libav.git
3 years agoUpdate changelog for v11.8 v11.8
Sean McGovern [Tue, 30 Aug 2016 02:56:15 +0000 (22:56 -0400)]
Update changelog for v11.8

3 years agoavprobe: Fix memory leak
Vittorio Giovara [Thu, 21 Jul 2016 13:47:47 +0000 (15:47 +0200)]
avprobe: Fix memory leak

After init_opts() there needs to be an uninit_opts() call
to free the swscale context and other buffers.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoavprobe: do not call avio_close() on a custom context
Anton Khirnov [Fri, 19 Feb 2016 13:18:15 +0000 (14:18 +0100)]
avprobe: do not call avio_close() on a custom context

avio_close() can only be called on AVIOContexts created by avio_open(2).

3 years agomov: Remove old b-frame/video delay heuristic
Derek Buitenhuis [Fri, 26 Aug 2016 13:30:07 +0000 (14:30 +0100)]
mov: Remove old b-frame/video delay heuristic

This was added before edts support existed, and is no longer
valid.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomov: Remove ancient heuristic hack
Derek Buitenhuis [Fri, 26 Aug 2016 13:30:06 +0000 (14:30 +0100)]
mov: Remove ancient heuristic hack

This breaks files with legitimate single-entry edit lists,
and the hack, introduced in f03a081df09f9c4798a17d7e24446ed47924b11b,
has no link to any known sample in its commit message.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomss12: validate display dimensions
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
mss12: validate display dimensions

The code currently reads the coded dimensions from the extradata, but
expects the display dimensions to be set by the caller, and does not
check that they are compatible (i.e. that the displayed size is smaller
than the coded size).

Make sure that when the display dimensions are set, they are also valid.
Fixes possible invalid memory access.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 6755eb5b212384e0599f7f2c5de42df49fff57de)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agovc1: check that slices have a positive height
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
vc1: check that slices have a positive height

Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 33f10546ec012ad4e1054b57317885cded7e953e)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agopcx: use the bytestream2 API for reading from input
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
pcx: use the bytestream2 API for reading from input

Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 09b23786b3986502ee88d4907356979127169bdd)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Conflicts:
libavcodec/pcx.c

3 years agopcx: check that the packet is large enough before reading the header
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
pcx: check that the packet is large enough before reading the header

Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 221402c1c88b9d12130c6f5834029b535ee0e0c5)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agopcx: properly pad the scanline
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
pcx: properly pad the scanline

It is passed to the get_bits API, which requires buffers to be padded.

Fixes possible invalid reads.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 15ee419b7abaf17f8c662c145fe93d3dbf43282b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agocook: use the bytestream2 API for reading extradata
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
cook: use the bytestream2 API for reading extradata

Fixes possible invalid reads in corrupted files.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 409d1cd2c955485798f8b0b0147c2b899b9144ec)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoqpeg: fix an off by 1 error in the MV check
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
qpeg: fix an off by 1 error in the MV check

height - me_y is the line from which we read, so it must be strictly
smaller than the frame height. Fixes possible invalid reads in corrupted
files.

Also, use a proper context for logging the error.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit bba9d8bdfb208b0ec2ccf182530347151ee3528b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoalac: do not return success if nothing was decoded
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
alac: do not return success if nothing was decoded

If we encounter an END element before anything is decoded, we would
return success even though the output frame has not been allocated,
which is invalid.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit 796dca027be09334d7bbf4f2ac1200e06bb054cb)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agovmnc: check that subrectangles fit into their containing rectangles
Anton Khirnov [Sun, 14 Aug 2016 08:18:39 +0000 (10:18 +0200)]
vmnc: check that subrectangles fit into their containing rectangles

Fixes possible invalid writes with corrupted files.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
(cherry picked from commit f5d46d332258dcd8ca623019ece1d5e5bb74142b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoriff: don't overwrite bps from WAVEFORMATEX if EXTENSIBLE doesn't contain that data.
Hendrik Leppkes [Wed, 2 May 2012 14:34:45 +0000 (16:34 +0200)]
riff: don't overwrite bps from WAVEFORMATEX if EXTENSIBLE doesn't contain that data.

According to the specification on the MSDN [1], 0 is valid for that
particular field, and it should be ignored in that case.

