[SCM] ffmpeg/master: New upstream version 3.4.1
jcowgill at users.alioth.debian.org
jcowgill at users.alioth.debian.org
Mon Dec 11 17:45:59 UTC 2017
The following commit has been merged in the master branch:
commit cc4879f1688aefb427091ab758f72212846e32aa
Author: James Cowgill <jcowgill at debian.org>
Date: Mon Dec 11 17:06:43 2017 +0000
New upstream version 3.4.1
diff --git a/Changelog b/Changelog
index a8d4c29..d9f6b8a 100644
--- a/Changelog
+++ b/Changelog
@@ -1,6 +1,83 @@
Entries are sorted chronologically from oldest to youngest within each release,
releases are sorted from youngest to oldest.
+version 3.4.1:
+- avcodec/vp9_superframe_split_bsf: Fix integer overflow in frame_size/total_size checks
+- avcodec/amrwbdec: Fix division by 0 in voice_factor()
+- avformat/utils: Fix warning: ISO C90 forbids mixed declarations and code
+- avcodec/decode: reset codec on receiving packet after EOF in compat_decode
+- avcodec/diracdsp: Fix integer overflow in PUT_SIGNED_RECT_CLAMPED()
+- avcodec/dirac_dwt: Fix integer overflows in COMPOSE_DAUB97*
+- avcodec/extract_extradata_bsf: Fix leak discovered via fuzzing
+- avcodec/vorbis: Fix another 1 << 31 > int32_t::max() with 1u.
+- avcodec/vorbis: 1 << 31 > int32_t::max(), so use 1u << 31 instead.
+- avformat/utils: Prevent undefined shift with wrap_bits > 64.
+- avcodec/j2kenc: Fix out of array access in encode_cblk()
+- avcodec/hevcdsp_template: Fix undefined shift in put_hevc_epel_bi_w_h()
+- lavf/mov: fix huge alloc in mov_read_ctts
+- avcodec/mlpdsp: Fix signed integer overflow, 2nd try
+- avcodec/h264idct_template: Fix integer overflow in ff_h264_idct8_add
+- avcodec/kgv1dec: Check that there is enough input for maximum RLE compression
+- avformat/aacdec: Fix leak in adts_aac_read_packet()
+- avcodec/dirac_dwt: Fix integer overflow in COMPOSE_FIDELITYi*
+- avcodec/sbrdsp_fixed: Fix integer overflow
+- avcodec/mpeg4videodec: Check also for negative versions in the validity check
+- Close ogg stream upon error when using AV_EF_EXPLODE.
+- Fix undefined shift on assumed 8-bit input.
+- Use ff_thread_once for fixed, float table init.
+- Fix leak of frame_duration_buffer in mov_fix_index().
+- avformat/mov: Propagate errors in mov_switch_root.
+- avcodec/hevcdsp_template: Fix invalid shift in put_hevc_epel_bi_w_v()
+- avcodec/mlpdsp: Fix undefined shift ff_mlp_pack_output()
+- avcodec/zmbv: Check that the buffer is large enough for mvec
+- avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD137iL0()
+- avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()
+- avcodec/snowdec: Check for remaining bitstream in decode_blocks()
+- avcodec/snowdec: Check intra block dc differences.
+- avformat/mov: Check size of STSC allocation
+- avcodec/vc2enc: Clear coef_buf on allocation
+- avcodec/h264dec: Fix potential array overread
+- avcodec/x86/mpegvideodsp: Fix signedness bug in need_emu
+- avcodec/aacpsdsp_template: Fix integer overflows in ps_decorrelate_c()
+- avcodec/aacdec_fixed: Fix undefined shift
+- avcodec/mdct_*: Fix integer overflow in addition in RESCALE()
+- avcodec/snowdec: Fix integer overflow in header parsing
+- avcodec/cngdec: Fix integer clipping
+- avcodec/sbrdsp_fixed: Fix integer overflow in shift in sbr_hf_g_filt_c()
+- avcodec/aacsbr_fixed: Fix division by zero in sbr_gain_calc()
+- avutil/softfloat: Add FLOAT_MIN
+- avcodec/h264idct_template: Fix integer overflows in ff_h264_idct8_add()
+- avcodec/xan: Check for bitstream end in xan_huffman_decode()
+- avcodec/exr: fix undefined shift in pxr24_uncompress()
+- avformat: Free the internal codec context at the end
+- avcodec/h264idct_template: Fix integer overflows in ff_h264_idct8_add()
+- avcodec/xan: Improve overlapping check
+- avcodec/aacdec_fixed: Fix integer overflow in apply_dependent_coupling_fixed()
+- avcodec/aacdec_fixed: Fix integer overflow in predict()
+- avcodec/jpeglsdec: Check for end of bitstream in ls_decode_line()
+- avcodec/jpeglsdec: Check ilv for being a supported value
+- tests/ffserver.regression.ref: update checksums to what ffserver currently produces
+- ffserver: Fix off by 1 error in path
+- avcodec/proresdec: align dequantization matrix buffers
+- avformat/matroskaenc: add missing allocation failure checks for stream durations
+- avformat/matroskaenc: actually enforce the stream limit
+- configure: Fix dependencies of aac_at decoder.
+- Don't manipulate duration when it's AV_NOPTS_VALUE.
+- lavfi/af_pan: fix sign handling in channel coefficient parser
+- avformat/hlsenc: write fmp4 init header after first AV frame
+- avformat/hlsenc: allocate space for terminating null
+- avformat/hlsenc: reindent hlsenc code
+- avformat/hlsenc: check hls segment mode for ignore the init filename
+- avformat/hlsenc: reindent hlsenc code
+- avformat/hlsenc: fix missing first segment bug in fmp4 mode
+- avformat/hlsenc: fix base_output_dirname is null when basename_size is 0 bug
+- ffplay: use SDL2 audio API
+- ffplay: only use hardware accelerated SDL texture formats
+- ffplay: create the window and the renderer before starting playback
+- ffmpeg: always init output stream before reaping filters
+- vc2enc_dwt: pad the temporary buffer by the slice size
+- lavu/arm: Check for have_vfp_vm instead of !have_vfpv3 for float_dsp_vfp
+
version 3.4:
- deflicker video filter
- doubleweave video filter
diff --git a/RELEASE b/RELEASE
index 2f4b607..47b322c 100644
--- a/RELEASE
+++ b/RELEASE
@@ -1 +1 @@
-3.4
+3.4.1
diff --git a/VERSION b/VERSION
index 2f4b607..47b322c 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.4
+3.4.1
diff --git a/configure b/configure
index 18d80ee..1797c5d 100755
--- a/configure
+++ b/configure
@@ -2903,6 +2903,7 @@ mjpeg2jpeg_bsf_select="jpegtables"
# external libraries
aac_at_decoder_deps="audiotoolbox"
+aac_at_decoder_select="aac_adtstoasc_bsf"
ac3_at_decoder_deps="audiotoolbox"
ac3_at_decoder_select="ac3_parser"
adpcm_ima_qt_at_decoder_deps="audiotoolbox"
diff --git a/doc/Doxyfile b/doc/Doxyfile
index 491db00..ca68f1a 100644
--- a/doc/Doxyfile
+++ b/doc/Doxyfile
@@ -38,7 +38,7 @@ PROJECT_NAME = FFmpeg
# could be handy for archiving the generated documentation or if some version
# control system is used.
-PROJECT_NUMBER = 3.4
+PROJECT_NUMBER = 3.4.1
# Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer a
diff --git a/fftools/ffmpeg.c b/fftools/ffmpeg.c
index 3ee3147..d581b40 100644
--- a/fftools/ffmpeg.c
+++ b/fftools/ffmpeg.c
@@ -4536,6 +4536,15 @@ static int transcode_step(void)
}
if (ost->filter && ost->filter->graph->graph) {
+ if (!ost->initialized) {
+ char error[1024] = {0};
+ ret = init_output_stream(ost, error, sizeof(error));
+ if (ret < 0) {
+ av_log(NULL, AV_LOG_ERROR, "Error initializing output stream %d:%d -- %s\n",
+ ost->file_index, ost->index, error);
+ exit_program(1);
+ }
+ }
if ((ret = transcode_from_filter(ost->filter->graph, &ist)) < 0)
return ret;
if (!ist)
diff --git a/fftools/ffplay.c b/fftools/ffplay.c
index 9f77746..571dce3 100644
--- a/fftools/ffplay.c
+++ b/fftools/ffplay.c
@@ -361,6 +361,8 @@ static AVPacket flush_pkt;
static SDL_Window *window;
static SDL_Renderer *renderer;
+static SDL_RendererInfo renderer_info = {0};
+static SDL_AudioDeviceID audio_dev;
static const struct TextureFormatEntry {
enum AVPixelFormat format;
@@ -1191,7 +1193,7 @@ static void stream_component_close(VideoState *is, int stream_index)
switch (codecpar->codec_type) {
case AVMEDIA_TYPE_AUDIO:
decoder_abort(&is->auddec, &is->sampq);
- SDL_CloseAudio();
+ SDL_CloseAudioDevice(audio_dev);
decoder_destroy(&is->auddec);
swr_free(&is->swr_ctx);
