Commit graph

26318 commits

Author SHA1 Message Date
afbc3a1b23
avformat/mov: perform sanity checks for heif before index building
Fixes: undefined NULL pointer use
Fixes: clusterfuzz-testcase-minimized-audio_decoder_fuzzer-6363211175493632

This performs equivalent sanity checks as are done in mov_read_trak()
before mov_build_index()

Reported-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-15 01:27:45 +01:00
16b3d3e3eb
avformat/mov: Factorize sanity check out
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-15 01:27:45 +01:00
James Almer
fd1772b747 avformat/mov: fix potential unsigned underflow in loop condition
if sc->tts_count is 0, this condition will wrap around to UINT_MAX and the
code will try to dereference a NULL pointer.

Fixes ticket #11417

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-13 19:27:00 -03:00
James Almer
d5873be583 avformat/iamf_parse: add missing av_free() call on failure path
Fixes ticket #11416

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-13 17:28:22 -03:00
James Almer
df50370e1b avformat/matroska: add support for VVC streams
As defined in https://github.com/ietf-wg-cellar/matroska-specification/blob/master/codec_specs.md#v_mpegiisovvc

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-12 11:13:31 -03:00
Peter Ross
2202dcfc0f avformat/iff: ignore FVER tag when not processing DSD/DST files
Fixes ticket #10030.
2025-01-12 11:14:16 +11:00
Peter Ross
ba22d6a24f avformat/wtvenc: do not output negative 'third timestamp' field
Fixes ticket #3659.
2025-01-12 11:07:57 +11:00
Peter Ross
330470ef24 avformat/mlvdec: skip over some other known block types 2025-01-12 10:55:47 +11:00
Peter Ross
45c30bc51e avformat/mlvdec: process VERS block 2025-01-12 10:55:44 +11:00
Peter Ross
86dd15fd0d avformat/mlvdec: demux LJ92 huffman comressed frames
A minimal DNG header is added to each LJ92 compressed frame, allowing
thme to be decoded by the TIFF decoder. The TIFF decoder is responsible
for setting up the MJPEG decoder, signalling the correct s->bayer flag,
and setting pix_fmt.

The LJ92 compressed frames can be muxed out to DNG files, and manipulated
in DNG software. Tested with darktable and rawtherapee.

Contributor: South East <8billion.people@gmail.com>
2025-01-12 10:55:39 +11:00
b76053d8bf avformat/flvdec: add support for legacy HEVC files 2025-01-10 21:55:23 +01:00
James Almer
292c1df7c1 avformat/mov: merge stts and ctts arrays into one
Should reduce memory usage as well as remove code duplication.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-10 10:39:00 -03:00
Jonathan Baudanza
c0fbb6d5b7 avformat/rtpdec: int overflow in start_time_realtime
This was previously adjusted by me in 6b3f9c2e92.
Unfortunately, I traded one integer overflow bug for
another.

Currently, NTP timestamps that exceed INT64_MAX
(~Jan 20, 1968) will cause an overflow when passed
to av_rescale.

This patch replaces av_rescale, which operates on
int64_t, with ff_parse_ntp_time, which operates on
uint64_t. This will give the correct values for
timestamps back around the NTP epoch and present day
timestamps.

Fixes ticket #11388.

Signed-off-by: Martin Storsjö <martin@martin.st>
2025-01-10 12:09:27 +02:00
4485a0fd77
avformat/iamf_parse: Check output_channel_count
Fixes: -nan is outside the range of representable values of type 'int'
Fixes: 377072730/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-6545416570601472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-08 23:23:26 +01:00
f7cc023f06
avformat/mxfdec: Check edit_unit for being larger than signed 64bit
Fixes: signed integer overflow: 2 * -4962931467012268000 cannot be represented in type 'long'
Fixes: 376496313/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4921469185884160

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-08 23:23:25 +01:00
910e5a275d avformat/avformat.h: elaborate documentation for avformat_open_input() on error condition
Signed-off-by: Marth64 <marth64@proxyid.net>
2025-01-08 00:14:13 -06:00
NyanMaths
1215fefcb8
avformat/ipfsgateway: fix capitalizaton mistake
Fix the incorrect capitalization of the project name in a comment.
The project is named FFmpeg, not FFMpeg.

Signed-off-by: Leo Izen <leo.izen@gmail.com>
2025-01-07 17:47:15 -05:00
James Almer
692ce2503e avformat/flvdec: initialize ret in flv_read_packet() to AVERROR_BUG
This will ensure any future goto leave that may be added doesn't accidentally forget to
set ret to some proper value.

Reviewed-by: Timo Rothenpieler <timo@rothenpieler.org>
Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-07 16:09:49 -03:00
af74fe7139 avformat/flvdec: don't leak extradata pointer on realloc failure 2025-01-07 19:20:30 +01:00
9201f872b1 avformat/flvdec: properly free mt_extradata 2025-01-07 19:07:43 +01:00
Alessandro Ros
9fe66c7fcb avformat/flvenc: fix missing sequence start with MP3 tracks
When muxing to FLV/RTMP a MP3 track with an ID greater than zero,
enhanced RTMP has to be used, and a sequence start should preceed track
data.

This is already implemented (see line 823 of flvenc.c) but the code is
never reached due to a too-strict condition before it. This patch fixes
the issue.