[1]: http://msdn.microsoft.com/en-us/library/windows/desktop/dd757714(v=vs.85).aspx

Bug-Id: 950

Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 7f549b8338ed3775fec4bf10421ff5744e5866dd)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agovp9: make mv bounds 32bit.
Ronald S. Bultje [Tue, 7 Jan 2014 12:24:03 +0000 (07:24 -0500)]
vp9: make mv bounds 32bit.

The frame dimensions are 16bit, so the mv bounds can easily overflow
int16 for large videos.

Bug-Id: Handbrake/46
CC: libav-stable@libav.org
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 0df4801105d84883071b0978cb3afc7cd5184ce8)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agobuffer: fix av_buffer_realloc() when the data is offset wrt buffer start
Anton Khirnov [Tue, 2 Aug 2016 19:16:44 +0000 (21:16 +0200)]
buffer: fix av_buffer_realloc() when the data is offset wrt buffer start

In such a case behave as if the buffer was not reallocatable -- allocate a
new one and copy the data (preserving just the part described by the
reference passed to av_buffer_realloc).

CC: libav-stable@libav.org
Reported-By: wm4 <nfxjfg@googlemail.com>
(cherry picked from commit 24a362569bff1d4161742fffaca80a4a4428be8a)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agomimic: do not release the newly obsolete reference at the end of decoding
Anton Khirnov [Mon, 25 Jul 2016 11:52:59 +0000 (13:52 +0200)]
mimic: do not release the newly obsolete reference at the end of decoding

The reference frames are used in update_thread_context(), so modifying
them after finish_setup() is a race. The frame in question will be
released during the next decode call.

CC: libav-stable@libav.org
(cherry picked from commit a115eb9e750543f1d8bf951414d291069bf396c2)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoh264: only allow starting a new picture in the first slice thread
Anton Khirnov [Wed, 20 Jul 2016 11:39:10 +0000 (13:39 +0200)]
h264: only allow starting a new picture in the first slice thread

Decoding different pictures in different slice threads simultaneously
leads to all kinds of UB.

Bug-Id: 690

3 years agolibrtmp: Avoid an infiniloop setting connection arguments
Luca Barbato [Wed, 22 Jun 2016 04:36:31 +0000 (06:36 +0200)]
librtmp: Avoid an infiniloop setting connection arguments

The exit condition was missing.

CC: libav-stable@libav.org
(cherry picked from commit 4dbfcd07570a9e45e9597561023adb6da26f27f6)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoac3: Check the array bound before dereferencing
Luca Barbato [Thu, 26 May 2016 00:41:25 +0000 (02:41 +0200)]
ac3: Check the array bound before dereferencing

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agofft: ppc: Place ff_fft_calc_interleave_altivec() under correct ifdefs
Diego Biurrun [Sat, 30 Jan 2016 13:39:00 +0000 (14:39 +0100)]
fft: ppc: Place ff_fft_calc_interleave_altivec() under correct ifdefs

Also fix #endif comments in the FFT init code.

(cherry picked from commit 47570dbde8b33001d5ccac44e7ebaaeecbcb807c)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agoppc: Restrict some Altivec implementations to Big Endian
Luca Barbato [Sun, 10 May 2015 21:22:17 +0000 (23:22 +0200)]
ppc: Restrict some Altivec implementations to Big Endian

In Little Endian the vec_ld/vec_st operations work as
expected only for byte-vectors.

(cherry picked from commit da60b99a8857d5ca236f32c1799a066e0135a866)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agoppc: linux: Check altivec using the auxv
Luca Barbato [Fri, 3 Apr 2015 13:31:32 +0000 (15:31 +0200)]
ppc: linux: Check altivec using the auxv

Should prevent trying to use altivec when it is disabled by the kernel.

(cherry picked from commit baa94563fede8959a638b0fa132dd2124acd93e8)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agoppc: avutil: Drop a potentially dangerous workaround
Luca Barbato [Sun, 10 May 2015 20:48:30 +0000 (22:48 +0200)]
ppc: avutil: Drop a potentially dangerous workaround

The compiler is free to optimize such expressions in any sort of way.