av_freep(&is->audio_buf1);
@@ -1320,38 +1322,15 @@ static int video_open(VideoState *is)
h = default_height;
}
- if (!window) {
- int flags = SDL_WINDOW_SHOWN;
- if (!window_title)
- window_title = input_filename;
- if (is_full_screen)
- flags |= SDL_WINDOW_FULLSCREEN_DESKTOP;
- if (borderless)
- flags |= SDL_WINDOW_BORDERLESS;
- else
- flags |= SDL_WINDOW_RESIZABLE;
- window = SDL_CreateWindow(window_title, SDL_WINDOWPOS_UNDEFINED, SDL_WINDOWPOS_UNDEFINED, w, h, flags);
- SDL_SetHint(SDL_HINT_RENDER_SCALE_QUALITY, "linear");
- if (window) {
- SDL_RendererInfo info;
- renderer = SDL_CreateRenderer(window, -1, SDL_RENDERER_ACCELERATED | SDL_RENDERER_PRESENTVSYNC);
- if (!renderer) {
- av_log(NULL, AV_LOG_WARNING, "Failed to initialize a hardware accelerated renderer: %s\n", SDL_GetError());
- renderer = SDL_CreateRenderer(window, -1, 0);
- }
- if (renderer) {
- if (!SDL_GetRendererInfo(renderer, &info))
- av_log(NULL, AV_LOG_VERBOSE, "Initialized %s renderer.\n", info.name);
- }
- }
- } else {
- SDL_SetWindowSize(window, w, h);
- }
+ if (!window_title)
+ window_title = input_filename;
+ SDL_SetWindowTitle(window, window_title);
- if (!window || !renderer) {
- av_log(NULL, AV_LOG_FATAL, "SDL: could not set video mode - exiting\n");
- do_exit(is);
- }
+ SDL_SetWindowSize(window, w, h);
+ SDL_SetWindowPosition(window, SDL_WINDOWPOS_CENTERED, SDL_WINDOWPOS_CENTERED);
+ if (is_full_screen)
+ SDL_SetWindowFullscreen(window, SDL_WINDOW_FULLSCREEN_DESKTOP);
+ SDL_ShowWindow(window);
is->width = w;
is->height = h;
@@ -1362,7 +1341,7 @@ static int video_open(VideoState *is)
/* display the current picture, if any */
static void video_display(VideoState *is)
{
- if (!window)
+ if (!is->width)
video_open(is);
SDL_SetRenderDrawColor(renderer, 0, 0, 0, 255);
@@ -1850,10 +1829,18 @@ static int configure_video_filters(AVFilterGraph *graph, VideoState *is, const c
AVCodecParameters *codecpar = is->video_st->codecpar;
AVRational fr = av_guess_frame_rate(is->ic, is->video_st, NULL);
AVDictionaryEntry *e = NULL;
- int i;
+ int nb_pix_fmts = 0;
+ int i, j;
- for (i = 0; i < FF_ARRAY_ELEMS(pix_fmts); i++)
- pix_fmts[i] = sdl_texture_format_map[i].format;
+ for (i = 0; i < renderer_info.num_texture_formats; i++) {
+ for (j = 0; j < FF_ARRAY_ELEMS(sdl_texture_format_map) - 1; j++) {
+ if (renderer_info.texture_formats[i] == sdl_texture_format_map[j].texture_fmt) {
+ pix_fmts[nb_pix_fmts++] = sdl_texture_format_map[j].format;
+ break;
+ }
+ }
+ }
+ pix_fmts[nb_pix_fmts] = AV_PIX_FMT_NONE;
while ((e = av_dict_get(sws_dict, "", e, AV_DICT_IGNORE_SUFFIX))) {
if (!strcmp(e->key, "sws_flags")) {
@@ -2465,7 +2452,7 @@ static void sdl_audio_callback(void *opaque, Uint8 *stream, int len)
else {
memset(stream, 0, len1);
if (!is->muted && is->audio_buf)
- SDL_MixAudio(stream, (uint8_t *)is->audio_buf + is->audio_buf_index, len1, is->audio_volume);
+ SDL_MixAudioFormat(stream, (uint8_t *)is->audio_buf + is->audio_buf_index, AUDIO_S16SYS, len1, is->audio_volume);
}
len -= len1;
stream += len1;
@@ -2510,7 +2497,7 @@ static int audio_open(void *opaque, int64_t wanted_channel_layout, int wanted_nb
wanted_spec.samples = FFMAX(SDL_AUDIO_MIN_BUFFER_SIZE, 2 << av_log2(wanted_spec.freq / SDL_AUDIO_MAX_CALLBACKS_PER_SEC));
wanted_spec.callback = sdl_audio_callback;
wanted_spec.userdata = opaque;
- while (SDL_OpenAudio(&wanted_spec, &spec) < 0) {
+ while (!(audio_dev = SDL_OpenAudioDevice(NULL, 0, &wanted_spec, &spec, SDL_AUDIO_ALLOW_FREQUENCY_CHANGE | SDL_AUDIO_ALLOW_CHANNELS_CHANGE))) {
av_log(NULL, AV_LOG_WARNING, "SDL_OpenAudio (%d channels, %d Hz): %s\n",
wanted_spec.channels, wanted_spec.freq, SDL_GetError());
wanted_spec.channels = next_nb_channels[FFMIN(7, wanted_spec.channels)];
@@ -2680,7 +2667,7 @@ static int stream_component_open(VideoState *is, int stream_index)
}
if ((ret = decoder_start(&is->auddec, audio_thread, is)) < 0)
goto out;
- SDL_PauseAudio(0);
+ SDL_PauseAudioDevice(audio_dev, 0);
break;
case AVMEDIA_TYPE_VIDEO:
is->video_stream = stream_index;
@@ -3751,6 +3738,31 @@ int main(int argc, char **argv)
av_init_packet(&flush_pkt);
flush_pkt.data = (uint8_t *)&flush_pkt;
+ if (!display_disable) {
+ int flags = SDL_WINDOW_HIDDEN;
+ if (borderless)
+ flags |= SDL_WINDOW_BORDERLESS;
+ else
+ flags |= SDL_WINDOW_RESIZABLE;
+ window = SDL_CreateWindow(program_name, SDL_WINDOWPOS_UNDEFINED, SDL_WINDOWPOS_UNDEFINED, default_width, default_height, flags);
+ SDL_SetHint(SDL_HINT_RENDER_SCALE_QUALITY, "linear");
+ if (window) {
+ renderer = SDL_CreateRenderer(window, -1, SDL_RENDERER_ACCELERATED | SDL_RENDERER_PRESENTVSYNC);
+ if (!renderer) {
+ av_log(NULL, AV_LOG_WARNING, "Failed to initialize a hardware accelerated renderer: %s\n", SDL_GetError());
+ renderer = SDL_CreateRenderer(window, -1, 0);
+ }
+ if (renderer) {
+ if (!SDL_GetRendererInfo(renderer, &renderer_info))
+ av_log(NULL, AV_LOG_VERBOSE, "Initialized %s renderer.\n", renderer_info.name);
+ }
+ }
+ if (!window || !renderer || !renderer_info.num_texture_formats) {
+ av_log(NULL, AV_LOG_FATAL, "Failed to create window or renderer: %s", SDL_GetError());
+ do_exit(NULL);
+ }
+ }
+
is = stream_open(input_filename, file_iformat);
if (!is) {
av_log(NULL, AV_LOG_FATAL, "Failed to initialize VideoState!\n");
diff --git a/fftools/ffserver.c b/fftools/ffserver.c
index d4885df..7f8b238 100644
--- a/fftools/ffserver.c
+++ b/fftools/ffserver.c
@@ -476,7 +476,7 @@ static int compute_datarate(DataRateData *drd, int64_t count)
static void start_children(FFServerStream *feed)
{
char *pathname;
- char *slash;
+ char *dirname, *prog;
int i;
size_t cmd_length;
@@ -495,22 +495,18 @@ static void start_children(FFServerStream *feed)
return;
}
- slash = strrchr(my_program_name, '/');
- if (!slash) {
- pathname = av_mallocz(sizeof("ffmpeg"));
- } else {
- pathname = av_mallocz(slash - my_program_name + sizeof("ffmpeg"));
- if (pathname != NULL) {
- memcpy(pathname, my_program_name, slash - my_program_name);
- }
- }
- if (!pathname) {
+ /* use "ffmpeg" in the path of current program. Ignore user provided path */
+ prog = av_strdup(my_program_name);
+ if (prog) {
+ dirname = av_dirname(prog);
+ pathname = *dirname ? av_asprintf("%s/%s", dirname, "ffmpeg")
+ : av_asprintf("ffmpeg");
+ av_free(prog);
+ }
+ if (!prog || !pathname) {
http_log("Could not allocate memory for children cmd line\n");
return;
}
- /* use "ffmpeg" in the path of current program. Ignore user provided path */
-
- strcat(pathname, "ffmpeg");
for (; feed; feed = feed->next) {
diff --git a/libavcodec/aacdec_fixed.c b/libavcodec/aacdec_fixed.c
index f6a5330..32bd145 100644
--- a/libavcodec/aacdec_fixed.c
+++ b/libavcodec/aacdec_fixed.c
@@ -307,9 +307,9 @@ static av_always_inline void predict(PredictorState *ps, int *coef,
if (shift < 31) {
if (shift > 0) {
- *coef += (pv.mant + (1 << (shift - 1))) >> shift;
+ *coef += (unsigned)((pv.mant + (1 << (shift - 1))) >> shift);
} else
- *coef += pv.mant << -shift;
+ *coef += (unsigned)pv.mant << -shift;
}
}
@@ -394,7 +394,7 @@ static void apply_dependent_coupling_fixed(AACContext *ac,
for (k = offsets[i]; k < offsets[i + 1]; k++) {
tmp = (int)(((int64_t)src[group * 128 + k] * c + \
(int64_t)0x1000000000) >> 37);
- dest[group * 128 + k] += tmp * (1 << shift);
+ dest[group * 128 + k] += tmp * (1U << shift);
}
}
}
diff --git a/libavcodec/aacpsdsp_template.c b/libavcodec/aacpsdsp_template.c
index e35e969..19be200 100644
--- a/libavcodec/aacpsdsp_template.c
+++ b/libavcodec/aacpsdsp_template.c
@@ -130,12 +130,12 @@ static void ps_decorrelate_c(INTFLOAT (*out)[2], INTFLOAT (*delay)[2],
