Commits · ce920f47930d2a1df6628f026a926425f534e8d2 · Linshizhi / ffmpeg.wasm-core

09 Feb, 2020 33 commits

avcodec/cbs_mpeg2: Treat slices without data as invalid · ce920f47

Andreas Rheinhardt authored Dec 09, 2019

They are spec-incompliant.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

ce920f47

avcodec/dpcm: Fix integer overflow in AV_CODEC_ID_GREMLIN_DPCM · b1aecad9

Michael Niedermayer authored Jan 22, 2020

Fixes: signed integer overflow: -2147479324 + -32568 cannot be represented in type 'int'
Fixes: 20103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer-5667667579240448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

b1aecad9

avcodec/wmalosslessdec: Fix integer overflow with sliding in padding bits · b8a0be93

Michael Niedermayer authored Jan 18, 2020

Fixes: signed integer overflow: -53716100 * 256 cannot be represented in type 'int'
Fixes: 20143/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5716604000403456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

b8a0be93

avcodec/wmalosslessdec: Fix loop in revert_acfilter() · 5584c0bb

Michael Niedermayer authored Jan 18, 2020

Fixes: out of array read
Fixes: 20059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5691776237305856

No testcase except the fuzzed one.

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

5584c0bb

avcodec/mvha: Check remaining bits in VLC decode loop · cce37a22

Michael Niedermayer authored Jan 15, 2020

Fixes: timeout (252sec -> 170msec)
Fixes: 20023/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-5681192565473280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

cce37a22

avcodec/agm: YUV420 without DCT needs even dimensions · a98eeb0c

Michael Niedermayer authored Jan 10, 2020

Fixes: out of array access
Fixes: 19892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5707525924323328

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

a98eeb0c

libswscale/utils.c: Fix bug #8255 · da399e21

Gautam Ramakrishnan authored Feb 09, 2020

Bug #8255 points out a double free error in libwscale/utils.c file.
The double free is because the pointer to cascaded_context of an
sw_context is not set to NULL after freeing it. When the sw_context
is later freed, sws_freeContext is called on the cascaded_context,
causing a double free.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

da399e21

avcodec/agm: Test remaining data in decode_raw_intra_rgb() · 5c151e14

Michael Niedermayer authored Feb 08, 2020

Fixes: Timeout (270sec -> 25ms)
Fixes: 20485/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5636954207289344

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

5c151e14

avformat/tty: Fix division by 0 in probe · 87d54a62

Michael Niedermayer authored Feb 05, 2020

Fixes: division by zero
Fixes: 20436/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5763229752229888
Fixes: 20503/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4841641154445312

87d54a62

libavcodec/mvha: Check height before applying median predictor · c9c95805

Michael Niedermayer authored Feb 09, 2020

Fixes: out of array read
Fixes: 20495/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-5711179129552896

c9c95805

avcodec/midivid: Check vector index · b0eec139

Michael Niedermayer authored Feb 09, 2020

Fixes: out of array read
Fixes: 20494/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVDV_fuzzer-5681452423577600

b0eec139

avcodec/cbs: Fix potential double-free when adding unit fails · ac5d5046

Andreas Rheinhardt authored Nov 18, 2019

ff_cbs_insert_unit_data() has two modes of operation: It can insert a
unit with a newly created reference to an already existing AVBuffer; or
it can take a buffer and create an AVBuffer for it. Said buffer will
then become owned by the unit lateron.

A potential memleak/double-free exists in the second case, because if
creating the AVBuffer fails, the function immediately returns, but when
it fails lateron, the supplied buffer will be freed. The caller has no
way to distinguish between these two outcomes. The only such caller
(cbs_jpeg_split_fragment() in cbs_jpeg.c) opted for a potential
double-free.

This commit changes this by explicitly stating that a non-refcounted
buffer will be freed on error. The aforementioned caller has been
brought in line with this.

Fixes CID 1452623.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>

ac5d5046

avfilter/vf_fade: fix color fading for planar rgb · 1e6cef68
Paul B Mahol authored Feb 09, 2020

1e6cef68
avfilter/vf_fade: add >8 bit support for black and alpha fade · 06db1bef
Paul B Mahol authored Feb 08, 2020

06db1bef
doc/ffmpeg: Document device selection for Vulkan · 48b102c5
Mark Thompson authored Feb 09, 2020