(cherry picked from commit 254eb5b6faebb7bcfc3cefc1edced6652fe9d5be)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agoppc: Support little endian intreadwrite
Luca Barbato [Thu, 28 Aug 2014 17:40:45 +0000 (19:40 +0200)]
ppc: Support little endian intreadwrite

(cherry picked from commit c19a49e565bd06ea47947d50779ba236df9d4943)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agoUpdate changelog for v11.7 v11.7
Sean McGovern [Tue, 26 Apr 2016 23:15:44 +0000 (19:15 -0400)]
Update changelog for v11.7

3 years agomatroska: Support V_QUICKTIME as written in the specification
Luca Barbato [Sat, 12 Mar 2016 12:46:13 +0000 (13:46 +0100)]
matroska: Support V_QUICKTIME as written in the specification

Check if the size is written the first 4 bytes and read the next 4
as fourcc candidate, fallback checking the initial for 4 bytes.

"The CodecPrivate contains all additional data that is stored in the
'stsd' (sample description) atom in the QuickTime file after the
mandatory video descriptor structure (starting with the size and FourCC
fields)"

CC: libav-stable@libav.org
(cherry picked from commit 8b4b1c1eea9daa4e2003aa0935e73f56aab8102d)

Conflicts:

libavformat/matroskadec.c

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agomov: Check the entries value when parsing dref boxes
Luca Barbato [Tue, 8 Mar 2016 10:57:16 +0000 (11:57 +0100)]
mov: Check the entries value when parsing dref boxes

And properly reset the entries count when resetting the entries.

CC: libav-stable@libav.org
Bug-Id: 929
Bug-Id: CVE-2016-3062
(cherry picked from commit 7e01d48cfd168c3dfc663f03a3b6a98e0ecba328)

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agoindeo2: Fix banding artefacts
Luca Barbato [Tue, 23 Feb 2016 00:58:19 +0000 (19:58 -0500)]
indeo2: Fix banding artefacts

Rename luma table to delta table and change how it is used.

CC: libav-stable@libav.org
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Diego Biurrun <diego@biurrun.de>
(cherry picked from commit f8c34f4b8d62afad3f63cf3d9617d73735bef8c1)

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agoindeo2data: K&R formatting cosmetics
Luca Barbato [Tue, 23 Feb 2016 00:58:18 +0000 (19:58 -0500)]
indeo2data: K&R formatting cosmetics

Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Diego Biurrun <diego@biurrun.de>
(cherry picked from commit d4066a702407352a0648af882c34ea81a404fa2b)

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agopgssub: Fix subpicture colorspace and range
Jan Ekström [Sun, 24 Apr 2016 18:33:45 +0000 (20:33 +0200)]
pgssub: Fix subpicture colorspace and range

Widen the values from limited to full range and use BT.709 where it
should be used according to the video resolution:

SD is BT.601, HD is BT.709

Default to BT.709 due to most observed HDMV content being HD.

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agocolorspace: Add support for BT709
Jan Ekström [Sun, 24 Apr 2016 18:30:06 +0000 (20:30 +0200)]
colorspace: Add support for BT709

BT.709 coefficients were gathered from the first two parts of BT.709
to BT.2020 conversion guide in ARIB STD-B62 (Pt. 1, Chapter 6.2.2).
They were additionally confirmed by manually calculating values.

Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
3 years agocmdutils: update copyright year to 2016
Sean McGovern [Sat, 12 Mar 2016 19:38:10 +0000 (14:38 -0500)]
cmdutils: update copyright year to 2016

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoavpacket: fix setting AVPacket.data in av_packet_ref()
Anton Khirnov [Thu, 12 May 2016 13:34:58 +0000 (15:34 +0200)]
avpacket: fix setting AVPacket.data in av_packet_ref()

The data field does not necessarily point to the beginning of the
underlying AVBuffer.

CC: libav-stable@libav.org
(cherry picked from commit 8996515b137f962e3a8691241c285c96437b6c53)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoavpacket: Check buffer reference
Vittorio Giovara [Mon, 2 Feb 2015 19:53:51 +0000 (20:53 +0100)]
avpacket: Check buffer reference

CC: libav-stable@libav.org
Bug-Id: CID 1267889
(cherry picked from commit fe0f4e56577a2dbd373bb50b0ae2d49e69d822fc)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agotls: Use the right return value for breaking out due to the interrupt callback
Martin Storsjö [Thu, 24 Mar 2016 09:27:49 +0000 (11:27 +0200)]
tls: Use the right return value for breaking out due to the interrupt callback

The retry_transfer_wrapper function higher up in the call chain
ignores AVERROR(EINTR), which only means "interrupted by system call".