INTFLOAT apd_im = in_im;
in_re = AAC_MSUB30(link_delay_re, fractional_delay_re,
link_delay_im, fractional_delay_im);
- in_re -= a_re;
+ in_re -= (UINTFLOAT)a_re;
in_im = AAC_MADD30(link_delay_re, fractional_delay_im,
link_delay_im, fractional_delay_re);
- in_im -= a_im;
- ap_delay[m][n+5][0] = apd_re + AAC_MUL31(ag[m], in_re);
- ap_delay[m][n+5][1] = apd_im + AAC_MUL31(ag[m], in_im);
+ in_im -= (UINTFLOAT)a_im;
+ ap_delay[m][n+5][0] = apd_re + (UINTFLOAT)AAC_MUL31(ag[m], in_re);
+ ap_delay[m][n+5][1] = apd_im + (UINTFLOAT)AAC_MUL31(ag[m], in_im);
}
out[n][0] = AAC_MUL16(transient_gain[n], in_re);
out[n][1] = AAC_MUL16(transient_gain[n], in_im);
diff --git a/libavcodec/aacsbr_fixed.c b/libavcodec/aacsbr_fixed.c
index 289bb86..3d5875a 100644
--- a/libavcodec/aacsbr_fixed.c
+++ b/libavcodec/aacsbr_fixed.c
@@ -433,6 +433,7 @@ static void sbr_gain_calc(AACContext *ac, SpectralBandReplication *sbr,
av_add_sf(FLOAT_1, sbr->e_curr[e][m]),
av_add_sf(FLOAT_1, sbr->q_mapped[e][m]))));
}
+ sbr->gain[e][m] = av_add_sf(sbr->gain[e][m], FLOAT_MIN);
}
for (m = sbr->f_tablelim[k] - sbr->kx[1]; m < sbr->f_tablelim[k + 1] - sbr->kx[1]; m++) {
sum[0] = av_add_sf(sum[0], sbr->e_origmapped[e][m]);
diff --git a/libavcodec/amrwbdec.c b/libavcodec/amrwbdec.c
index 57aed87..7f2874d 100644
--- a/libavcodec/amrwbdec.c
+++ b/libavcodec/amrwbdec.c
@@ -611,7 +611,7 @@ static float voice_factor(float *p_vector, float p_gain,
AMRWB_SFR_SIZE) *
f_gain * f_gain;
- return (p_ener - f_ener) / (p_ener + f_ener);
+ return (p_ener - f_ener) / (p_ener + f_ener + 0.01);
}
/**
diff --git a/libavcodec/cngdec.c b/libavcodec/cngdec.c
index 1e884f3..28432ac 100644
--- a/libavcodec/cngdec.c
+++ b/libavcodec/cngdec.c
@@ -153,7 +153,7 @@ static int cng_decode_frame(AVCodecContext *avctx, void *data,
return ret;
buf_out = (int16_t *)frame->data[0];
for (i = 0; i < avctx->frame_size; i++)
- buf_out[i] = p->filter_out[i + p->order];
+ buf_out[i] = av_clip_int16(p->filter_out[i + p->order]);
memcpy(p->filter_out, p->filter_out + avctx->frame_size,
p->order * sizeof(*p->filter_out));
diff --git a/libavcodec/decode.c b/libavcodec/decode.c
index 1337ffb..fb1824b 100644
--- a/libavcodec/decode.c
+++ b/libavcodec/decode.c
@@ -753,6 +753,11 @@ static int compat_decode(AVCodecContext *avctx, AVFrame *frame,
av_assert0(avci->compat_decode_consumed == 0);
+ if (avci->draining_done && pkt && pkt->size != 0) {
+ av_log(avctx, AV_LOG_WARNING, "Got unexpected packet after EOF\n");
+ avcodec_flush_buffers(avctx);
+ }
+
*got_frame = 0;
avci->compat_decode = 1;
diff --git a/libavcodec/dirac_dwt.h b/libavcodec/dirac_dwt.h
index 35ed885..50c8b1e 100644
--- a/libavcodec/dirac_dwt.h
+++ b/libavcodec/dirac_dwt.h
@@ -102,7 +102,7 @@ void ff_spatial_idwt_slice2(DWTContext *d, int y);
(b2 + ((int)(-b0 + 9U*b1 + 9U*b3 - b4 + 8) >> 4))
#define COMPOSE_DD137iL0(b0, b1, b2, b3, b4)\
- (b2 - ((-b0 + 9*b1 + 9*b3 - b4 + 16) >> 5))
+ (b2 - ((int)(-b0 + 9U*b1 + 9U*b3 - b4 + 16) >> 5))
#define COMPOSE_HAARiL0(b0, b1)\
(b0 - ((b1 + 1) >> 1))
@@ -111,22 +111,22 @@ void ff_spatial_idwt_slice2(DWTContext *d, int y);
(b0 + b1)
#define COMPOSE_FIDELITYiL0(b0, b1, b2, b3, b4, b5, b6, b7, b8)\
- (b4 - ((int)(-8*(b0+(unsigned)b8) + 21*(b1+(unsigned)b7) - 46*(b2+(unsigned)b6) + 161*(b3+(unsigned)b5) + 128) >> 8))
+ ((unsigned)b4 - ((int)(-8*(b0+(unsigned)b8) + 21*(b1+(unsigned)b7) - 46*(b2+(unsigned)b6) + 161*(b3+(unsigned)b5) + 128) >> 8))
#define COMPOSE_FIDELITYiH0(b0, b1, b2, b3, b4, b5, b6, b7, b8)\
- (b4 + ((int)(-2*(b0+(unsigned)b8) + 10*(b1+(unsigned)b7) - 25*(b2+(unsigned)b6) + 81*(b3+(unsigned)b5) + 128) >> 8))
+ ((unsigned)b4 + ((int)(-2*(b0+(unsigned)b8) + 10*(b1+(unsigned)b7) - 25*(b2+(unsigned)b6) + 81*(b3+(unsigned)b5) + 128) >> 8))
#define COMPOSE_DAUB97iL1(b0, b1, b2)\
- (b1 - ((int)(1817*(b0 + (unsigned)b2) + 2048) >> 12))
+ ((unsigned)(b1) - ((int)(1817*(b0 + (unsigned)b2) + 2048) >> 12))
#define COMPOSE_DAUB97iH1(b0, b1, b2)\
- (b1 - ((int)( 113*(b0 + (unsigned)b2) + 64) >> 7))
+ ((unsigned)(b1) - ((int)( 113*(b0 + (unsigned)b2) + 64) >> 7))
#define COMPOSE_DAUB97iL0(b0, b1, b2)\
- (b1 + ((int)( 217*(b0 + (unsigned)b2) + 2048) >> 12))
+ ((unsigned)(b1) + ((int)( 217*(b0 + (unsigned)b2) + 2048) >> 12))
#define COMPOSE_DAUB97iH0(b0, b1, b2)\
- (b1 + ((int)(6497*(b0 + (unsigned)b2) + 2048) >> 12))
+ ((unsigned)(b1) + ((int)(6497*(b0 + (unsigned)b2) + 2048) >> 12))
#endif /* AVCODEC_DWT_H */
diff --git a/libavcodec/diracdsp.c b/libavcodec/diracdsp.c
index 8bc79b7..2dd56f8 100644
--- a/libavcodec/diracdsp.c
+++ b/libavcodec/diracdsp.c
@@ -159,10 +159,10 @@ static void put_signed_rect_clamped_ ## PX ## bit_c(uint8_t *_dst, int dst_strid
int32_t *src = (int32_t *)_src; \
for (y = 0; y < height; y++) { \
for (x = 0; x < width; x+=4) { \
- dst[x ] = av_clip_uintp2(src[x ] + (1 << (PX - 1)), PX); \
- dst[x+1] = av_clip_uintp2(src[x+1] + (1 << (PX - 1)), PX); \
- dst[x+2] = av_clip_uintp2(src[x+2] + (1 << (PX - 1)), PX); \
- dst[x+3] = av_clip_uintp2(src[x+3] + (1 << (PX - 1)), PX); \
+ dst[x ] = av_clip_uintp2(src[x ] + (1U << (PX - 1)), PX); \
+ dst[x+1] = av_clip_uintp2(src[x+1] + (1U << (PX - 1)), PX); \
+ dst[x+2] = av_clip_uintp2(src[x+2] + (1U << (PX - 1)), PX); \
+ dst[x+3] = av_clip_uintp2(src[x+3] + (1U << (PX - 1)), PX); \
} \
dst += dst_stride >> 1; \
src += src_stride >> 2; \
diff --git a/libavcodec/exr.c b/libavcodec/exr.c
index 0b755db..b1ecde4 100644
--- a/libavcodec/exr.c
+++ b/libavcodec/exr.c
@@ -855,7 +855,7 @@ static int pxr24_uncompress(EXRContext *s, const uint8_t *src,
in = ptr[2] + td->xsize;
for (j = 0; j < td->xsize; ++j) {
- uint32_t diff = (*(ptr[0]++) << 24) |
+ uint32_t diff = ((unsigned)*(ptr[0]++) << 24) |
(*(ptr[1]++) << 16) |
(*(ptr[2]++) << 8);
pixel += diff;
diff --git a/libavcodec/extract_extradata_bsf.c b/libavcodec/extract_extradata_bsf.c
index ed6509c..d40907a 100644
--- a/libavcodec/extract_extradata_bsf.c
+++ b/libavcodec/extract_extradata_bsf.c
@@ -78,7 +78,7 @@ static int extract_extradata_h2645(AVBSFContext *ctx, AVPacket *pkt,
ret = ff_h2645_packet_split(&h2645_pkt, pkt->data, pkt->size,
ctx, 0, 0, ctx->par_in->codec_id, 1);
if (ret < 0)
- return ret;
+ goto fail;
for (i = 0; i < h2645_pkt.nb_nals; i++) {
H2645NAL *nal = &h2645_pkt.nals[i];
diff --git a/libavcodec/h264dec.h b/libavcodec/h264dec.h
index 2106ba0..de8b7c3 100644
--- a/libavcodec/h264dec.h
+++ b/libavcodec/h264dec.h
@@ -416,6 +416,7 @@ typedef struct H264Context {
uint8_t (*mvd_table[2])[2];
uint8_t *direct_table;
+ uint8_t scan_padding[16];
uint8_t zigzag_scan[16];
uint8_t zigzag_scan8x8[64];
uint8_t zigzag_scan8x8_cavlc[64];
diff --git a/libavcodec/h264idct_template.c b/libavcodec/h264idct_template.c
index 3ad58c4..5993ae2 100644
--- a/libavcodec/h264idct_template.c
+++ b/libavcodec/h264idct_template.c
@@ -76,10 +76,10 @@ void FUNCC(ff_h264_idct8_add)(uint8_t *_dst, int16_t *_block, int stride){
for( i = 0; i < 8; i++ )
{
- const unsigned int a0 = block[i+0*8] + block[i+4*8];
- const unsigned int a2 = block[i+0*8] - block[i+4*8];
- const unsigned int a4 = (block[i+2*8]>>1) - block[i+6*8];
- const unsigned int a6 = (block[i+6*8]>>1) + block[i+2*8];
+ const unsigned int a0 = block[i+0*8] + (unsigned)block[i+4*8];
+ const unsigned int a2 = block[i+0*8] - (unsigned)block[i+4*8];
+ const unsigned int a4 = (block[i+2*8]>>1) - (unsigned)block[i+6*8];
+ const unsigned int a6 = (block[i+6*8]>>1) + (unsigned)block[i+2*8];
const unsigned int b0 = a0 + a6;
const unsigned int b2 = a2 + a4;
@@ -91,10 +91,10 @@ void FUNCC(ff_h264_idct8_add)(uint8_t *_dst, int16_t *_block, int stride){
