1023 Commits

Author SHA1 Message Date
Janne Grunau
0b300daad2 h264: error out on unset current_picture_ptr for h->current_slice > 0
Fixes a segfault with fuzzed sample sample_varPAR_s11622_r001-02.avi.

CC: libav-stable@libav.org
2012-12-02 23:24:53 +01:00
Janne Grunau
c1fcf563b1 h264: check context state before decoding slice data partitions
Fixes mov_h264_aac__Demo_FlagOfOurFathers.mov.SIGSEGV.4e9.656.

Found-by: Mateusz "j00ru" Jurczyk
CC: libav-stable@libav.org
2012-11-29 14:40:05 +01:00
Janne Grunau
d5e83122bd h264: set Picture.owner2 to the current thread
This does not seem to have an effect currently. Fate-h264 passes with
THREADS=1..16 and both threading types as before. It fixes however a
segfault during error resilience with my adaptive-frame-mt patchset.
A picture in use during error resilience gets realloced in another
thread in the fuzzed sample sample_varPAR.avi_s226019.
2012-11-27 12:26:33 +01:00
Janne Grunau
6e5cdf2628 h264: check ref_count validity for num_ref_idx_active_override_flag
Fixes segfault in the fuzzed sample bipbop234.ts_s226407.

CC: libav-stable@libav.org
2012-11-27 12:26:33 +01:00
Janne Grunau
150b2361ca h264: add missing new line to log message 2012-11-27 12:26:33 +01:00
Janne Grunau
706acb558a h264: enable low delay only if no delayed frames were seen
Dropping frames is undesirable but that is the only way by which the
decoder could return to low delay mode. Instead emit a warning and
continue with delayed frames.
Fixes a crash in fuzzed sample nasa-8s2.ts_s20033 caused by a larger
than expected has_b_frames value. Low delay keeps getting re-enabled
from a presumely broken SPS.

CC: libav-stable@libav.org
2012-11-26 10:25:39 +01:00
Janne Grunau
e6160bda98 h264: Fix parameters to ff_er_add_slice() call
s->mb_x is reset to zero a couple of lines above. It does not make
sense to call ff_er_add_slice() with 0 as endx when the end of the
macroblock row was reached. Fixes unnecessary and counterproductive
error resilience in https://bugzilla.libav.org/show_bug.cgi?id=394.

CC: libav-stable@libav.org
2012-11-16 13:18:28 +01:00
Janne Grunau
60b6b8c019 h264: always check ref_count for validity
Fixes a crash with zuffed files.
2012-11-16 13:18:28 +01:00
Diego Biurrun
f75f4194d1 Restructure av_log_missing_feature message
Some invocations include a verb in the log message, others do not.  Yet
av_log_missing_feature expects callers to provide a verb.  Change the
function to include a verb instead and update the callers accordingly.
The result is a more natural function API and correct English in the
function invocations.
2012-10-09 11:39:26 +02:00
Anton Khirnov
716d413c13 Replace PIX_FMT_* -> AV_PIX_FMT_*, PixelFormat -> AVPixelFormat 2012-10-08 07:13:26 +02:00
Diego Biurrun
9c6cf7f2c9 avcodec: Drop silly and/or broken printf debug output 2012-10-01 10:24:28 +02:00
Jindřich Makovička
1a8c6917f6 h264: avoid stuck buffer pointer in decode_nal_units
When decode_nal_units() previously encountered a NAL_END_SEQUENCE,
and there are some junk bytes left in the input buffer, but no start codes,
buf_index gets stuck 3 bytes before the end of the buffer.

This can trigger an infinite loop in the caller code, eg. in
try_decode_trame(), as avcodec_decode_video() then keeps returning zeroes,
with 3 bytes of the input packet still available.

With this change, the remaining bytes are skipped so the whole packet gets
consumed.

CC:libav-stable@libav.org

Signed-off-by: Jindřich Makovička <makovick@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2012-09-29 19:31:17 +02:00
Michael Niedermayer
5e997688f8 h264: Remove an assert on current_picture_ptr being null
It is possible in various error paths as well as gap handling
that this has already been allocated. It is not clear why that
would be a problem with the current code, thus disable the
assert to avoid a common assert failure when asserts are enabled.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-09-05 14:28:41 +03:00
Martin Storsjö
6f5b1a2ba4 h264: Check that the codec isn't null before accessing it
This fixes crashes introduced by 2e8f3cbcda5, the codec can be null
when called from parsers.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-08-28 18:15:38 +03:00
Uoti Urpala
2e8f3cbcda h264: vdpau: fix crash with unsupported colorspace
The h264_vdpau decoder crashed if output colorspace was not 8-bit 420.
Add a check to error out instead (current hardware does not support
other colorspaces, so successful decoding is not possible).