This makes sure that returning due to the interrupt callback
works as intended.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
3 years agovf_fade: make sure the slice end is always in the frame
Anton Khirnov [Thu, 24 Mar 2016 20:38:54 +0000 (21:38 +0100)]
vf_fade: make sure the slice end is always in the frame

CC: libav-stable@libav.org
(cherry picked from commit a638e9184d63e57e67901f34afe919fd56fd3ac4)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
3 years agoasfenc: fix some possible integer overflows
Anton Khirnov [Fri, 4 Mar 2016 15:32:07 +0000 (16:32 +0100)]
asfenc: fix some possible integer overflows

Store the file duration in the same timebase it arrives (i.e.
milliseconds) and only convert it to the file duration units (100ns)
when it's actually written, thus simplifying some calculations. Also,
store the duration as unsigned, since it cannot be negative.

CC: libav-stable@libav.org
Bug-ID: CVE-2016-2326
(cherry picked from commit ff3db937ef3aa30046a3936146f86ad48ee2ff90)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Conflicts:
libavformat/asfenc.c

3 years agoUpdate changelog for v11.5 and v11.6 v11.6
Sean McGovern [Fri, 26 Feb 2016 22:46:44 +0000 (17:46 -0500)]
Update changelog for v11.5 and v11.6

Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
3 years agoconcat: disable by default
Sean McGovern [Thu, 18 Feb 2016 23:51:12 +0000 (18:51 -0500)]
concat: disable by default

It is a known security issue.

Also, issue a Big Fat Warning if the user explicity requests it.

Original patch by Luca Barbato <lu_zero@gentoo.org>

3 years agoconfigure: add --enable-rpath
Reinhard Tartler [Sat, 23 Aug 2014 14:04:26 +0000 (10:04 -0400)]
configure: add --enable-rpath

This option facilitates testing shared libarary builds: for instance
fate builders do no longer need to set LD_LIBRARY_PATH as the binaries will
get the right search paths hardcoded into their executable file.

This option is only meant to be used for testing purposes: The installed
libraries must not move around in the file system, and doing so will
cause a lot of subtle problems. For more information why using RPATH is
dangerous, please refer to

https://blog.flameeyes.eu/2010/06/the-why-and-how-of-rpath

(cherry picked from commit 749b1f1359b5af0a08221923b016551b18ab6171)
Signed-off-by: Diego Biurrun <diego@biurrun.de>
3 years agomatroska: Always consider S_TEXT/UTF8 as SRT when demuxing v11.5
Luca Barbato [Fri, 19 Feb 2016 12:49:43 +0000 (13:49 +0100)]
matroska: Always consider S_TEXT/UTF8 as SRT when demuxing

Reported-By: Maxim Koitsov <maksbotan@gentoo.org>
3 years agomkv: Force the full parsing of mp3
Luca Barbato [Sat, 6 Feb 2016 12:15:37 +0000 (13:15 +0100)]
mkv: Force the full parsing of mp3

Some muxer might or might not fit incomplete mp3 frames in
their packets.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomov: Force the full parsing of mp3
Luca Barbato [Sat, 6 Feb 2016 12:15:36 +0000 (13:15 +0100)]
mov: Force the full parsing of mp3

Some muxer might or might not fit incomplete mp3 frames in
their packets.

Bug-Id: 899

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoUpdate changelog for v11.5
Sean McGovern [Sun, 7 Feb 2016 21:43:42 +0000 (16:43 -0500)]
Update changelog for v11.5

3 years agomov: Use the correct type for size
Luca Barbato [Tue, 9 Feb 2016 22:07:18 +0000 (23:07 +0100)]
mov: Use the correct type for size

An AVIO offset is int64_t.

Bug-Id: 921

3 years agoavi: Validate the stream-id for DV as well
Michael Niedermayer [Sat, 28 Nov 2015 20:06:45 +0000 (21:06 +0100)]
avi: Validate the stream-id for DV as well

Avoid false positives while syncing.