const int a5 = -block[i+1*8] + (unsigned)block[i+7*8] + block[i+5*8] + (block[i+5*8]>>1);
const int a7 = block[i+3*8] + (unsigned)block[i+5*8] + block[i+1*8] + (block[i+1*8]>>1);
- const int b1 = (a7>>2) + a1;
- const int b3 = a3 + (a5>>2);
- const int b5 = (a3>>2) - a5;
- const int b7 = a7 - (a1>>2);
+ const int b1 = (a7>>2) + (unsigned)a1;
+ const int b3 = (unsigned)a3 + (a5>>2);
+ const int b5 = (a3>>2) - (unsigned)a5;
+ const int b7 = (unsigned)a7 - (a1>>2);
block[i+0*8] = b0 + b7;
block[i+7*8] = b0 - b7;
@@ -107,10 +107,10 @@ void FUNCC(ff_h264_idct8_add)(uint8_t *_dst, int16_t *_block, int stride){
}
for( i = 0; i < 8; i++ )
{
- const unsigned a0 = block[0+i*8] + block[4+i*8];
- const unsigned a2 = block[0+i*8] - block[4+i*8];
- const unsigned a4 = (block[2+i*8]>>1) - block[6+i*8];
- const unsigned a6 = (block[6+i*8]>>1) + block[2+i*8];
+ const unsigned a0 = block[0+i*8] + (unsigned)block[4+i*8];
+ const unsigned a2 = block[0+i*8] - (unsigned)block[4+i*8];
+ const unsigned a4 = (block[2+i*8]>>1) - (unsigned)block[6+i*8];
+ const unsigned a6 = (block[6+i*8]>>1) + (unsigned)block[2+i*8];
const unsigned b0 = a0 + a6;
const unsigned b2 = a2 + a4;
diff --git a/libavcodec/hevcdsp_template.c b/libavcodec/hevcdsp_template.c
index e09c661..0623cfa 100644
--- a/libavcodec/hevcdsp_template.c
+++ b/libavcodec/hevcdsp_template.c
@@ -1355,7 +1355,7 @@ static void FUNC(put_hevc_epel_bi_w_h)(uint8_t *_dst, ptrdiff_t _dststride, uint
for (y = 0; y < height; y++) {
for (x = 0; x < width; x++)
dst[x] = av_clip_pixel(((EPEL_FILTER(src, 1) >> (BIT_DEPTH - 8)) * wx1 + src2[x] * wx0 +
- ((ox0 + ox1 + 1) << log2Wd)) >> (log2Wd + 1));
+ ((ox0 + ox1 + 1) * (1 << log2Wd))) >> (log2Wd + 1));
src += srcstride;
dst += dststride;
src2 += MAX_PB_SIZE;
@@ -1407,7 +1407,7 @@ static void FUNC(put_hevc_epel_bi_w_v)(uint8_t *_dst, ptrdiff_t _dststride, uint
for (y = 0; y < height; y++) {
for (x = 0; x < width; x++)
dst[x] = av_clip_pixel(((EPEL_FILTER(src, srcstride) >> (BIT_DEPTH - 8)) * wx1 + src2[x] * wx0 +
- ((ox0 + ox1 + 1) << log2Wd)) >> (log2Wd + 1));
+ ((ox0 + ox1 + 1) * (1 << log2Wd))) >> (log2Wd + 1));
src += srcstride;
dst += dststride;
src2 += MAX_PB_SIZE;
diff --git a/libavcodec/j2kenc.c b/libavcodec/j2kenc.c
index c8d3861..baaf474 100644
--- a/libavcodec/j2kenc.c
+++ b/libavcodec/j2kenc.c
@@ -688,7 +688,8 @@ static void encode_cblk(Jpeg2000EncoderContext *s, Jpeg2000T1Context *t1, Jpeg20
cblk->npasses = passno;
cblk->ninclpasses = passno;
- cblk->passes[passno-1].rate = ff_mqc_flush_to(&t1->mqc, cblk->passes[passno-1].flushed, &cblk->passes[passno-1].flushed_len);
+ if (passno)
+ cblk->passes[passno-1].rate = ff_mqc_flush_to(&t1->mqc, cblk->passes[passno-1].flushed, &cblk->passes[passno-1].flushed_len);
}
/* tier-2 routines: */
diff --git a/libavcodec/jpeglsdec.c b/libavcodec/jpeglsdec.c
index 6450532..5308b74 100644
--- a/libavcodec/jpeglsdec.c
+++ b/libavcodec/jpeglsdec.c
@@ -233,6 +233,9 @@ static inline void ls_decode_line(JLSState *state, MJpegDecodeContext *s,
while (x < w) {
int err, pred;
+ if (get_bits_left(&s->gb) <= 0)
+ return;
+
/* compute gradients */
Ra = x ? R(dst, x - stride) : R(last, x);
Rb = R(last, x);
@@ -443,6 +446,10 @@ int ff_jpegls_decode_picture(MJpegDecodeContext *s, int near,
avpriv_report_missing_feature(s->avctx, "Sample interleaved images");
ret = AVERROR_PATCHWELCOME;
goto end;
+ } else { /* unknown interleaving */
+ avpriv_report_missing_feature(s->avctx, "Unknown interleaved images");
+ ret = AVERROR_PATCHWELCOME;
+ goto end;
}
if (s->xfrm && s->nb_components == 3) {
diff --git a/libavcodec/kgv1dec.c b/libavcodec/kgv1dec.c
index 5359411..a6bd940 100644
--- a/libavcodec/kgv1dec.c
+++ b/libavcodec/kgv1dec.c
@@ -62,6 +62,9 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
h = (buf[1] + 1) * 8;
buf += 2;
+ if (avpkt->size < 2 + w*h / 513)
+ return AVERROR_INVALIDDATA;
+
if (w != avctx->width || h != avctx->height) {
av_freep(&c->frame_buffer);
av_freep(&c->last_frame_buffer);
diff --git a/libavcodec/mdct_fixed.c b/libavcodec/mdct_fixed.c
index a32cb00..aabf0c8 100644
--- a/libavcodec/mdct_fixed.c
+++ b/libavcodec/mdct_fixed.c
@@ -39,13 +39,13 @@ void ff_mdct_calcw_c(FFTContext *s, FFTDouble *out, const FFTSample *input)
/* pre rotation */
for(i=0;i<n8;i++) {
- re = RSCALE(-input[2*i+n3] - input[n3-1-2*i]);
- im = RSCALE(-input[n4+2*i] + input[n4-1-2*i]);
+ re = RSCALE(-input[2*i+n3], - input[n3-1-2*i]);
+ im = RSCALE(-input[n4+2*i], + input[n4-1-2*i]);
j = revtab[i];
CMUL(x[j].re, x[j].im, re, im, -tcos[i], tsin[i]);
- re = RSCALE( input[2*i] - input[n2-1-2*i]);
- im = RSCALE(-input[n2+2*i] - input[ n-1-2*i]);
+ re = RSCALE( input[2*i] , - input[n2-1-2*i]);
+ im = RSCALE(-input[n2+2*i], - input[ n-1-2*i]);
j = revtab[n8 + i];
CMUL(x[j].re, x[j].im, re, im, -tcos[n8 + i], tsin[n8 + i]);
}
diff --git a/libavcodec/mdct_template.c b/libavcodec/mdct_template.c
index 04396b4..e0ad9f1 100644
--- a/libavcodec/mdct_template.c
+++ b/libavcodec/mdct_template.c
@@ -33,12 +33,12 @@
*/
#if FFT_FLOAT
-# define RSCALE(x) (x)
+# define RSCALE(x, y) ((x) + (y))
#else
#if FFT_FIXED_32
-# define RSCALE(x) (((x) + 32) >> 6)
+# define RSCALE(x, y) ((int)((x) + (unsigned)(y) + 32) >> 6)
#else /* FFT_FIXED_32 */
-# define RSCALE(x) ((x) >> 1)
+# define RSCALE(x, y) ((int)((x) + (unsigned)(y)) >> 1)
#endif /* FFT_FIXED_32 */
#endif
@@ -181,13 +181,13 @@ void ff_mdct_calc_c(FFTContext *s, FFTSample *out, const FFTSample *input)
/* pre rotation */
for(i=0;i<n8;i++) {
- re = RSCALE(-input[2*i+n3] - input[n3-1-2*i]);
- im = RSCALE(-input[n4+2*i] + input[n4-1-2*i]);
+ re = RSCALE(-input[2*i+n3], - input[n3-1-2*i]);
+ im = RSCALE(-input[n4+2*i], + input[n4-1-2*i]);
j = revtab[i];
CMUL(x[j].re, x[j].im, re, im, -tcos[i], tsin[i]);
- re = RSCALE( input[2*i] - input[n2-1-2*i]);
- im = RSCALE(-input[n2+2*i] - input[ n-1-2*i]);
+ re = RSCALE( input[2*i] , - input[n2-1-2*i]);
+ im = RSCALE(-input[n2+2*i], - input[ n-1-2*i]);
j = revtab[n8 + i];
CMUL(x[j].re, x[j].im, re, im, -tcos[n8 + i], tsin[n8 + i]);
}
diff --git a/libavcodec/mlpdsp.c b/libavcodec/mlpdsp.c
index fbafa92..32a4503 100644
--- a/libavcodec/mlpdsp.c
+++ b/libavcodec/mlpdsp.c
@@ -117,7 +117,7 @@ int32_t ff_mlp_pack_output(int32_t lossless_check_data,
(1U << output_shift[mat_ch]);
lossless_check_data ^= (sample & 0xffffff) << mat_ch;
if (is32)
- *data_32++ = sample << 8;
+ *data_32++ = sample * 256U;
else
*data_16++ = sample >> 8;
}
diff --git a/libavcodec/mpeg4videodec.c b/libavcodec/mpeg4videodec.c
index cd39131..8eafc78 100644
--- a/libavcodec/mpeg4videodec.c
+++ b/libavcodec/mpeg4videodec.c
@@ -2149,8 +2149,15 @@ static int decode_user_data(Mpeg4DecContext *ctx, GetBitContext *gb)
e = sscanf(buf, "FFmpeg v%d.%d.%d / libavcodec build: %d", &ver, &ver2, &ver3, &build);
if (e != 4) {
e = sscanf(buf, "Lavc%d.%d.%d", &ver, &ver2, &ver3) + 1;
- if (e > 1)
- build = (ver << 16) + (ver2 << 8) + ver3;
+ if (e > 1) {
+ if (ver > 0xFFU || ver2 > 0xFFU || ver3 > 0xFFU) {
+ av_log(s->avctx, AV_LOG_WARNING,
+ "Unknown Lavc version string encountered, %d.%d.%d; "
+ "clamping sub-version values to 8-bits.\n",
+ ver, ver2, ver3);
+ }
+ build = ((ver & 0xFF) << 16) + ((ver2 & 0xFF) << 8) + (ver3 & 0xFF);
+ }
}
if (e != 4) {
if (strcmp(buf, "ffmpeg") == 0)
diff --git a/libavcodec/mpegaudiodsp.c b/libavcodec/mpegaudiodsp.c
index a5d20df..3cafca2 100644
--- a/libavcodec/mpegaudiodsp.c
+++ b/libavcodec/mpegaudiodsp.c
@@ -20,17 +20,21 @@
#include "config.h"
#include "libavutil/attributes.h"
+#include "libavutil/thread.h"
#include "mpegaudiodsp.h"
#include "dct.h"