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-08-17 20:08:53 +03:00
Anton Khirnov
36ef5369ee Replace all CODEC_ID_* with AV_CODEC_ID_* 2012-08-07 16:00:24 +02:00
Ronald S. Bultje
58db34aa1e h264: refactor NAL decode loop
Write out the NAL decoding loops in full so that they are easier
to parse for a preprocessor without it having to be aware of macros
or other such things in C code.

This also makes the code more readable.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2012-07-23 16:27:53 +02:00
Mans Rullgard
28fff0d974 h264: use templates to avoid excessive inlining
Instead of inlining everything into ff_h264_hl_decode_mb(), use
explicit templating to create versions of the called functions
with constant parameters filled in.  This greatly speeds up
compilation of h264.c and reduces the code size without any
measurable impact on performance.

Compilation time for h264.c on an i7 goes from 30s to 5.5s.
Code size is reduced by 430kB.

Signed-off-by: Mans Rullgard <mans@mansr.com>
2012-07-05 11:50:18 +01:00
Diego Biurrun
09f211987c misc typo and wording fixes 2012-07-03 17:35:11 +02:00
Mans Rullgard
30f515091c h264: allow cropping to AVCodecContext.width/height
Override the frame size from the SPS with AVCodecContext values
if the latter specify a size smaller by less than one macroblock.
This is required for correct cropping of MOV files from Canon cameras.

Signed-off-by: Mans Rullgard <mans@mansr.com>
2012-06-09 15:08:52 +01:00
Ronald S. Bultje
732f9fcfe5 h264: additional protection against unsupported size/bitdepth changes.
Fixes crashes in codepaths not covered by original checks.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-05-02 10:19:37 -07:00
Diego Biurrun
0becb07842 h264: Factorize declaration of mb_sizes array. 2012-04-05 17:17:22 +02:00
Anton Mitrofanov
14af74e9a0 h264: fix 4:2:2 PCM-macroblocks decoding
Fixes bug 239.

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-04-04 19:34:39 +02:00
Diego Biurrun
3dde147ff9 cosmetics: Consistently place static, inline and av_cold attributes/keywords. 2012-04-04 14:54:13 +02:00
Diego Biurrun
b691fd7a4d h264: drop ff_h264_ prefix from static function ff_h264_decode_rbsp_trailing() 2012-03-30 17:47:12 +02:00
Diego Biurrun
9ad80ef3db h264: Make ff_h264_decode_end() static, it is not used externally.
Also drop the now unnecessary ff_ prefix from its name.
2012-03-30 17:46:52 +02:00
Ronald S. Bultje
1e26a48fa2 h264: fix deadlocks on incomplete reference frame decoding.
If decoding a second complementary field, and the first was
decoded in our thread, mark decoding of that field as complete.
If decoding fails, mark the decoded field/frame as complete.
Do not allow switching between field modes or field/frame mode
between slices within the same field/frame. Ensure that two
subsequent fields cover top/bottom (rather than top/frame,
bottom/frame or such nonsense situations).

Fixes various deadlocks when decoding samples with errors in
reference frames.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-16 15:31:00 -07:00
Diego Biurrun
e5d403720e h264: K&R formatting cosmetics
Also remove some disabled code and fix a few comment typos.
2012-03-16 20:35:37 +01:00
Ronald S. Bultje
e0febda22d h264: stricter reference limit enforcement.
Progressive images can have only 16 references, error out if there are
more, since the data is almost certainly corrupt, and the invalid value
will lead to random crashes or invalid writes later on.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-14 13:24:49 -07:00
Michael Niedermayer
3aa661ec56 h264: improve parsing of broken AVC SPS
Parsing the entire NAL as SPS fixes decoding of some AVC bitstreams
with broken escaping. Since the size of the NAL unit is known and
checked against the buffer end we can parse it entirely without buffer
overreads.

Fixes playback of
http://streams.videolan.org/streams/mp4/Mr_MrsSmith-h264_aac.mp4

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
2012-03-13 00:31:52 +01:00
Janne Grunau
8a6037c390 Revert "h264: clear trailing bits in partially parsed NAL units"
This reverts commit 729ebb2f185244b0ff06d48edbbbbb02ceb4ed4e.

There was an off-by-one error in the bit mask calculation clearing
actually the last valid bit and causing
http://bugzilla.libav.org/show_bug.cgi?id=227

The broken sample (Mr_MrsSmith-h264_aac.mp4) the commit was fixing
does not work after correcting the off-by-one error.

