Age | Commit message (Collapse) | Author |
|
Fixes: signed integer overflow: -2142516591 + -267814575 cannot be represented in type 'int'
Fixes: 14450/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5716105319940096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
This is robust for some corner case there is incorrect list1 count
in pps header, but it's a P slice and can be decoded well.
Signed-off-by: Decai Lin <decai.lin@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
This is in preparation for a patch for cbs_h2645. Now the packet's
rbsp_buffer can be owned by an AVBuffer.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@googlemail.com>
|
|
|
|
Fixes: 6037/clusterfuzz-testcase-minimized-5030249784934400
Fixes: signed integer overflow: 256 * 16992036 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
overflows
Fixes: Integer overflow
Fixes: 5746/clusterfuzz-testcase-minimized-6270097623613440
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
decode_extradata_ps_mp4()
Fixes: lorex.mp4
Fixes: ticket6762
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
When parsing a monochrome file, chroma_log2_weight_denom was used without
being initialized, which could lead to a bogus error message being printed, e.g.
[h264 @ 0x61a000026480] chroma_log2_weight_denom 24576 is out of range
It also could led to warnings using AddressSanitizer.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: index 49 out of bounds for type 'int [48][2][2]'
Fixes: 2159/clusterfuzz-testcase-minimized-5267945972301824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: integer overflows
Fixes: 911/clusterfuzz-testcase-5415105606975488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
The parser changes have lost the support for the needed padding, this adds it back
Fixes out of array reads
Fixes: 03ea21d271abc8acf428d42ace51d8b4/asan_heap-oob_3358eef_5692_16f0cc01ab5225e9ce591659e5c20e35.mkv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
* commit '5c2fb561d94fc51d76ab21d6f7cc5b6cc3aa599c':
h264: add H264_ prefix to the NAL unit types
Conflicts:
libavcodec/h264_parse.c
libavcodec/h264_parser.c
libavcodec/h264_slice.c
libavcodec/h264dec.c
Merged-by: James Almer <jamrial@gmail.com>
|
|
* commit 'f638b67e5790735f34620bf82025c9b9d6fc7216':
h264: move the parameter set definitions to a new header file
Conflicts:
libavcodec/h264_parse.h
libavcodec/h264_ps.c
libavcodec/h264dec.h
Merged-by: James Almer <jamrial@gmail.com>
|
|
* commit '251cbb44003caf179fb17afbb8a6c56643c2a646':
h264: create a new header for common h264 definitions
Merged-by: Clément Bœsch <u@pkh.me>
|
|
* commit '9df889a5f116c1ee78c2f239e0ba599c492431aa':
h264: rename h264.[ch] to h264dec.[ch]
Merged-by: Clément Bœsch <u@pkh.me>
|
|
* commit 'b16e9b9ac9db449cae2242767dd3c3fc309357c4':
h264: move initialising the explicit pred weight table for MBAFF
Merged-by: Clément Bœsch <clement@stupeflix.com>
|
|
This will prevent conflicts e.g. in code that deals with both h264 and
hevc.
|
|
The PS parsing code is independent from the decoder, so it makes more
sense for it to have its own separate header.
|
|
Move the NAL unit types into it. This will allow to stop including the
whole decoder-specific h264dec.h in some code that is unrelated to the
decoder and only needs some enum values.
|
|
This is more consistent with the naming of other decoders.
|
|
|
|
* commit '72da8d9bb24d1b1bf74c2f1108650c0da0054d2e':
h264_parser: remove the remaining dependencies on the h264 decoder
Merged-by: Clément Bœsch <u@pkh.me>
|
|
* commit '98c97994c5b90bdae02accb155eeceeb5224b8ef':
h264: decouple extradata parsing from the decoder
Main changes:
- move get_avc_nalsize() inside h264_parser.c and make it use
H264ParseContext instead of H264Context. This helps fixing
fate-flv-demux.
- Also use is_avc/nal_length_size from the H264ParseContext in various
places instead of the H264Context one as that's the fields now filled
by ff_h264_decode_extradata()
- h264_parse: dont fail decode_extradata_ps() due to nal split failure.
Change by Michael to fix decoding of h264/ref_10.avi.
Merged-by: Clément Bœsch <u@pkh.me>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
Currently it's done in the code that initialises the ref list for
MBAFF, which is not a logical place for it. Move it to the function that
parses the pred table from the bitstream, which is analogous to what is
done for the implicit weight table as well.
|
|
* commit 'c8dcff0cdb17d0aa03ac729eba12d1a20f1f59c8':
h264: factor out calculating the POC count into a separate file
Merged-by: Clément Bœsch <u@pkh.me>
|
|
* commit '71d3305c2711d4f6ec8b92db09ff64cf4e19a58e':
h264_parse: make sure the ref count is zeroed on all failure paths
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
|
* commit 'a6e27f7add2698fdd89911632b570c3d0c3f2aaa':
h264: factor out parsing the reference count into a separate file
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
|
* commit 'ecc31f6b086453ab9811dce2ae5ceb6a7c19e4ad':
h264: move ff_h264_check_intra[4x4]_pred_mode() to h264_parse
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
|
* commit 'e481458bc308ee838deaeacac51929514762e7a7':
h264: factor out pred weight table parsing into a separate file
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
|
|
|
|
This will allow decoupling the parser from the decoder.
|
|
This will allow decoupling the parser from the decoder.
|
|
|
|
This will allow decoupling the parser from the decoder.
|
|
It is shared with svq3.
|
|
This will allow decoupling the parser from the decoder.
|