG-4) and because MPEG-1/2 is the
only user of ff_mpv_motion that uses MV_TYPE_16X8 and MV_TYPE_DMV.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fixes: signed integer overflow: 2 * 1073741952 cannot be represented in type 'int'
Fixes: 26765/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-6594926936326144
Fixes: 29663/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOBICLIP_fuzzer-5169789012148224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Timeout
Fixes: left shift of 33046 by 16 places cannot be represented in type 'int'
Fixes: 29258/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-4889231489105920
Fixes: 29515/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-6161940391002112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 29392/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-4821602850177024.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
A new key & value API lets us gain access to newly added parameters
without adding explicit support for them in our wrapper. Add an
option utilizing this functionality in a similar manner to other
encoder libraries' wrappers.
Signed-off-by: Bohan Li <bohanli@google.com>
In case trellis is outside of 0..23, an invalid shift and/or a signed
integer overflow happens; furthermore, it can lead to the request to
allocate nonsense amounts of memory. So validate first.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
MJPEG does not have a single quantiser scale, so this does not fit into
the intended API use.
This removes the last use of the long-deprecated QP table API.
Both AC-3 encoder share the same options, yet they are nevertheless
duplicated in the binary; and the options applying to the EAC-3 encoder
are a proper subset of the options for the AC-3 encoders, so that it can
use the same options as the former by putting the options specific to
AC-3 at the front. This commit implements this.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The fixed-point AAC decoder is the only user of the fixed-point sinewin
tables from sinewin; and it only uses a few of them (about 10% when
counting by size). This means that guarding initializing these tables by
an AVOnce (as done in 3719122065) is
unnecessary for them. Furthermore the array of pointers to the
individual arrays is also unneeded.
Therefore this commit moves these tables directly into aacdec_fixed.c;
this is done by ridding the original sinewin.h and sinewin_tablegen.h
headers completely of any fixed-point code at the cost of a bit of
duplicated code (the alternative is an ugly ifdef-mess).
This saves about 58KB from the binary when using hardcoded tables (as
these tables are hardcoded in this scenario); when not using hardcoded
tables, most of these savings only affect the .bss segment, but the rest
(< 1KB) contains relocations (i.e. savings in .data.rel.ro).
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fixes: signed integer overflow: 2147483641 + 32 cannot be represented in type 'int'
Fixes: 27452/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-5078752576667648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Replace av_isxdigit(*ptr) and convert(*ptr) with get_nibble(*ptr) which
returns a valid nibble=={0x00..0x0f} or false==255 for all other values.
This way we only need to work with *ptr once instead of twice.
Removing inline av_isxdigit(x) functions also shrinks executable size.
Signed-off-by: Joe Da Silva <digital@joescat.com>
If we test for {0..9} first, we have tested for 10/16th of all possible
characters first and avoid testing the remaining 6/16th of all possible
characters, which can be either 6/16th lowercase or 6/16th uppercase.
Signed-off-by: Joe Da Silva <digital@joescat.com>
Some compilers are very intuitive, and others are not so much, so let's
pre-compute the variables e and keylen outside the for loop. Ensuring a
minor speed increase regardless of if compiler is smart enough to solve
this improvement for itself, or not.
Signed-off-by: Joe Da Silva <digital@joescat.com>
Minor speed increase, end is calculated before entering parse_str_int(),
so let's take advantage of the value and avoid recalculating twice more.
This also allows parse_str_int() to work with file size larger than int.
Signed-off-by: Joe Da Silva <digital@joescat.com>
(This is actually the second time the encoder stuff is removed;
the first was in 8b4119187b62d6932e07aded11d33d3b24e1b42f.)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fixes: signed integer overflow: -1498310196 - 902891776 cannot be represented in type 'int'
Fixes: 28445/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5075163389493248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of memory
Fixes: 29985/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CRI_fuzzer-6424425392111616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is only valid for the target, not the host and therefore it must not
be included when building the tables when hardcoded tables are enabled.
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Fixes: Timeout
Fixes: 29226/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THEORA_fuzzer-6195092572471296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Set the sample rate when parsing the header instead and only copy the
value in the decoder and the parser.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
convert_input, a nontrivial auxiliary function used by both the general
parsing code as well as the decoder itself, has been duplicated in
c7016e35a624a75bb5b82bee932ddfe28d013b3f; this commit removes said
duplication.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
These two functions are always called after another; after all, what
ff_dolby_e_parse_init does is obviously part of parsing the frame header.
Also move the DolbyEHeaderInfo into DBEContext so that parsing the frame
header only needs one struct (both users used a DBEContext immediately
followed by a separate DolbyEHeaderInfo).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Parsers are not forced to use a ParseContext and the other stuff from
parser.h which is just designed to help parsers recombining frames. But
this parser does not do this at all, i.e. the ParseContext is unused.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Paul B Mahol
James Almer
Andreas Rheinhardt
Michael Niedermayer
Bohan Li
Anton Khirnov
Jose Da Silva
Mark Thompson
Piotr Uracz