#include "dct32.h"
+static AVOnce mpadsp_float_table_init = AV_ONCE_INIT;
+static AVOnce mpadsp_fixed_table_init = AV_ONCE_INIT;
+
av_cold void ff_mpadsp_init(MPADSPContext *s)
{
DCTContext dct;
ff_dct_init(&dct, 5, DCT_II);
- ff_init_mpadsp_tabs_float();
- ff_init_mpadsp_tabs_fixed();
+ ff_thread_once(&mpadsp_float_table_init, &ff_init_mpadsp_tabs_float);
+ ff_thread_once(&mpadsp_fixed_table_init, &ff_init_mpadsp_tabs_fixed);
s->apply_window_float = ff_mpadsp_apply_window_float;
s->apply_window_fixed = ff_mpadsp_apply_window_fixed;
diff --git a/libavcodec/proresdec2.c b/libavcodec/proresdec2.c
index 0f791de..2ebda78 100644
--- a/libavcodec/proresdec2.c
+++ b/libavcodec/proresdec2.c
@@ -517,8 +517,8 @@ static int decode_slice_thread(AVCodecContext *avctx, void *arg, int jobnr, int
int luma_stride, chroma_stride;
int y_data_size, u_data_size, v_data_size, a_data_size;
uint8_t *dest_y, *dest_u, *dest_v, *dest_a;
- int16_t qmat_luma_scaled[64];
- int16_t qmat_chroma_scaled[64];
+ LOCAL_ALIGNED_16(int16_t, qmat_luma_scaled, [64]);
+ LOCAL_ALIGNED_16(int16_t, qmat_chroma_scaled,[64]);
int mb_x_shift;
int ret;
diff --git a/libavcodec/sbrdsp_fixed.c b/libavcodec/sbrdsp_fixed.c
index 896b2d7..57d98da 100644
--- a/libavcodec/sbrdsp_fixed.c
+++ b/libavcodec/sbrdsp_fixed.c
@@ -133,7 +133,7 @@ static av_always_inline SoftFloat autocorr_calc(int64_t accu)
round = 1U << (nz-1);
mant = (int)((accu + round) >> nz);
- mant = (mant + 0x40)>>7;
+ mant = (mant + 0x40LL)>>7;
mant *= 64;
expo = nz + 15;
return av_int2sf(mant, 30 - expo);
@@ -244,12 +244,14 @@ static void sbr_hf_g_filt_c(int (*Y)[2], const int (*X_high)[40][2],
int64_t accu;
for (m = 0; m < m_max; m++) {
- int64_t r = 1LL << (22-g_filt[m].exp);
- accu = (int64_t)X_high[m][ixh][0] * ((g_filt[m].mant + 0x40)>>7);
- Y[m][0] = (int)((accu + r) >> (23-g_filt[m].exp));
+ if (22 - g_filt[m].exp < 61) {
+ int64_t r = 1LL << (22-g_filt[m].exp);
+ accu = (int64_t)X_high[m][ixh][0] * ((g_filt[m].mant + 0x40)>>7);
+ Y[m][0] = (int)((accu + r) >> (23-g_filt[m].exp));
- accu = (int64_t)X_high[m][ixh][1] * ((g_filt[m].mant + 0x40)>>7);
- Y[m][1] = (int)((accu + r) >> (23-g_filt[m].exp));
+ accu = (int64_t)X_high[m][ixh][1] * ((g_filt[m].mant + 0x40)>>7);
+ Y[m][1] = (int)((accu + r) >> (23-g_filt[m].exp));
+ }
}
}
diff --git a/libavcodec/snowdec.c b/libavcodec/snowdec.c
index 13668c2..a9bdb8d 100644
--- a/libavcodec/snowdec.c
+++ b/libavcodec/snowdec.c
@@ -183,13 +183,22 @@ static int decode_q_branch(SnowContext *s, int level, int x, int y){
int my_context= av_log2(2*FFABS(left->my - top->my)) + 0*av_log2(2*FFABS(tr->my - top->my));
type= get_rac(&s->c, &s->block_state[1 + left->type + top->type]) ? BLOCK_INTRA : 0;
-
if(type){
+ int ld, cbd, crd;
pred_mv(s, &mx, &my, 0, left, top, tr);
- l += get_symbol(&s->c, &s->block_state[32], 1);
+ ld = get_symbol(&s->c, &s->block_state[32], 1);
+ if (ld < -255 || ld > 255) {
+ return AVERROR_INVALIDDATA;
+ }
+ l += ld;
if (s->nb_planes > 2) {
- cb+= get_symbol(&s->c, &s->block_state[64], 1);
- cr+= get_symbol(&s->c, &s->block_state[96], 1);
+ cbd = get_symbol(&s->c, &s->block_state[64], 1);
+ crd = get_symbol(&s->c, &s->block_state[96], 1);
+ if (cbd < -255 || cbd > 255 || crd < -255 || crd > 255) {
+ return AVERROR_INVALIDDATA;
+ }
+ cb += cbd;
+ cr += crd;
}
}else{
if(s->ref_frames > 1)
@@ -374,7 +383,7 @@ static int decode_header(SnowContext *s){
}
}
- s->spatial_decomposition_type+= get_symbol(&s->c, s->header_state, 1);
+ s->spatial_decomposition_type+= (unsigned)get_symbol(&s->c, s->header_state, 1);
if(s->spatial_decomposition_type > 1U){
av_log(s->avctx, AV_LOG_ERROR, "spatial_decomposition_type %d not supported\n", s->spatial_decomposition_type);
return AVERROR_INVALIDDATA;
@@ -390,10 +399,10 @@ static int decode_header(SnowContext *s){
}
- s->qlog += get_symbol(&s->c, s->header_state, 1);
- s->mv_scale += get_symbol(&s->c, s->header_state, 1);
- s->qbias += get_symbol(&s->c, s->header_state, 1);
- s->block_max_depth+= get_symbol(&s->c, s->header_state, 1);
+ s->qlog += (unsigned)get_symbol(&s->c, s->header_state, 1);
+ s->mv_scale += (unsigned)get_symbol(&s->c, s->header_state, 1);
+ s->qbias += (unsigned)get_symbol(&s->c, s->header_state, 1);
+ s->block_max_depth+= (unsigned)get_symbol(&s->c, s->header_state, 1);
if(s->block_max_depth > 1 || s->block_max_depth < 0 || s->mv_scale > 256U){
av_log(s->avctx, AV_LOG_ERROR, "block_max_depth= %d is too large\n", s->block_max_depth);
s->block_max_depth= 0;
@@ -428,6 +437,8 @@ static int decode_blocks(SnowContext *s){
for(y=0; y<h; y++){
for(x=0; x<w; x++){
+ if (s->c.bytestream >= s->c.bytestream_end)
+ return AVERROR_INVALIDDATA;
if ((res = decode_q_branch(s, 0, x, y)) < 0)
return res;
}
diff --git a/libavcodec/vc2enc.c b/libavcodec/vc2enc.c
index 96e27d9..cdc7d42 100644
--- a/libavcodec/vc2enc.c
+++ b/libavcodec/vc2enc.c
@@ -1171,7 +1171,7 @@ static av_cold int vc2_encode_init(AVCodecContext *avctx)
p->dwt_width = w = FFALIGN(p->width, (1 << s->wavelet_depth));
p->dwt_height = h = FFALIGN(p->height, (1 << s->wavelet_depth));
p->coef_stride = FFALIGN(p->dwt_width, 32);
- p->coef_buf = av_malloc(p->coef_stride*p->dwt_height*sizeof(dwtcoef));
+ p->coef_buf = av_mallocz(p->coef_stride*p->dwt_height*sizeof(dwtcoef));
if (!p->coef_buf)
goto alloc_fail;
for (level = s->wavelet_depth-1; level >= 0; level--) {
@@ -1190,7 +1190,8 @@ static av_cold int vc2_encode_init(AVCodecContext *avctx)
/* DWT init */
if (ff_vc2enc_init_transforms(&s->transform_args[i].t,
s->plane[i].coef_stride,
- s->plane[i].dwt_height))
+ s->plane[i].dwt_height,
+ s->slice_width, s->slice_height))
goto alloc_fail;
}
diff --git a/libavcodec/vc2enc_dwt.c b/libavcodec/vc2enc_dwt.c
index c60b003..d22af8a 100644
--- a/libavcodec/vc2enc_dwt.c
+++ b/libavcodec/vc2enc_dwt.c
@@ -255,21 +255,27 @@ static void vc2_subband_dwt_haar_shift(VC2TransformContext *t, dwtcoef *data,
dwt_haar(t, data, stride, width, height, 1);
}
-av_cold int ff_vc2enc_init_transforms(VC2TransformContext *s, int p_width, int p_height)
+av_cold int ff_vc2enc_init_transforms(VC2TransformContext *s, int p_stride,
+ int p_height, int slice_w, int slice_h)
{
s->vc2_subband_dwt[VC2_TRANSFORM_9_7] = vc2_subband_dwt_97;
s->vc2_subband_dwt[VC2_TRANSFORM_5_3] = vc2_subband_dwt_53;
s->vc2_subband_dwt[VC2_TRANSFORM_HAAR] = vc2_subband_dwt_haar;
s->vc2_subband_dwt[VC2_TRANSFORM_HAAR_S] = vc2_subband_dwt_haar_shift;
- s->buffer = av_malloc(2*p_width*p_height*sizeof(dwtcoef));
+ /* Pad by the slice size, only matters for non-Haar wavelets */
+ s->buffer = av_calloc((p_stride + slice_w)*(p_height + slice_h), sizeof(dwtcoef));
if (!s->buffer)
return 1;
+ s->padding = (slice_h >> 1)*p_stride + (slice_w >> 1);
+ s->buffer += s->padding;
+
return 0;
}
av_cold void ff_vc2enc_free_transforms(VC2TransformContext *s)
{
- av_freep(&s->buffer);
+ av_free(s->buffer - s->padding);
+ s->buffer = NULL;
}
diff --git a/libavcodec/vc2enc_dwt.h b/libavcodec/vc2enc_dwt.h
index 7fbbfbe..a6932bc 100644
--- a/libavcodec/vc2enc_dwt.h
+++ b/libavcodec/vc2enc_dwt.h
@@ -41,12 +41,14 @@ enum VC2TransformType {
typedef struct VC2TransformContext {
dwtcoef *buffer;
+ int padding;
void (*vc2_subband_dwt[VC2_TRANSFORMS_NB])(struct VC2TransformContext *t,
dwtcoef *data, ptrdiff_t stride,
int width, int height);
} VC2TransformContext;
-int ff_vc2enc_init_transforms(VC2TransformContext *t, int p_width, int p_height);
+int ff_vc2enc_init_transforms(VC2TransformContext *t, int p_stride, int p_height,
+ int slice_w, int slice_h);
void ff_vc2enc_free_transforms(VC2TransformContext *t);
