lavc: check media type of the decoder before calling it.

ffmpeg | branch: master | Michael Niedermayer <michaelni <at> gmx.at> | Sun Apr  1 02:57:27 2012 +0200|
[7c9d69360cd29415591816b70e722235a4319e08] | committer: Michael Niedermayer

lavc: check media type of the decoder before calling it.

This fixes a segfault where a video decoder was called
from avcodec_decode_audio*().

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni <at> gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7c9d69360cd29415591816b70e722235a4319e08
---

 libavcodec/utils.c |   14 ++++++++++++++
 1 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/libavcodec/utils.c b/libavcodec/utils.c
index 9c662c2..e63878d 100644
--- a/libavcodec/utils.c
+++ b/libavcodec/utils.c
 <at>  <at>  -1404,6 +1404,11  <at>  <at>  int attribute_align_arg avcodec_decode_video2(AVCodecContext *avctx,
AVFrame *pi
     // copy to ensure we do not change avpkt
     AVPacket tmp = *avpkt;

+    if (avctx->codec->type != AVMEDIA_TYPE_VIDEO) {
+        av_log(avctx, AV_LOG_ERROR, "Invalid media type for video\n");
+        return AVERROR(EINVAL);
+    }

avidec: better NI detection.

ffmpeg | branch: master | Michael Niedermayer <michaelni <at> gmx.at> | Sun Apr  1 09:49:32 2012 +0200|
[8df774be88c347c40f1b2411ed9e391dfec0ebb7] | committer: Michael Niedermayer

avidec: better NI detection.

The new code detects NI avis by analyzing the index.

Signed-off-by: Michael Niedermayer <michaelni <at> gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8df774be88c347c40f1b2411ed9e391dfec0ebb7
---

 libavformat/avidec.c |   29 ++++++++++++++++++++++++++++-
 1 files changed, 28 insertions(+), 1 deletions(-)

diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 9607828..0067ff9 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
 <at>  <at>  -1292,6 +1292,8  <at>  <at>  static int guess_ni_flag(AVFormatContext *s){
     int64_t last_start=0;
     int64_t first_end= INT64_MAX;
     int64_t oldpos= avio_tell(s->pb);
+    int *idx;
+    int64_t min_pos, pos;

     for(i=0; i<s->nb_streams; i++){
         AVStream *st = s->streams[i];
 <at>  <at>  -1315,7 +1317,32  <at>  <at>  static int guess_ni_flag(AVFormatContext *s){
             first_end= st->index_entries[n-1].pos;

The lt and lte functions were swapped.

ffmpeg | branch: master | maxlazarov <mlazarov <at> gmail.com> | Fri Mar 30 11:23:36 2012 -0700|
[7a3df014b9ba134aff85cb2778daebd497d8c79a] | committer: Michael Niedermayer

The lt and lte functions were swapped.

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7a3df014b9ba134aff85cb2778daebd497d8c79a
---

 libavutil/eval.c    |    4 ++--
 tests/ref/fate/eval |    6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/libavutil/eval.c b/libavutil/eval.c
index 43c70f3..ceae2ed 100644
--- a/libavutil/eval.c
+++ b/libavutil/eval.c
 <at>  <at>  -378,8 +378,8  <at>  <at>  static int parse_primary(AVExpr **e, Parser *p)
     else if (strmatch(next, "eq"    )) d->type = e_eq;
     else if (strmatch(next, "gte"   )) d->type = e_gte;
     else if (strmatch(next, "gt"    )) d->type = e_gt;
-    else if (strmatch(next, "lte"   )) { AVExpr *tmp = d->param[1]; d->param[1] = d->param[0]; d->param[0] =
tmp; d->type = e_gt; }
-    else if (strmatch(next, "lt"    )) { AVExpr *tmp = d->param[1]; d->param[1] = d->param[0]; d->param[0] =
tmp; d->type = e_gte; }
+    else if (strmatch(next, "lte"   )) { AVExpr *tmp = d->param[1]; d->param[1] = d->param[0]; d->param[0] =
tmp; d->type = e_gte; }
+    else if (strmatch(next, "lt"    )) { AVExpr *tmp = d->param[1]; d->param[1] = d->param[0]; d->param[0] =
tmp; d->type = e_gt; }
     else if (strmatch(next, "ld"    )) d->type = e_ld;
     else if (strmatch(next, "isnan" )) d->type = e_isnan;

Re: h264: use struct offsets in get_cabac_bypass_sign_x86().

Hi,

On Thu, Mar 29, 2012 at 4:32 AM, Ronald S. Bultje <git <at> videolan.org> wrote:
> ffmpeg | branch: master | Ronald S. Bultje <rsbultje <at> gmail.com> | Fri Mar 16 22:41:17 2012 -0700|
[db025929f202bc32459a1278ee06920a06564762] | committer: Ronald S. Bultje
>
> h264: use struct offsets in get_cabac_bypass_sign_x86().
>
>> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=db025929f202bc32459a1278ee06920a06564762
> ---
>
>  libavcodec/x86/cabac.h |   19 +++++++++++--------
>  1 files changed, 11 insertions(+), 8 deletions(-)
>

This change makes libavcodec crash when decoding H.264 streams involving CABAC.