Bug-Id: ffmpeg/4086
Bug-Id: 879

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agodvdsubdec: Validate the RLE offsets
Luca Barbato [Wed, 11 Nov 2015 19:08:29 +0000 (20:08 +0100)]
dvdsubdec: Validate the RLE offsets

CC: libav-stable@libav.org
3 years agorpza: Check the blocks left before processing one
Luca Barbato [Sun, 1 Nov 2015 03:07:42 +0000 (04:07 +0100)]
rpza: Check the blocks left before processing one

Bug-Id: 903
CC: libav-stable@libav.org
Reported-By: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agolagarith: Correctly compute hash_shift
Luca Barbato [Sun, 1 Nov 2015 13:46:17 +0000 (14:46 +0100)]
lagarith: Correctly compute hash_shift

All the values are unsigned.

Bug-Id: 907
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomsnwc_tcp: Correctly report failure
Luca Barbato [Sun, 1 Nov 2015 03:07:43 +0000 (04:07 +0100)]
msnwc_tcp: Correctly report failure

And prevent a memory leak

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomimic: Always return on failure
Luca Barbato [Sun, 1 Nov 2015 03:07:46 +0000 (04:07 +0100)]
mimic: Always return on failure

Bug-Id: 905
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoflashsv: Initialize the block array
Luca Barbato [Sun, 1 Nov 2015 03:07:48 +0000 (04:07 +0100)]
flashsv: Initialize the block array

Otherwise flashsv2_prime could be fed random data.

Bug-Id: 908
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agotruemotion2: Fix the buffer check
Luca Barbato [Sun, 1 Nov 2015 03:07:47 +0000 (04:07 +0100)]
truemotion2: Fix the buffer check

The variable skip contains the expected size in bytes.

Bug-Id: 906
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agonut: Use the correct codec_tag when multiple are available
Luca Barbato [Thu, 3 Sep 2015 15:31:14 +0000 (17:31 +0200)]
nut: Use the correct codec_tag when multiple are available

Some codecs use the codec_tag to signal specific information and
picking the first one would lead to a broken file.

Bug-Id: 883
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoopus: Buffer the samples from the correct offset
Michael Niedermayer [Tue, 27 Oct 2015 12:47:12 +0000 (13:47 +0100)]
opus: Buffer the samples from the correct offset

When not all the opus stream have the same amount of decoded samples
process the least amount and store what is left from the other streams.

Bug-Id: 909
CC: libav-stable@libav.org
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agommvideo: Make sure the rle does not write over the frame boundaries
Luca Barbato [Thu, 10 Sep 2015 12:46:05 +0000 (14:46 +0200)]
mmvideo: Make sure the rle does not write over the frame boundaries

Bug-Id: 887
CC: libav-stable@libav.org
3 years agofile: properly forward errors from file_read() and file_write()
Sean McGovern [Thu, 27 Aug 2015 04:04:15 +0000 (00:04 -0400)]
file: properly forward errors from file_read() and file_write()

Bug-Id: 881

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomux: Make sure that the data is actually written
Sean McGovern [Thu, 27 Aug 2015 04:04:16 +0000 (00:04 -0400)]
mux: Make sure that the data is actually written

And forward the error if it is not.

Bug-Id: 881

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoimgutils: Fix a typo in avcodec_get_pix_fmt_loss
Luca Barbato [Tue, 18 Aug 2015 14:18:30 +0000 (16:18 +0200)]
imgutils: Fix a typo in avcodec_get_pix_fmt_loss

If the candidate does not have alpha and the source does have alpha
report the loss of alpha.

CC: libav-stable@libav.org
3 years agovp7: bound checking in vp7_decode_frame_header
Federico Tomassetti [Thu, 13 Aug 2015 13:35:53 +0000 (15:35 +0200)]
vp7: bound checking in vp7_decode_frame_header

CC: libav-stable@libav.org
3 years agoconfigure: arm: Assume softfp ABI on darwin
Martin Storsjö [Fri, 14 Aug 2015 06:47:21 +0000 (09:47 +0300)]
configure: arm: Assume softfp ABI on darwin

Don't try to detect the float ABI by checking at the toolchain
name or by trying to assemble and link files with eabi_attributes.

This fixes the float ABI detection when building using clang
with -fembed-bitcode, where the current eabi_attributes check
accidentally passes.