#endif /* AVCODEC_VC2ENC_DWT_H */
diff --git a/libavcodec/vorbis.c b/libavcodec/vorbis.c
index 399020e..aabd9bb 100644
--- a/libavcodec/vorbis.c
+++ b/libavcodec/vorbis.c
@@ -67,7 +67,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes, unsigned num)
if (bits[p] > 32)
return AVERROR_INVALIDDATA;
for (i = 0; i < bits[p]; ++i)
- exit_at_level[i+1] = 1 << i;
+ exit_at_level[i+1] = 1u << i;
++p;
@@ -91,7 +91,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes, unsigned num)
exit_at_level[i] = 0;
// construct code (append 0s to end) and introduce new exits
for (j = i + 1 ;j <= bits[p]; ++j)
- exit_at_level[j] = code + (1 << (j - 1));
+ exit_at_level[j] = code + (1u << (j - 1));
codes[p] = code;
}
diff --git a/libavcodec/vp9_superframe_split_bsf.c b/libavcodec/vp9_superframe_split_bsf.c
index 6d6d8e6..0d2523e 100644
--- a/libavcodec/vp9_superframe_split_bsf.c
+++ b/libavcodec/vp9_superframe_split_bsf.c
@@ -59,7 +59,7 @@ static int vp9_superframe_split_filter(AVBSFContext *ctx, AVPacket *out)
if (in->size >= idx_size && in->data[in->size - idx_size] == marker) {
GetByteContext bc;
- int total_size = 0;
+ int64_t total_size = 0;
bytestream2_init(&bc, in->data + in->size + 1 - idx_size,
nb_frames * length_size);
@@ -70,7 +70,7 @@ static int vp9_superframe_split_filter(AVBSFContext *ctx, AVPacket *out)
frame_size |= bytestream2_get_byte(&bc) << (j * 8);
total_size += frame_size;
- if (total_size > in->size - idx_size) {
+ if (frame_size < 0 || total_size > in->size - idx_size) {
av_log(ctx, AV_LOG_ERROR,
"Invalid frame size in a superframe: %d\n", frame_size);
ret = AVERROR(EINVAL);
diff --git a/libavcodec/wmv2dec.c b/libavcodec/wmv2dec.c
index 20dbee5..225e30a 100644
--- a/libavcodec/wmv2dec.c
+++ b/libavcodec/wmv2dec.c
@@ -30,7 +30,7 @@
#include "wmv2.h"
-static void parse_mb_skip(Wmv2Context *w)
+static int parse_mb_skip(Wmv2Context *w)
{
int mb_x, mb_y;
MpegEncContext *const s = &w->s;
@@ -45,6 +45,8 @@ static void parse_mb_skip(Wmv2Context *w)
MB_TYPE_16x16 | MB_TYPE_L0;
break;
case SKIP_TYPE_MPEG:
+ if (get_bits_left(&s->gb) < s->mb_height * s->mb_width)
+ return AVERROR_INVALIDDATA;
for (mb_y = 0; mb_y < s->mb_height; mb_y++)
for (mb_x = 0; mb_x < s->mb_width; mb_x++)
mb_type[mb_y * s->mb_stride + mb_x] =
@@ -52,6 +54,8 @@ static void parse_mb_skip(Wmv2Context *w)
break;
case SKIP_TYPE_ROW:
for (mb_y = 0; mb_y < s->mb_height; mb_y++) {
+ if (get_bits_left(&s->gb) < 1)
+ return AVERROR_INVALIDDATA;
if (get_bits1(&s->gb)) {
for (mb_x = 0; mb_x < s->mb_width; mb_x++)
mb_type[mb_y * s->mb_stride + mb_x] =
@@ -65,6 +69,8 @@ static void parse_mb_skip(Wmv2Context *w)
break;
case SKIP_TYPE_COL:
for (mb_x = 0; mb_x < s->mb_width; mb_x++) {
+ if (get_bits_left(&s->gb) < 1)
+ return AVERROR_INVALIDDATA;
if (get_bits1(&s->gb)) {
for (mb_y = 0; mb_y < s->mb_height; mb_y++)
mb_type[mb_y * s->mb_stride + mb_x] =
@@ -77,6 +83,7 @@ static void parse_mb_skip(Wmv2Context *w)
}
break;
}
+ return 0;
}
static int decode_ext_header(Wmv2Context *w)
@@ -170,9 +177,12 @@ int ff_wmv2_decode_secondary_picture_header(MpegEncContext *s)
}
} else {
int cbp_index;
+ int ret;
w->j_type = 0;
- parse_mb_skip(w);
+ ret = parse_mb_skip(w);
+ if (ret < 0)
+ return ret;
cbp_index = decode012(&s->gb);
w->cbp_table_index = wmv2_get_cbp_table_index(s, cbp_index);
@@ -359,6 +369,8 @@ int ff_wmv2_decode_mb(MpegEncContext *s, int16_t block[6][64])
w->hshift = 0;
return 0;
}
+ if (get_bits_left(&s->gb) <= 0)
+ return AVERROR_INVALIDDATA;
code = get_vlc2(&s->gb, ff_mb_non_intra_vlc[w->cbp_table_index].table,
MB_NON_INTRA_VLC_BITS, 3);
@@ -369,6 +381,8 @@ int ff_wmv2_decode_mb(MpegEncContext *s, int16_t block[6][64])
cbp = code & 0x3f;
} else {
s->mb_intra = 1;
+ if (get_bits_left(&s->gb) <= 0)
+ return AVERROR_INVALIDDATA;
code = get_vlc2(&s->gb, ff_msmp4_mb_i_vlc.table, MB_INTRA_VLC_BITS, 2);
if (code < 0) {
av_log(s->avctx, AV_LOG_ERROR,
diff --git a/libavcodec/x86/mpegvideodsp.c b/libavcodec/x86/mpegvideodsp.c
index e0498f3..6009b64 100644
--- a/libavcodec/x86/mpegvideodsp.c
+++ b/libavcodec/x86/mpegvideodsp.c
@@ -52,8 +52,9 @@ static void gmc_mmx(uint8_t *dst, uint8_t *src,
const int dyh = (dyy - (1 << (16 + shift))) * (h - 1);
const int dxh = dxy * (h - 1);
const int dyw = dyx * (w - 1);
- int need_emu = (unsigned) ix >= width - w ||
- (unsigned) iy >= height - h;
+ int need_emu = (unsigned) ix >= width - w || width < w ||
+ (unsigned) iy >= height - h || height< h
+ ;
if ( // non-constant fullpel offset (3% of blocks)
((ox ^ (ox + dxw)) | (ox ^ (ox + dxh)) | (ox ^ (ox + dxw + dxh)) |
diff --git a/libavcodec/xan.c b/libavcodec/xan.c
index 4c01c00..1ccf164 100644
--- a/libavcodec/xan.c
+++ b/libavcodec/xan.c
@@ -131,7 +131,10 @@ static int xan_huffman_decode(uint8_t *dest, int dest_len,
return ret;
while (val != 0x16) {
- unsigned idx = val - 0x17 + get_bits1(&gb) * byte;
+ unsigned idx;
+ if (get_bits_left(&gb) < 1)
+ return AVERROR_INVALIDDATA;
+ idx = val - 0x17 + get_bits1(&gb) * byte;
if (idx >= 2 * byte)
return AVERROR_INVALIDDATA;
val = src[idx];
@@ -263,7 +266,7 @@ static inline void xan_wc3_copy_pixel_run(XanContext *s, AVFrame *frame,
prevframe_index = (y + motion_y) * stride + x + motion_x;
prevframe_x = x + motion_x;
- if (prev_palette_plane == palette_plane && FFABS(curframe_index - prevframe_index) < pixel_count) {
+ if (prev_palette_plane == palette_plane && FFABS(motion_x + width*motion_y) < pixel_count) {
avpriv_request_sample(s->avctx, "Overlapping copy");
return ;
}
diff --git a/libavcodec/zmbv.c b/libavcodec/zmbv.c
index b09dc41..f91d2e3 100644
--- a/libavcodec/zmbv.c
+++ b/libavcodec/zmbv.c
@@ -539,6 +539,8 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame, AVPac
} else {
frame->key_frame = 0;
frame->pict_type = AV_PICTURE_TYPE_P;
+ if (c->decomp_len < 2LL * ((c->width + c->bw - 1) / c->bw) * ((c->height + c->bh - 1) / c->bh))
+ return AVERROR_INVALIDDATA;
if (c->decomp_len)
c->decode_xor(c);
}
diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
index 23b2941..d8a63a7 100644
--- a/libavfilter/af_pan.c
+++ b/libavfilter/af_pan.c
@@ -166,6 +166,7 @@ static av_cold int init(AVFilterContext *ctx)
goto fail;
}
/* gains */
+ sign = 1;
while (1) {
gain = 1;
if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
diff --git a/libavformat/aacdec.c b/libavformat/aacdec.c
index 364b334..36d558f 100644
--- a/libavformat/aacdec.c
+++ b/libavformat/aacdec.c
@@ -139,7 +139,11 @@ static int adts_aac_read_packet(AVFormatContext *s, AVPacket *pkt)
return AVERROR_INVALIDDATA;
}
- return av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE);
+ ret = av_append_packet(s->pb, pkt, fsize - ADTS_HEADER_SIZE);
+ if (ret < 0)
+ av_packet_unref(pkt);
+
+ return ret;
}
AVInputFormat ff_aac_demuxer = {
diff --git a/libavformat/hlsenc.c b/libavformat/hlsenc.c
index 418f153..e0cef8b 100644
--- a/libavformat/hlsenc.c
+++ b/libavformat/hlsenc.c
@@ -108,6 +108,9 @@ typedef struct HLSContext {
uint32_t start_sequence_source_type; // enum StartSequenceSourceType
AVOutputFormat *oformat;
AVOutputFormat *vtt_oformat;
+ AVIOContext *out;
+ int packets_written;
+ int init_range_length;
AVFormatContext *avf;
AVFormatContext *vtt_avf;
@@ -598,6 +601,7 @@ static int hls_mux_init(AVFormatContext *s)
st->time_base = s->streams[i]->time_base;
av_dict_copy(&st->metadata, s->streams[i]->metadata, 0);
}
+ hls->packets_written = 1;
hls->start_pos = 0;
hls->new_start = 1;
hls->fmp4_init_mode = 0;
@@ -607,9 +611,14 @@ static int hls_mux_init(AVFormatContext *s)
av_log(s, AV_LOG_WARNING, "Multi-file byterange mode is currently unsupported in the HLS muxer.\n");