48b102c5
lavfi/vf_*_vaapi: Fix error case · 593106ff
Mark Thompson authored Sep 29, 2019
```
Fixes CID 1452400, 1452416, 1452550, 1452590, 1452760.
```
593106ff
lavfi/vf_deshake_opencl: Avoid propagating uninitialised data · f130b221
Mark Thompson authored Sep 29, 2019
```
Fixes CID 1452753.
```
f130b221
lavc/vp9_raw_reorder_bsf: Fix operator ordering · e1b5620b
Mark Thompson authored Sep 29, 2019
```
Fixes CID 1413024.
```
e1b5620b
lavc/vaapi_encode: Fix leak in error case · 177a90b1
Mark Thompson authored Sep 29, 2019
```
Fixes CID 1442564.
```
177a90b1
lavc/h265_metadata_bsf: Fix parameter ordering · 53929822
Mark Thompson authored Sep 29, 2019
```
Fixes CID 1452433.
```
53929822
lavc/cbs_h2645: Add missing newlines in log messages · bf0ab6e9
Mark Thompson authored Sep 29, 2019

bf0ab6e9
avutil/log: add support for multibyte console log for win32 · cbf2a9bf
Marton Balint authored Jan 29, 2020
```
Fixes ticket #5398.
Signed-off-by: Marton Balint <cus@passwd.hu>
```
cbf2a9bf

avutil/log: add support for forced ANSI colors on win32 · 31acaa1e

Marton Balint authored Jan 28, 2020

To make behavior the same as non-win32 code when the standard error is
redirected. Also restructure the code a bit.
Signed-off-by: Marton Balint <cus@passwd.hu>

31acaa1e

avutil/log: fix detecting console mode on Win32 · 1b34c069
Marton Balint authored Jan 28, 2020
```
A redirected stderr can still have a valid handle.
Signed-off-by: Marton Balint <cus@passwd.hu>
```
1b34c069
avutil/log: factorize ansi_fputs · bad8feb5
Marton Balint authored Jan 28, 2020
```
Signed-off-by: Marton Balint <cus@passwd.hu>
```
bad8feb5
avutil/log: drop support for NO_COLOR environment variable · 2b496c90
Marton Balint authored Jan 28, 2020
```
Deprecated for more than 9 years now.
Signed-off-by: Marton Balint <cus@passwd.hu>
```
2b496c90
libavcodec/amfenc_hevc.c: Fix Maximum Reference Frames option on AMF HEVC. · a61bcb90
Sitan Liu authored Feb 03, 2020

a61bcb90
libavcodec/amfenc_hevc.c: Fix Profile level option on AMF HEVC. · c9683704
Sitan Liu authored Feb 03, 2020

c9683704
avfilter/af_afftfilt: fix memory leaks on error · 53a485cd
Paul B Mahol authored Feb 09, 2020

53a485cd
avfilter/af_afffilt: fix crash on error · 2174a315
Paul B Mahol authored Feb 09, 2020

2174a315
avfilter/vf_xfade: add diagonal smooth transitions · 283e7557
Paul B Mahol authored Feb 09, 2020

283e7557
avfilter/af_asoftclip: add support for commands · 3f24e744
Paul B Mahol authored Feb 09, 2020

3f24e744
avfilter/af_asoftclip: add slice threading support · d8429981
Paul B Mahol authored Feb 09, 2020

d8429981

08 Feb, 2020 7 commits

doc/APIchanges: fix vulkan hwcontext date · 9b9f441a
Lynne authored Feb 08, 2020

9b9f441a

lavu/tx: mention FFT output is not normalized · d500eff3

Lynne authored Feb 08, 2020

Not even FFTW's output is normalized.
This should prevent at least some users from complaining that doing a forward
transform followed by an inverse transform has a mismatching output to the
original input.

d500eff3

checkasm: sbrdsp: Fix a spurious test failure by calculating a better epsilon for sum_square · 5181f491
Martin Storsjö authored Feb 05, 2020
```
Signed-off-by: Martin Storsjö <martin@martin.st>
```
5181f491
avfilter/vf_alphamerge: add AVClass to private context · 3750e36a
Paul B Mahol authored Feb 08, 2020

3750e36a

avfilter/vf_paletteuse: Fix potential double-free of AVFrame · adea33f4

Andreas Rheinhardt authored Jan 27, 2020

apply_palette() would free an AVFrame given to it only via an AVFrame *
(and not via AVFrame **) in three of its four exists (namely in the
normal path and in two error paths). So upon error the caller has no way
to know whether the frame has already been freed or not;
load_apply_palette(), the only caller, opted to free the frame in this
scenario.

This commit changes this by making apply_palette not freeing the frame
at all, which is left to load_apply_palette().

Fixes Coverity issue #1452434.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

adea33f4

avcodec/mlpdec: use get_bits_long for huff lsbs · 4566cfed

Jai Luthra authored Feb 07, 2020

lsb bits may go beyond 25 bits, so to be safe use get_bits_long
Signed-off-by: Jai Luthra <me@jailuthra.in>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

4566cfed

avfilter/vf_alphamerge: add timeline support · cbd5a453
Paul B Mahol authored Feb 08, 2020

cbd5a453