(test done on Mac OS X 10.7.3 with : gcc version 4.2.1 (Based on Apple
Inc. build 5658) (LLVM build 2336.1.00))

ffmpeg -i ~/work/file.ts -an -vcodec libx264 -r 25 -profile baseline
-f mpegts /dev/null
ffmpeg version N-39459-g7a3df01 Copyright (c) 2000-2012 the FFmpeg developers
  built on Apr  1 2012 12:19:49 with llvm_gcc 4.2.1 (Based on Apple
Inc. build 5658) (LLVM build 2336.1.00)
  configuration: --yasmexe=/Users/aurelien/work/yasm-1.1.0/yasm
--prefix=/Users/aurelien/work/local/ --disable-vda --enable-shared
--disable-optimizations --disable-stripping --enable-libx264
--enable-gpl --extra-cflags='-I /Users/aurelien/work/local/include'
--extra-ldflags='-L /Users/aurelien/work/local/lib'

Re: h264: use struct offsets in get_cabac_bypass_sign_x86().

Le tridi 13 germinal, an CCXX, Aurélien Nephtali a écrit :
> ffmpeg -i ~/work/file.ts -an -vcodec libx264 -r 25 -profile baseline
> -f mpegts /dev/null

Do you need to encode and mux to reproduce the problem, or does it fail also
with with -f null or -f md5?

Can you reproduce the problem with a publicly available file, for example
one of the FATE samples? If not, can you make your file available?

> Depending of the source, the crash location is not the same.

Valgring should be able to help with that.

Regards,

--

-- 
  Nicolas George

_______________________________________________
ffmpeg-cvslog mailing list
ffmpeg-cvslog <at> ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

Re: h264: use struct offsets in get_cabac_bypass_sign_x86().

On Sun, Apr 01, 2012 at 12:30:26PM +0200, Aurélien Nephtali wrote:
> Hi,
> 
> On Thu, Mar 29, 2012 at 4:32 AM, Ronald S. Bultje <git <at> videolan.org> wrote:
> > ffmpeg | branch: master | Ronald S. Bultje <rsbultje <at> gmail.com> | Fri Mar 16 22:41:17 2012 -0700|
[db025929f202bc32459a1278ee06920a06564762] | committer: Ronald S. Bultje
> >
> > h264: use struct offsets in get_cabac_bypass_sign_x86().
> >
> >> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=db025929f202bc32459a1278ee06920a06564762
> > ---
> >
> >  libavcodec/x86/cabac.h |   19 +++++++++++--------
> >  1 files changed, 11 insertions(+), 8 deletions(-)
> >
> 
> This change makes libavcodec crash when decoding H.264 streams involving CABAC.
> 
> (test done on Mac OS X 10.7.3 with : gcc version 4.2.1 (Based on Apple
> Inc. build 5658) (LLVM build 2336.1.00))
[...]
> 0x0000000100797b8e <get_cabac_bypass_sign_x86+30>:	mov    0x4(%rsi),%edx
> 0x0000000100797b91 <get_cabac_bypass_sign_x86+33>:	mov    (%rsi),%eax
> 0x0000000100797b93 <get_cabac_bypass_sign_x86+35>:	shl    $0x11,%edx
> 0x0000000100797b96 <get_cabac_bypass_sign_x86+38>:	add    %eax,%eax
> 0x0000000100797b98 <get_cabac_bypass_sign_x86+40>:	sub    %edx,%eax
[...]
+        "movl %a5(%2), %k1                      \n\t"
+        "movl %a3(%2), %%eax                    \n\t"
         "shl $17, %k1                           \n\t"

smacker audio: sign-extend the initial 16-bit predicted value

ffmpeg | branch: release/0.10 | Franz Brauße <dev <at> karlchenofhell.org> | Fri Mar 30 14:40:14 2012 -0400|
[f9bdc93723cc38f91de68d364854e7fa6b5857eb] | committer: Carl Eugen Hoyos

smacker audio: sign-extend the initial 16-bit predicted value

Fixes Bug #265

Signed-off-by: Justin Ruggles <justin.ruggles <at> gmail.com>
(cherry picked from commit 12cbbbb4abda2de0ea123282ccf7ebee61517f7d)