This issue was pointed out by James Howe <james.howe@hp.com>.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
3 years agortsp: Allow $ as interleaved packet indicator before a complete response header
Martin Storsjö [Wed, 21 Oct 2015 08:56:36 +0000 (11:56 +0300)]
rtsp: Allow $ as interleaved packet indicator before a complete response header

Some RTSP servers ("HiIpcam/V100R003 VodServer/1.0.0") respond to
our keepalive GET_PARAMETER request by a truncated RTSP header
(lacking the final empty line to indicate a complete response
header). Prior to 764ec70149, this worked just fine since we
reacted to the $ as interleaved packet indicator anywhere.

Since $ is a valid character within the response header lines,
764ec70149 changed it to be ignored there. But to keep
compatibility with such broken servers, we need to at least
allow reacting to it at the start of lines.

Signed-off-by: Martin Storsjö <martin@martin.st>
3 years agortsp: Only interpret $ as interleaved packet indicator at the start of replies
Martin Storsjö [Wed, 21 Jan 2015 12:05:43 +0000 (13:05 +0100)]
rtsp: Only interpret $ as interleaved packet indicator at the start of replies

Allow $ as character anywhere within normal RTSP replies - both
within the lines, and as the first character of RTSP header lines.
(The existing old comment indicated that an inline packet could
start at any line within a RTSP reply header, but that doesn't
sound valid to me, and I'm not sure if the existing code
handled that correctly either.)

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
3 years agoaf_channelmap: properly set the supported output channel layouts
Anton Khirnov [Wed, 22 Jul 2015 09:30:37 +0000 (11:30 +0200)]
af_channelmap: properly set the supported output channel layouts

The current code expects query_formats() to be called exactly once, it
will leak if it's not called at all (filter initialized, but never
configured or used) or try to read freed memory if it's called more than
once.

Found-by: James Almer <jamrial@gmail.com>
CC: libav-stable@libav.org
3 years agoarm: use a local label instead of the function symbol in ff_prefetch_arm
Janne Grunau [Mon, 20 Jul 2015 08:46:15 +0000 (10:46 +0200)]
arm: use a local label instead of the function symbol in ff_prefetch_arm

Avoids a relocation which might end out of range for thumb2.

Reported-By: Ludovic Fauvet <etix@videolan.org>
Bug-Id: https://bugs.webkit.org/show_bug.cgi?id=137022
CC: libav-stable@libav.org
3 years agobytestream2: set the reader to the end when reading more than available
Anton Khirnov [Fri, 10 Jul 2015 07:31:24 +0000 (09:31 +0200)]
bytestream2: set the reader to the end when reading more than available

This prevents possible infinite loops with the calling code along the
lines of while (bytestream2_get_bytes_left()) { ... }, where the reader
does not advance.

CC: libav-stable@libav.org
3 years agog726: Do not crash on user mistake
Luca Barbato [Sat, 11 Jul 2015 09:47:13 +0000 (11:47 +0200)]
g726: Do not crash on user mistake

Properly report the sample rate as invalid

CC: libav-stable@libav.org
3 years agoavconv: vda: Unlock the pixel buffer once it is accessed
Sebastien Zwickert [Wed, 8 Jul 2015 18:23:37 +0000 (20:23 +0200)]
avconv: vda: Unlock the pixel buffer once it is accessed

Avoid possible issues with memmapped hardware buffers in
case VDA is not doing a conversion on behalf of the user
and make the code more proper as working example.

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoh261: Signal freeze picture release for intra frames
Stian Selnes [Tue, 2 Dec 2014 17:55:13 +0000 (18:55 +0100)]
h261: Signal freeze picture release for intra frames

Freeze picture release should be set to 1 when we're responding to a
fast update request. For simplicity we set it for all intra frames,
including those that starts a GOP.

Fixes issue where Tandberg MXP1700 does not recover from packet loss
state since it's waiting for the freeze picture relase indication.

Bug-Id: 873
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agoh261: Set 'still image mode off' in picture header
Stian Selnes [Fri, 12 Dec 2014 15:08:19 +0000 (16:08 +0100)]
h261: Set 'still image mode off' in picture header

Ref H.261 recommendation section 4.2.1.3, setting the still image flag
to 1 disables still image mode. Some decoders require this in order to
decode the bitstream as normal video.

Fixes H.261 calls to Cisco E20.

Also, reserved (aka spare) bits should be set to 1 unless specified
otherwise.