CC: libav-stable@libav.org
2012-03-12 22:46:56 +01:00
Alex Converse
3574a85ce5 Replace computations of remaining bits with calls to get_bits_left(). 2012-03-05 11:22:11 -08:00
Diego Biurrun
324deaa268 Replace AVFrame pointer type punning by proper struct member assignments. 2012-03-01 23:11:13 +01:00
Diego Biurrun
47c0ac96aa Replace AVFrame pointer casts by proper struct member accesses. 2012-03-01 23:11:11 +01:00
Ronald S. Bultje
0ce4fe482c h264: error out on invalid bitdepth.
Fixes invalid reads while initializing the dequant tables, which uses
the bit depth to determine the QP table size.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-01 12:15:51 -08:00
Martin Storsjö
efd29844eb mpegvideo: Add ff_ prefix to nonstatic functions
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-02-15 22:07:23 +02:00
Martin Storsjö
9cf0841ef3 dsputil: Add ff_ prefix to the dsputil*_init* functions
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-02-15 22:06:34 +02:00
Ronald S. Bultje
45b7bd7c53 h264: disallow constrained intra prediction modes for luma.
Conversion of the luma intra prediction mode to one of the constrained
("alzheimer") ones can happen by crafting special bitstreams, causing
a crash because we'll call a NULL function pointer for 16x16 block intra
prediction, since constrained intra prediction functions are only
implemented for chroma (8x8 blocks).

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-02-09 22:57:01 -08:00
Diego Biurrun
631f96f959 h264: Split h264-test off into a separate file - golomb-test.c.
The new name is more appropriate as only golomb functions are tested.
2012-01-31 19:56:12 +01:00
Diego Biurrun
4ff46af039 h264-test: cleanup: drop timer invocations, commented out code and other cruft 2012-01-31 19:56:11 +01:00
Diego Biurrun
3856a2aaa6 h264-test: Remove unused DSP and AVCodec contexts and related init calls.
This also avoids a segfault on startup.
2012-01-31 19:56:09 +01:00
Diego Biurrun
55b9ef18e4 cabac: split cabac.h into declarations and function definitions
This fixes standalone compilation of some decoders with --disable-optimizations.
cabac.h defines some inline functions that use symbols from cabac.c.  Without
optimizations these inline functions are not eliminated and linking fails with
references to non-existing symbols.

Splitting the inline functions off into their own header and only #including
it in the places where the inline functions are used allows #including cabac.h
from anywhere without ill effects.
2012-01-12 23:08:23 +01:00
Diego Biurrun
a7e3cb9d32 h264-test: Initialize AVCodecContext.av_class.
This fixes a segfault on startup.

Also remove a commented-out and completely unused variable.
2012-01-07 22:13:10 +01:00
Diego Biurrun
301fb92131 h264: Only use symbols from the SVQ3 decoder under proper conditionals.
Fixes --disable-everything --enable-decoder=h264 --disable-optimizations.
2012-01-06 13:37:53 +01:00
Ronald S. Bultje
400ba1d735 h264: return index in buffer on end-of-sequence.
Fixes hangs if the last packet contains an end-of-sequence NAL unit,
bug 158.
2012-01-03 19:50:22 -08:00
Diego Biurrun
54e68fb3b8 Merge some declarations and initializations.
This fixes compilation failures related to START_TIMER/STOP_TIMER macros and
-Werror=declaration-after-statement.  START_TIMER declares variables and thus
may not be placed after statements outside of a new block.
2012-01-04 01:28:28 +01:00
Janne Grunau
881a5e047d mpegenc: use avctx->slices as number of slices
Adds a new member to MpegEncContext to hold the number of used slice
contexts. Fixes segfaults with '-threads 17 -thread_type slice' and
fate-vsynth{1,2}-mpeg{2,4}thread{,_ilace} with --disable-pthreads.
2012-01-02 19:20:23 +01:00
Alexander Strange
bc6a3bd4a5 h264: Fix a possible overread in decode_nal_units()
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2011-12-23 08:32:18 +01:00
Janne Grunau
729ebb2f18 h264: clear trailing bits in partially parsed NAL units
Trailing bits are likely to be non-zero if the NAL unit is truncated.
Clearing the bits make overreads of the bitstream less likely in this
case. Fixes playback of
http://streams.videolan.org/streams/mp4/Mr_MrsSmith-h264_aac.mp4 which
has a forbidden byte sequence of 0x00 0x00 0x00 in it SPS.
2011-12-19 23:14:21 +01:00
Janne Grunau
358ea75e9e Revert "h264: skip start code search if the size of the nal unit is known"
This reverts commit 87eebb3454ff0cd6af6ebf9e1d31bdfd1c3b601b.
2011-12-19 03:24:32 +01:00