return AVERROR_PATCHWELCOME;
}
+ hls->packets_written = 0;
+ hls->init_range_length = 0;
hls->fmp4_init_mode = !byterange_mode;
set_http_options(s, &options, hls);
- if ((ret = s->io_open(s, &oc->pb, hls->base_output_dirname, AVIO_FLAG_WRITE, &options)) < 0) {
+ if ((ret = avio_open_dyn_buf(&oc->pb)) < 0)
+ return ret;
+
+ if ((ret = s->io_open(s, &hls->out, hls->base_output_dirname, AVIO_FLAG_WRITE, &options)) < 0) {
av_log(s, AV_LOG_ERROR, "Failed to open segment '%s'\n", hls->fmp4_init_filename);
return ret;
}
@@ -634,6 +643,7 @@ static int hls_mux_init(AVFormatContext *s)
av_dict_free(&options);
return AVERROR(EINVAL);
}
+ avio_flush(oc->pb);
av_dict_free(&options);
}
return 0;
@@ -1080,15 +1090,15 @@ static int hls_window(AVFormatContext *s, int last)
avio_printf(out, ",BYTERANGE=\"%"PRId64"@%"PRId64"\"", en->size, en->pos);
}
avio_printf(out, "\n");
- } else {
- if (hls->flags & HLS_ROUND_DURATIONS)
- avio_printf(out, "#EXTINF:%ld,\n", lrint(en->duration));
- else
- avio_printf(out, "#EXTINF:%f,\n", en->duration);
- if (byterange_mode)
- avio_printf(out, "#EXT-X-BYTERANGE:%"PRId64"@%"PRId64"\n",
- en->size, en->pos);
}
+ if (hls->flags & HLS_ROUND_DURATIONS)
+ avio_printf(out, "#EXTINF:%ld,\n", lrint(en->duration));
+ else
+ avio_printf(out, "#EXTINF:%f,\n", en->duration);
+ if (byterange_mode)
+ avio_printf(out, "#EXT-X-BYTERANGE:%"PRId64"@%"PRId64"\n",
+ en->size, en->pos);
+
if (hls->flags & HLS_PROGRAM_DATE_TIME) {
time_t tt, wrongsecs;
int milli;
@@ -1113,11 +1123,9 @@ static int hls_window(AVFormatContext *s, int last)
avio_printf(out, "#EXT-X-PROGRAM-DATE-TIME:%s.%03d%s\n", buf0, milli, buf1);
prog_date_time += en->duration;
}
- if (!((hls->segment_type == SEGMENT_TYPE_FMP4) && (en == hls->segments))) {
- if (hls->baseurl)
- avio_printf(out, "%s", hls->baseurl);
- avio_printf(out, "%s\n", en->filename);
- }
+ if (hls->baseurl)
+ avio_printf(out, "%s", hls->baseurl);
+ avio_printf(out, "%s\n", en->filename);
}
if (last && (hls->flags & HLS_OMIT_ENDLIST)==0)
@@ -1335,6 +1343,7 @@ static int hls_write_header(AVFormatContext *s)
AVDictionary *options = NULL;
int basename_size = 0;
int vtt_basename_size = 0;
+ int fmp4_init_filename_len = strlen(hls->fmp4_init_filename) + 1;
if (hls->segment_type == SEGMENT_TYPE_FMP4) {
pattern = "%d.m4s";
@@ -1444,28 +1453,35 @@ static int hls_write_header(AVFormatContext *s)
}
}
- if (av_strcasecmp(hls->fmp4_init_filename, "init.mp4")) {
- int fmp4_init_filename_len = strlen(hls->fmp4_init_filename) + 1;
- hls->base_output_dirname = av_malloc(fmp4_init_filename_len);
- if (!hls->base_output_dirname) {
- ret = AVERROR(ENOMEM);
- goto fail;
- }
- av_strlcpy(hls->base_output_dirname, hls->fmp4_init_filename, fmp4_init_filename_len);
- } else {
- hls->base_output_dirname = av_malloc(basename_size);
- if (!hls->base_output_dirname) {
- ret = AVERROR(ENOMEM);
- goto fail;
- }
-
- av_strlcpy(hls->base_output_dirname, s->filename, basename_size);
- p = strrchr(hls->base_output_dirname, '/');
- if (p) {
- *(p + 1) = '\0';
- av_strlcat(hls->base_output_dirname, hls->fmp4_init_filename, basename_size);
+ if (hls->segment_type == SEGMENT_TYPE_FMP4) {
+ if (av_strcasecmp(hls->fmp4_init_filename, "init.mp4")) {
+ hls->base_output_dirname = av_malloc(fmp4_init_filename_len);
+ if (!hls->base_output_dirname) {
+ ret = AVERROR(ENOMEM);
+ goto fail;
+ }
+ av_strlcpy(hls->base_output_dirname, hls->fmp4_init_filename, fmp4_init_filename_len);
} else {
- av_strlcpy(hls->base_output_dirname, hls->fmp4_init_filename, basename_size);
+ if (basename_size > 0) {
+ hls->base_output_dirname = av_malloc(basename_size);
+ } else {
+ hls->base_output_dirname = av_malloc(strlen(hls->fmp4_init_filename) + 1);
+ }
+ if (!hls->base_output_dirname) {
+ ret = AVERROR(ENOMEM);
+ goto fail;
+ }
+
+ if (basename_size > 0) {
+ av_strlcpy(hls->base_output_dirname, s->filename, basename_size);
+ p = strrchr(hls->base_output_dirname, '/');
+ }
+ if (p) {
+ *(p + 1) = '\0';
+ av_strlcat(hls->base_output_dirname, hls->fmp4_init_filename, basename_size);
+ } else {
+ av_strlcpy(hls->base_output_dirname, hls->fmp4_init_filename, fmp4_init_filename_len);
+ }
}
}
@@ -1594,6 +1610,8 @@ static int hls_write_packet(AVFormatContext *s, AVPacket *pkt)
int is_ref_pkt = 1;
int ret = 0, can_split = 1;
int stream_index = 0;
+ int range_length = 0;
+ uint8_t *buffer = NULL;
if (hls->sequence - hls->nb_entries > hls->start_sequence && hls->init_time > 0) {
/* reset end_pts, hls->recording_time at end of the init hls list */
@@ -1639,7 +1657,7 @@ static int hls_write_packet(AVFormatContext *s, AVPacket *pkt)
}
}
- if (hls->fmp4_init_mode || can_split && av_compare_ts(pkt->pts - hls->start_pts, st->time_base,
+ if (hls->packets_written && can_split && av_compare_ts(pkt->pts - hls->start_pts, st->time_base,
end_pts, AV_TIME_BASE_Q) >= 0) {
int64_t new_start_pos;
char *old_filename = av_strdup(hls->avf->filename);
@@ -1655,7 +1673,17 @@ static int hls_write_packet(AVFormatContext *s, AVPacket *pkt)
hls->size = new_start_pos - hls->start_pos;
if (!byterange_mode) {
- ff_format_io_close(s, &oc->pb);
+ if (hls->segment_type == SEGMENT_TYPE_FMP4 && !hls->init_range_length) {
+ avio_flush(oc->pb);
+ range_length = avio_close_dyn_buf(oc->pb, &buffer);
+ avio_write(hls->out, buffer, range_length);
+ hls->init_range_length = range_length;
+ avio_open_dyn_buf(&oc->pb);
+ hls->packets_written = 0;
+ ff_format_io_close(s, &hls->out);
+ } else {
+ ff_format_io_close(s, &oc->pb);
+ }
if (hls->vtt_avf) {
ff_format_io_close(s, &hls->vtt_avf->pb);
}
@@ -1713,6 +1741,7 @@ static int hls_write_packet(AVFormatContext *s, AVPacket *pkt)
}
}
+ hls->packets_written++;
ret = ff_write_chained(oc, stream_index, pkt, s, 0);
return ret;
diff --git a/libavformat/matroskaenc.c b/libavformat/matroskaenc.c
index 6f094c4..3073fd8 100644
--- a/libavformat/matroskaenc.c
+++ b/libavformat/matroskaenc.c
@@ -1858,6 +1858,13 @@ static int mkv_write_header(AVFormatContext *s)
av_dict_get(s->metadata, "alpha_mode", NULL, 0))
version = 4;
+ if (s->nb_streams > MAX_TRACKS) {
+ av_log(s, AV_LOG_ERROR,
+ "At most %d streams are supported for muxing in Matroska\n",
+ MAX_TRACKS);
+ return AVERROR(EINVAL);
+ }
+
for (i = 0; i < s->nb_streams; i++) {
if (s->streams[i]->codecpar->codec_id == AV_CODEC_ID_ATRAC3 ||
s->streams[i]->codecpar->codec_id == AV_CODEC_ID_COOK ||
@@ -1975,6 +1982,10 @@ static int mkv_write_header(AVFormatContext *s)
// initialize stream_duration fields
mkv->stream_durations = av_mallocz(s->nb_streams * sizeof(int64_t));
mkv->stream_duration_offsets = av_mallocz(s->nb_streams * sizeof(int64_t));
+ if (!mkv->stream_durations || !mkv->stream_duration_offsets) {
+ ret = AVERROR(ENOMEM);
+ goto fail;
+ }
ret = mkv_write_tracks(s);
if (ret < 0)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 899690d..9a6c3b3 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2422,6 +2422,8 @@ static int mov_read_stsc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
avio_rb24(pb); /* flags */
entries = avio_rb32(pb);
+ if ((uint64_t)entries * 12 + 4 > atom.size)
+ return AVERROR_INVALIDDATA;
av_log(c->fc, AV_LOG_TRACE, "track[%u].stsc.entries = %u\n", c->fc->nb_streams - 1, entries);
@@ -2714,7 +2716,7 @@ static int mov_read_ctts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
{
AVStream *st;
MOVStreamContext *sc;
- unsigned int i, j, entries, ctts_count = 0;
+ unsigned int i, entries, ctts_count = 0;
if (c->fc->nb_streams < 1)
return 0;
@@ -2747,9 +2749,8 @@ static int mov_read_ctts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