Bug-Id: 872
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agowebp: Make sure enough bytes are available
Andreas Cadhalpun [Thu, 2 Jul 2015 23:14:51 +0000 (01:14 +0200)]
webp: Make sure enough bytes are available

Every chunk needs at least 8 bytes for chunk_type and chunk_size.
Prevent a possible infinite loop.

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 years agomov: Preserve the metadata even when bit-exactness is requested
Luca Barbato [Mon, 15 Jun 2015 18:40:46 +0000 (20:40 +0200)]
mov: Preserve the metadata even when bit-exactness is requested

Make sure to not write the custom `encoder` string in that case.

Bug-Id: 845
CC: libav-stable@libav.org
3 years agoaic: Fix slice size computation for widths multiples of 32 macroblocks
Vittorio Giovara [Sun, 28 Jun 2015 08:50:42 +0000 (10:50 +0200)]
aic: Fix slice size computation for widths multiples of 32 macroblocks

CC: libav-stable@libav.org
3 years agoh264: make sure the current picture is not made a long ref multiple times
Anton Khirnov [Fri, 8 May 2015 17:07:10 +0000 (19:07 +0200)]
h264: make sure the current picture is not made a long ref multiple times

Fixes possible invalid reads, once one of those refs is freed, but the
others remain.
CC: libav-stable@libav.org
3 years agolavc: Clarify the behaviour of dimension and format context fields
Luca Barbato [Sun, 14 Jun 2015 09:45:54 +0000 (11:45 +0200)]
lavc: Clarify the behaviour of dimension and format context fields

The AVCodecContext width, height, coded_width, coded_height and format
are used mainly as decoding hints and they get internally overwritten
during the data parsing stage.

Do not assume they match the last AVFrame provided by
avcodec_decode_video2 and assimilated functions since multi-threading
and other frame reordering might make those values to refer to frames
that will be outputted in the future.

CC: libav-stable@libav.org
3 years agoh264_weight: Fix SSSE3 biweight code with weights of 128
Michael Niedermayer [Fri, 12 Jun 2015 11:58:42 +0000 (12:58 +0100)]
h264_weight: Fix SSSE3 biweight code with weights of 128

CC: libav-stable@libav.org
Sample-Id: test_bref.mp4

Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
3 years agomkv: Correctly report the latest packet had been flushed
Luca Barbato [Tue, 9 Jun 2015 08:47:11 +0000 (10:47 +0200)]
mkv: Correctly report the latest packet had been flushed

Bug-Id: 865
CC: libav-stable@libav.org
3 years agosctp: Always initialize outmsg struct
Vittorio Giovara [Wed, 3 Jun 2015 13:16:45 +0000 (14:16 +0100)]
sctp: Always initialize outmsg struct

CC: libav-stable@libav.org
Bug-Id: CID 1302711

3 years agoaudiointerleave: Always initialize new_pkt
Vittorio Giovara [Wed, 3 Jun 2015 13:16:47 +0000 (14:16 +0100)]
audiointerleave: Always initialize new_pkt

CC: libav-stable@libav.org
Bug-Id: CID 609333

3 years agomov: Check memory allocation
Vittorio Giovara [Wed, 3 Jun 2015 13:16:49 +0000 (14:16 +0100)]
mov: Check memory allocation

CC: libav-stable@libav.org
Bug-Id: CID 1292518

3 years agojack: Check memory allocation
Vittorio Giovara [Wed, 3 Jun 2015 13:16:48 +0000 (14:16 +0100)]
jack: Check memory allocation

CC: libav-stable@libav.org
Bug-Id: CID 1292520

3 years agortpdec_asf: Check memory allocation and free memory on error
Vittorio Giovara [Wed, 3 Jun 2015 13:16:50 +0000 (14:16 +0100)]
rtpdec_asf: Check memory allocation and free memory on error

CC: libav-stable@libav.org
Bug-Id: CID 1257774

3 years agoconfigure: Support MSVC 2015
Luca Barbato [Fri, 5 Jun 2015 13:07:06 +0000 (15:07 +0200)]
configure: Support MSVC 2015

The C runtime C99 compatibility had been improved a lot and it now
rejects some of the compatibility defines provided for the older
versions.

Many thanks to Ray for the time spent testing.

