On the first iteration through this code, last_dts is always
INT64_MIN (AV_NOPTS_VALUE) and the subtraction overflows in
an invalid manner. Although the result is only used if the
input values are valid, performing the subtraction is still
not allowed in a strict environment.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit a31e9f68a4)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
On OS X, av_malloc(0) returns pointers that cause crashes when
freed.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit e81e5e8ad2)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This prevents sending a packet with data=NULL size=AVERROR_EOF.
(cherry picked from commit b15a9888a8)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Converting to double before the multiplication rather than after
avoids an integer overflow in some cases.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit 52767d891c)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
It supports passing options to codecs.
(cherry picked from commit a67c061e0f)
Conflicts:
libavformat/utils.c
Signed-off-by: Anton Khirnov <anton@khirnov.net>
If the demuxer did not set a codec_tag, there is none and
inventing one makes no sense. This change stops the rawvideo
"decoder" over-writing user-supplied pixfmt with one derived
from the codec_tag. The pixfmt-codec_tag-pixfmt round-trip
is lossy since several pixfmts map to the same codec_tag.
This fixes fate-lavf-pixfmt with avfilter disabled.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit bb416bd68c)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Whitespace of the patch cleaned up by Aurel
Some of the issues have been reported by Steve Manzuik / Microsoft Vulnerability Research (MSVR)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 956c901c68)
Further suggestions from Kostya <kostya.shishkov@gmail.com> have been
implemented by Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 77d2ef13a8)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
st may be NULL when there are more mov streams than AVStreams, e.g. when
chapters are present.
(cherry picked from commit c92a2a4eb8)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
On allocation, the array length is multiplied by sizeof(int64_t),
this prevents the multiplication from overflowing.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit a246cefa75)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Between ogg_save() and ogg_restore() calls, the number of streams
could have been reduced.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 0e7efb9d23)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
init_get_bits() takes a number of bits and not a number of bytes as
its size argument.
Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit b59efc9434)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Metadata currently is written only at the start of the file in normal
cases, when transcoding from a rtmp source metadata could be
written later and the offset recorded can exceed 32bit.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 7f5bf4fbaf)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This prevents out of bounds reads when extradata is being decoded.
(cherry picked from commit 1f6f58d585)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
According to MPEG-TS specs, the continuity_counter shall not be
incremented when the adaptation_field_control of the packet
equals '00' or '10'.
Signed-off-by: Jindrich Makovicka <jindrich.makovicka@nangu.tv>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 8923cfa328)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Set DV packet durations using fields_per_frame.
This requires turning gxf_stream_info into the demuxer's context for access to the value in gxf_packet().
Since MPEG-2 seems to work fine this done only for DV.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 99fecc64b0)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Parse the extension flag bit when reading the MPEG4 AudioSpecificConfig.
This has nothing to do with SBR/PS contradictory to what was noted when it was removed.
(cherry picked from commit 7f01a4192c)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
EBML_STOP leaves matroska->current_id set. Then matroska_read_seek changes
the stream position without resetting current_id. The next
matroska_parse_cluster fails due to calculation of incorrect pos. So clear
current_id when avio_seek happens in matroska_read_seek.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit cdc2c1c576)
Specifically crafted samples can reinit ogg->streams[] while
reading samples, and thus we should not cache old pointers since
these may no longer be valid.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 4cc3467e7a)
Do not use Doxygen for comments that apply to specific implementation
details; merge some duplicated Doxygen comment blocks.
(cherry picked from commit f75e3da535)
Before this, almost all module groups have been used for grouping functions
and fields in structures semantically. This causes them to not appear
properly in the file documentation and needlessly clutters up the "Modules"
index.
Additionally, this commit streamlines some spelling and appearances.
(cherry picked from commit 21a19b7912)
convert the comment that documents the metadata API to use
the doxygen markup
(cherry picked from commit 1a53a438dc)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
av_open_input_stream used to allow this, even though it makes no sense.
Make it just print a warning instead of failing, thus restoring
compatibility.
Note that avformat_open_input() will still reject this combination.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 4f731c4429)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
ogg_save() copies streams[], but doesn't keep track of free()'ed
struct members. Thus, if in between a call to ogg_save() and
ogg_restore(), streams[].private was free()'ed, this would result
in a double free -> crash, which happened when e.g. playing small
chained ogg fragments.
(cherry picked from commit 9ed6cbc3ee)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
These blocks don't report audio stream parameters and they are not needed
for decoding.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit cb7b55b096)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