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f9bdc93723cc38f91de68d364854e7fa6b5857eb
---

 libavcodec/smacker.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libavcodec/smacker.c b/libavcodec/smacker.c
index c423012..53890ef 100644
--- a/libavcodec/smacker.c
+++ b/libavcodec/smacker.c
 <at>  <at>  -668,7 +668,7  <at>  <at>  static int smka_decode_frame(AVCodecContext *avctx, void *data,
     }
     if(bits) { //decode 16-bit data
         for(i = stereo; i >= 0; i--)
-            pred[i] = av_bswap16(get_bits(&gb, 16));
+            pred[i] = sign_extend(av_bswap16(get_bits(&gb, 16)), 16);
         for(i = 0; i <= stereo; i++)
             *samples++ = pred[i];
         for(; i < unp_size / 2; i++) {

smacker audio: sign-extend the initial 16-bit predicted value

ffmpeg | branch: release/0.9 | Franz Brauße <dev <at> karlchenofhell.org> | Fri Mar 30 14:40:14 2012 -0400|
[32a79b56493d98532512715689b9fe017a2f2fa2] | committer: Carl Eugen Hoyos

smacker audio: sign-extend the initial 16-bit predicted value

Fixes Bug #265

Signed-off-by: Justin Ruggles <justin.ruggles <at> gmail.com>
(cherry picked from commit 12cbbbb4abda2de0ea123282ccf7ebee61517f7d)

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=32a79b56493d98532512715689b9fe017a2f2fa2
---

 libavcodec/smacker.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libavcodec/smacker.c b/libavcodec/smacker.c
index fdc28e1..347e94d 100644
--- a/libavcodec/smacker.c
+++ b/libavcodec/smacker.c
 <at>  <at>  -659,7 +659,7  <at>  <at>  static int smka_decode_frame(AVCodecContext *avctx, void *data,
     }
     if(bits) { //decode 16-bit data
         for(i = stereo; i >= 0; i--)
-            pred[i] = av_bswap16(get_bits(&gb, 16));
+            pred[i] = sign_extend(av_bswap16(get_bits(&gb, 16)), 16);
         for(i = 0; i <= stereo; i++)
             *samples++ = pred[i];
         for(; i < unp_size / 2; i++) {

Re: h264: use struct offsets in get_cabac_bypass_sign_x86().

Hi,

On Sun, Apr 1, 2012 at 12:46 PM, Nicolas George
<nicolas.george <at> normalesup.org> wrote:
> Le tridi 13 germinal, an CCXX, Aurélien Nephtali a écrit :
>> ffmpeg -i ~/work/file.ts -an -vcodec libx264 -r 25 -profile baseline
>> -f mpegts /dev/null
>
> Do you need to encode and mux to reproduce the problem, or does it fail also
> with with -f null or -f md5?
>
> Can you reproduce the problem with a publicly available file, for example
> one of the FATE samples? If not, can you make your file available?
>
>> Depending of the source, the crash location is not the same.
>
> Valgring should be able to help with that.
>
> Regards,

Using fate sample : CABACI3_Sony_B.jsv

~/work/local/bin/valgrind --dsymutil=yes ~/work/local/bin/ffmpeg -i
~/work/ffmpeg/fate-suite/h264-conformance/CABACI3_Sony_B.jsv -an -f
md5 /dev/null
==22892== Memcheck, a memory error detector
==22892== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==22892== Using Valgrind-3.8.0.SVN and LibVEX; rerun with -h for copyright info
==22892== Command: /Users/aurelien/work/local/bin/ffmpeg -i
/Users/aurelien/work/ffmpeg/fate-suite/h264-conformance/CABACI3_Sony_B.jsv

Re: h264: use struct offsets in get_cabac_bypass_sign_x86().

Hi,

On Sun, Apr 1, 2012 at 1:09 PM, Michael Niedermayer <michaelni <at> gmx.at> wrote:
> On Sun, Apr 01, 2012 at 12:30:26PM +0200, Aurélien Nephtali wrote:
>> Hi,
>>
>> On Thu, Mar 29, 2012 at 4:32 AM, Ronald S. Bultje <git <at> videolan.org> wrote:
>> > ffmpeg | branch: master | Ronald S. Bultje <rsbultje <at> gmail.com> | Fri Mar 16 22:41:17 2012 -0700|
[db025929f202bc32459a1278ee06920a06564762] | committer: Ronald S. Bultje
>> >
>> > h264: use struct offsets in get_cabac_bypass_sign_x86().
>> >
>> >> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=db025929f202bc32459a1278ee06920a06564762
>> > ---
>> >
>> >  libavcodec/x86/cabac.h |   19 +++++++++++--------
>> >  1 files changed, 11 insertions(+), 8 deletions(-)
>> >
>>
>> This change makes libavcodec crash when decoding H.264 streams involving CABAC.
>>
>> (test done on Mac OS X 10.7.3 with : gcc version 4.2.1 (Based on Apple
>> Inc. build 5658) (LLVM build 2336.1.00))
> [...]
>> 0x0000000100797b8e <get_cabac_bypass_sign_x86+30>:    mov    0x4(%rsi),%edx
>> 0x0000000100797b91 <get_cabac_bypass_sign_x86+33>:    mov    (%rsi),%eax
>> 0x0000000100797b93 <get_cabac_bypass_sign_x86+35>:    shl    $0x11,%edx
>> 0x0000000100797b96 <get_cabac_bypass_sign_x86+38>:    add    %eax,%eax
>> 0x0000000100797b98 <get_cabac_bypass_sign_x86+40>:    sub    %edx,%eax
> [...]