Bug-Id: 864
CC: libav-stable@libav.org
3 years agoaac: Wait to know the channels before allocating frame
Luca Barbato [Thu, 4 Jun 2015 08:19:50 +0000 (10:19 +0200)]
aac: Wait to know the channels before allocating frame

The channel configuration can be delivered only by the PCE,
try to parse it first and not try to decode until a channel
configuration is set.

CC: libav-stable@libav.org
3 years agobink: Factorize bink put_pixel
Luca Barbato [Wed, 3 Jun 2015 00:09:31 +0000 (02:09 +0200)]
bink: Factorize bink put_pixel

And make sure to check INTER_BLOCK as had been fixed by Michael
Niedermayer.

Reported-By: Andreas Cadhalpun
CC: libav-stable@libav.org
3 years agomov: Fix two memleaks
Andreas Cadhalpun [Tue, 26 May 2015 13:24:36 +0000 (14:24 +0100)]
mov: Fix two memleaks

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
CC: libav-stable@libav.org
3 years agomov: Correctly allocate ctts_data
Luca Barbato [Sun, 31 May 2015 10:28:33 +0000 (12:28 +0200)]
mov: Correctly allocate ctts_data

It can be reallocated.

CC: libav-stable@libav.org
3 years agortmpcrypt: Do the xtea decryption in little endian mode
Martin Storsjö [Wed, 11 Nov 2015 19:42:02 +0000 (21:42 +0200)]
rtmpcrypt: Do the xtea decryption in little endian mode

The XTEA algorithm operates on 32 bit numbers, not on byte sequences.
The XTEA implementation in libavutil is written assuming big endian
numbers, while the rtmpe signature encryption assumes little endian.

This fixes rtmpe communication with rtmpe servers that use signature
type 8 (XTEA), e.g. crunchyroll.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
4 years agoconfigure: address a copy-paste typo
Vicente Olivert Riera [Tue, 29 Sep 2015 16:28:33 +0000 (17:28 +0100)]
configure: address a copy-paste typo

The correct instruction for mips32r1 is addi.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
4 years agovc1: Use logical instead of bitwise or for twomv
Michael Niedermayer [Sun, 21 Sep 2014 15:16:32 +0000 (16:16 +0100)]
vc1: Use logical instead of bitwise or for twomv

CC: libav-stable@libav.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Tim Walker <tdskywalker@gmail.com>
(cherry picked from commit a97328afef0ccebfc8c3d9f9fdb8e93cbf1058ab)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
4 years agomips: intreadwrite: Only execute that code for mips r1 or r2
Vicente Olivert Riera [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
mips: intreadwrite: Only execute that code for mips r1 or r2

MIPS R6 supports unaligned memory access and does not have
the load/store-left/right family of instructions.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit d00bb8addccb63fa3feacb06d2a310731dc0113b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
4 years agoconfigure: mips: Support mips r6, r2 and r1
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: mips: Support mips r6, r2 and r1

Detect the different MIPS architecture variants.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 1016a75cf3170648dc9b59fdef170cbfc142f8ad)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
4 years agoconfigure: Set the initial ldflags to match the cflags
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: Set the initial ldflags to match the cflags

Some gcc-based toolchain would fail to link if the abi set by the
cpuflags does not match the default.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 678f788fea3380e5cbbf75baac5cc0ce07a56a42)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
4 years agoopusdec: properly handle mismatching configurations in multichannel streams
Anton Khirnov [Mon, 27 Jul 2015 09:13:53 +0000 (11:13 +0200)]
opusdec: properly handle mismatching configurations in multichannel streams

The substreams can have different resampling delays, so an additional
level of buffering is needed to synchronize them.

Bug-Id: 876

4 years agoh263: Always check both dimensions
Luca Barbato [Fri, 26 Jun 2015 13:57:16 +0000 (15:57 +0200)]
h263: Always check both dimensions

CC: libav-stable@libav.org
Found-By: ago@gentoo.org
4 years agoimc: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:48:54 +0000 (14:48 +0200)]
imc: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
fate-imc.

CC: libav-stable@libav.org
4 years agoac3_parser: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:48:26 +0000 (14:48 +0200)]
ac3_parser: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.

CC: libav-stable@libav.org
4 years agoaac_parser: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:45:12 +0000 (14:45 +0200)]
aac_parser: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.

CC: libav-stable@libav.org