Signed-off-by: Alessandro Ros <aler9.dev@gmail.com>
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
2025-01-07 18:38:11 +01:00
b32a1a69a4 avformat/flvenc: properly handle writing mpeg4 extradata 2025-01-07 18:30:23 +01:00
4c2b769e53 avformat/flvdec: clean up variable initialization spacing 2025-01-07 18:18:38 +01:00
0ed3446738 avformat/flvdec: fix potential premature return on audio MultichannelConfig 2025-01-07 18:18:02 +01:00
e9de794d7f avformat/flvdec: add missing track_size decrement 2025-01-07 17:57:52 +01:00
Marton Balint
19c95ecbff avcodec: deprecate AVCodecContext properties
These properties are unreliable because they depend on the frames decoded so
far, users should check directly the presence of the decoded AVFrame side data
or AVFrame flags.

Signed-off-by: Marton Balint <cus@passwd.hu>
2025-01-05 22:25:29 +01:00
James Almer
2919767750 Revert "avformat/dump: print only the actual streams in a tile grid group"
Indexes in tile_grid->offsets were fixed in the previous commit, but just in case,
make sure to not overread the streams array.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-05 00:32:07 -03:00
James Almer
bf0786d9bd avformat/mov: fix setting tile grid stream offsets when a stream is referenced more than once
The amount of tiles does not necessarely need to match the amount of streams referenced
in the grid, as there could be duplicates.
Don't silently ignore EEXIST return codes from avformat_stream_group_add_stream() and
instead store the index of the duplicate stream.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-05 00:31:58 -03:00
07e54f9b5c
avformat/jpegxl_anim_dec: use new animated JPEG XL codec ID
A new codec ID has been added to avcodec for animated JPEG XL, so
we should use that in the animated JPEG XL demuxer.

Reviewed-by: Marth64 <marth64@proxyid.net>
Signed-off-by: Leo Izen <leo.izen@gmail.com>
2025-01-03 19:37:36 -05:00
James Almer
4bf784c0e5 avformat/dump: print only the actual streams in a tile grid group
The amount of tiles does not necessarely need to match the amount of streams.

Fixes ticket #11389.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:34:03 -03:00
James Almer
fb59995b88 avformat/flvdec: set Opus sample rate
Fixes parsing Opus streams when no opus decoder is present.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:31:20 -03:00
James Almer
547408ce1d avformat/iamfdec: swap back and side streams if both are present
Layouts with both pairs (7.1, 7.1.2, etc) in IAMF that follow the definition in
ITU-R BS.2051-3 for Systems I and J also follow its ordering. This means side
comes before back, which is the inverse of how it's defined in AVChannel.

To workaround this without having to use custom order channel layouts, swap the
stream ids in the input IAMF structure, so packets for one are mapped to the
other.

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:27:13 -03:00
James Almer
c089c158d6 avformat/iamf: document the expandable channel layouts
Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:27:13 -03:00
James Almer
8f6a1a06a6 avformat/iamf: use the correct layouts for Sound Systems B and C
They have the side channels, not back, as defined in ITU-R - BS.2051-3

Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:27:13 -03:00
James Almer
3fa70c03e4 avformat/iamf_writer: be more verbose when reporting an input layout is invalid
Signed-off-by: James Almer <jamrial@gmail.com>
2025-01-03 10:27:13 -03:00
f7900a5609
avformat/demux: Check packet duration
Fixes: signed integer overflow: 24320 + 9223372036854775573 cannot be represented in type 'long'
Fixes: 71001/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-5644785744936960

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-01 21:33:46 +01:00
3f0b95bb17
avformat/jpegxl_anim_dec: clear buffer padding
Fixes: use of uninitialized value
Fixes: 70992/clusterfuzz-testcase-minimized-ffmpeg_dem_IMAGE2_fuzzer-5735819170611200

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-01 21:33:46 +01:00
9578c135d0
avformat/rmdec: check that buf if completely filled
Fixes: use of uninitialized value
Fixes: 70988/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5298245077630976

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-01 21:33:45 +01:00
4c62cbcae2
avformat/mxfdec: Check that key was read sucessfull
Fixes: use of uninitialized value
Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-01-01 20:31:07 +01:00
eab65379bf
avformat/rpl: Fix check for negative values
Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long')
Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
Found-by: ossfuzz
Reported-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-12-31 19:15:19 +01:00
bb85423142
avformat/mlvdec: Check avio_read()
Fixes: use-of-uninitialized-value
Fixes: 383170476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-4696002884337664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-12-31 04:56:26 +01:00
53db351654
avformat/mxfdec: Check llen addition for overflow
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: 377971441/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4966030696316928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-12-31 04:56:26 +01:00
5f38c82536 avformat: bump version for enhanced flv 2024-12-27 20:24:23 +01:00
770f0a2434 avformat/flvdec: propagate av_packet_add_side_data failure 2024-12-27 20:24:23 +01:00
741e49c56f avformat/flvenc: prevent writing legacy codecs into extended video tracks 2024-12-27 20:24:23 +01:00
e3836d1d05 avformat/rtmpproto: reserve enough space for statusmsg 2024-12-27 20:24:22 +01:00
e2a8ece352 avformat/flvdec: support all multi-track modes 2024-12-27 20:24:22 +01:00
da32990e83 avformat/flvdec: stop shadowing local variables 2024-12-27 20:24:22 +01:00
f8dc4d94fd avformat/rtmpproto: add more enhanced rtmp codecs 2024-12-27 20:24:22 +01:00
25faaa311a avformat/flvdec: add support for reading multi track audio 2024-12-27 20:24:22 +01:00