continue;
}
- /* Expand entries such that we have a 1-1 mapping with samples. */
- for (j = 0; j < count; j++)
- add_ctts_entry(&sc->ctts_data, &ctts_count, &sc->ctts_allocated_size, 1, duration);
+ add_ctts_entry(&sc->ctts_data, &ctts_count, &sc->ctts_allocated_size,
+ count, duration);
av_log(c->fc, AV_LOG_TRACE, "count=%d, duration=%d\n",
count, duration);
@@ -3327,6 +3328,7 @@ static void mov_fix_index(MOVContext *mov, AVStream *st)
// Free the old index and the old CTTS structures
av_free(e_old);
av_free(ctts_data_old);
+ av_freep(&frame_duration_buffer);
// Null terminate the index ranges array
current_index_range++;
@@ -3346,6 +3348,8 @@ static void mov_build_index(MOVContext *mov, AVStream *st)
unsigned int stps_index = 0;
unsigned int i, j;
uint64_t stream_size = 0;
+ MOVStts *ctts_data_old = sc->ctts_data;
+ unsigned int ctts_count_old = sc->ctts_count;
if (sc->elst_count) {
int i, edit_start_index = 0, multiple_edits = 0;
@@ -3414,6 +3418,28 @@ static void mov_build_index(MOVContext *mov, AVStream *st)
}
st->index_entries_allocated_size = (st->nb_index_entries + sc->sample_count) * sizeof(*st->index_entries);
+ if (ctts_data_old) {
+ // Expand ctts entries such that we have a 1-1 mapping with samples
+ if (sc->sample_count >= UINT_MAX / sizeof(*sc->ctts_data))
+ return;
+ sc->ctts_count = 0;
+ sc->ctts_allocated_size = 0;
+ sc->ctts_data = av_fast_realloc(NULL, &sc->ctts_allocated_size,
+ sc->sample_count * sizeof(*sc->ctts_data));
+ if (!sc->ctts_data) {
+ av_free(ctts_data_old);
+ return;
+ }
+ for (i = 0; i < ctts_count_old &&
+ sc->ctts_count < sc->sample_count; i++)
+ for (j = 0; j < ctts_data_old[i].count &&
+ sc->ctts_count < sc->sample_count; j++)
+ add_ctts_entry(&sc->ctts_data, &sc->ctts_count,
+ &sc->ctts_allocated_size, 1,
+ ctts_data_old[i].duration);
+ av_free(ctts_data_old);
+ }
+
for (i = 0; i < sc->chunk_count; i++) {
int64_t next_offset = i+1 < sc->chunk_count ? sc->chunk_offsets[i+1] : INT64_MAX;
current_offset = sc->chunk_offsets[i];
@@ -6416,6 +6442,7 @@ static int should_retry(AVIOContext *pb, int error_code) {
static int mov_switch_root(AVFormatContext *s, int64_t target)
{
+ int ret;
MOVContext *mov = s->priv_data;
int i, j;
int already_read = 0;
@@ -6452,8 +6479,10 @@ static int mov_switch_root(AVFormatContext *s, int64_t target)
mov->found_mdat = 0;
- if (mov_read_default(mov, s->pb, (MOVAtom){ AV_RL32("root"), INT64_MAX }) < 0 ||
- avio_feof(s->pb))
+ ret = mov_read_default(mov, s->pb, (MOVAtom){ AV_RL32("root"), INT64_MAX });
+ if (ret < 0)
+ return ret;
+ if (avio_feof(s->pb))
return AVERROR_EOF;
av_log(s, AV_LOG_TRACE, "read fragments, offset 0x%"PRIx64"\n", avio_tell(s->pb));
diff --git a/libavformat/oggdec.c b/libavformat/oggdec.c
index 97ad1a2..193a286 100644
--- a/libavformat/oggdec.c
+++ b/libavformat/oggdec.c
@@ -719,8 +719,10 @@ static int ogg_read_header(AVFormatContext *s)
"Headers mismatch for stream %d: "
"expected %d received %d.\n",
i, os->codec->nb_header, os->nb_header);
- if (s->error_recognition & AV_EF_EXPLODE)
+ if (s->error_recognition & AV_EF_EXPLODE) {
+ ogg_read_close(s);
return AVERROR_INVALIDDATA;
+ }
}
if (os->start_granule != OGG_NOGRANULE_VALUE)
os->lastpts = s->streams[i]->start_time =
diff --git a/libavformat/oggparsevp8.c b/libavformat/oggparsevp8.c
index c534ab1..b76ac71 100644
--- a/libavformat/oggparsevp8.c
+++ b/libavformat/oggparsevp8.c
@@ -125,7 +125,7 @@ static int vp8_packet(AVFormatContext *s, int idx)
os->lastdts = vp8_gptopts(s, idx, os->granule, NULL) - duration;
if(s->streams[idx]->start_time == AV_NOPTS_VALUE) {
s->streams[idx]->start_time = os->lastpts;
- if (s->streams[idx]->duration)
+ if (s->streams[idx]->duration && s->streams[idx]->duration != AV_NOPTS_VALUE)
s->streams[idx]->duration -= s->streams[idx]->start_time;
}
}
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 1a7996c..93722e3 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -1738,10 +1738,11 @@ int av_read_frame(AVFormatContext *s, AVPacket *pkt)
// last dts seen for this stream. if any of packets following
// current one had no dts, we will set this to AV_NOPTS_VALUE.
int64_t last_dts = next_pkt->dts;
+ av_assert2(wrap_bits <= 64);
while (pktl && next_pkt->pts == AV_NOPTS_VALUE) {
if (pktl->pkt.stream_index == next_pkt->stream_index &&
- (av_compare_mod(next_pkt->dts, pktl->pkt.dts, 2LL << (wrap_bits - 1)) < 0)) {
- if (av_compare_mod(pktl->pkt.pts, pktl->pkt.dts, 2LL << (wrap_bits - 1))) {
+ av_compare_mod(next_pkt->dts, pktl->pkt.dts, 2ULL << (wrap_bits - 1)) < 0) {
+ if (av_compare_mod(pktl->pkt.pts, pktl->pkt.dts, 2ULL << (wrap_bits - 1))) {
// not B-frame
next_pkt->pts = pktl->pkt.dts;
}
@@ -3882,12 +3883,6 @@ FF_ENABLE_DEPRECATION_WARNINGS
}
}
- // close codecs which were opened in try_decode_frame()
- for (i = 0; i < ic->nb_streams; i++) {
- st = ic->streams[i];
- avcodec_close(st->internal->avctx);
- }
-
ff_rfps_calculate(ic);
for (i = 0; i < ic->nb_streams; i++) {
@@ -4078,6 +4073,7 @@ find_stream_info_err:
st = ic->streams[i];
if (st->info)
av_freep(&st->info->duration_error);
+ avcodec_close(ic->streams[i]->internal->avctx);
av_freep(&ic->streams[i]->info);
av_bsf_free(&ic->streams[i]->internal->extract_extradata.bsf);
av_packet_free(&ic->streams[i]->internal->extract_extradata.pkt);
diff --git a/libavutil/arm/float_dsp_init_vfp.c b/libavutil/arm/float_dsp_init_vfp.c
index e15abf3..05873e7 100644
--- a/libavutil/arm/float_dsp_init_vfp.c
+++ b/libavutil/arm/float_dsp_init_vfp.c
@@ -36,11 +36,11 @@ void ff_butterflies_float_vfp(float *av_restrict v1, float *av_restrict v2, int
av_cold void ff_float_dsp_init_vfp(AVFloatDSPContext *fdsp, int cpu_flags)
{
- if (!have_vfpv3(cpu_flags)) {
+ if (have_vfp_vm(cpu_flags)) {
fdsp->vector_fmul = ff_vector_fmul_vfp;
fdsp->vector_fmul_window = ff_vector_fmul_window_vfp;
}
fdsp->vector_fmul_reverse = ff_vector_fmul_reverse_vfp;
- if (!have_vfpv3(cpu_flags))
+ if (have_vfp_vm(cpu_flags))
fdsp->butterflies_float = ff_butterflies_float_vfp;
}
diff --git a/libavutil/softfloat.h b/libavutil/softfloat.h
index b13d728..a651406 100644
--- a/libavutil/softfloat.h
+++ b/libavutil/softfloat.h
@@ -43,6 +43,7 @@ static const SoftFloat FLOAT_EPSILON = { 0x29F16B12, -16};
static const SoftFloat FLOAT_1584893192 = { 0x32B771ED, 1}; ///< 1.584893192 (10^.2)
static const SoftFloat FLOAT_100000 = { 0x30D40000, 17}; ///< 100000
static const SoftFloat FLOAT_0999999 = { 0x3FFFFBCE, 0}; ///< 0.999999
+static const SoftFloat FLOAT_MIN = { 0x20000000, MIN_EXP};
/**
diff --git a/tests/ffserver.regression.ref b/tests/ffserver.regression.ref
index 398c285..fd8536c 100644
--- a/tests/ffserver.regression.ref
+++ b/tests/ffserver.regression.ref
@@ -1,11 +1,11 @@
0c9639f09decbc54c9f091dcf1ca0e8f *ff-test_h.avi
e28ba75853caf975e06d92955c9f7f73 *ff-test_l.avi
a767dbdf5d1bded3450279f812f97b37 *ff-test.swf
-dc16f607e13328a832e73801cd21ec98 *ff-test_h.asf
-69337d6c8cd7ac7e626338decdbf41d3 *ff-test_l.asf
+ca209a0c67afbd3bc3bcde0840f313fc *ff-test_h.asf
+f97a91609bfc8a1857455f17c5ec101c *ff-test_l.asf
06f5a6a4c5d1c6735f4d0068e825c91f *ff-test_h.rm
1f57580f02f0317407b3b82a3d5e093f *ff-test_l.rm
-4c887dfc1dd0f6ea1a3a2be6dd32e495 *ff-test.jpg
-1d04b73b04aad27793cc762d5afabac1 *ff-test_small.jpg
-bc36c40ee34ebee6ffe50f3094aab733 *ff-test.mjpg
+e04e6ebf9584654df131f5eec881ac38 *ff-test.jpg
+f15d43e9d3630601b61a024023249bb8 *ff-test_small.jpg
+4735c72cde67000f12e9d1dbfbd975a7 *ff-test.mjpg
fd038af80560e15271ce42651093ee43 *ff-stat
--
ffmpeg packaging
More information about the pkg-multimedia-commits
mailing list