summaryrefslogtreecommitdiff
path: root/libavformat/mov.c
Commit message (Collapse)AuthorAgeFilesLines
* avformat/mov: Fix memleaks upon read_header failureAndreas Rheinhardt2020-07-021-16/+17
| | | | | | | | | | | | | | | | | By default, a demuxer's read_close function is not called automatically if an error happens when reading the header; instead it is up to the demuxer to clean up after itself in this case. The mov demuxer did this by calling its read_close function when it encountered some errors when reading the header. Yet for other errors (mostly adding side-data to streams) this has been forgotten, so that all the internal structures of the demuxer leak. This commit fixes this by making sure mov_read_close is called when necessary. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> (cherry picked from commit ac378c535be907ee383dafb430be7216a2920982) Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/mov: Don't leak MOVFragmentStreamInfo on errorAndreas Rheinhardt2020-07-011-1/+3
| | | | | | | | | Fixes Coverity issue #1441933. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 43f58f2354bfab3819e44c1a97b0af75cc091226) Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/mov: Free encryption data on errorAndreas Rheinhardt2020-07-011-2/+4
| | | | | | | | | Fixes memleak and Coverity issue #1439587. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3999c4b374c2f3786137bd7e820dd1555fc20d90) Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/mov: Fix memleakAndreas Rheinhardt2020-07-011-1/+3
| | | | | | | | | | | | | When the mov/mp4 demuxer encounters an error during decrypting a packet, it returns the error, yet doesn't free the packet, so that the packet leaks. This has been fixed in this commit. Fixes the memleaks from ticket #8150. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 34bd293b014efc816bd7aab068d7f9e4a6d3011a) Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avformat/mov: Check for EOF in mov_read_meta()Michael Niedermayer2020-01-061-1/+4
| | | | | | | | | | Fixes: Timeout (195sec -> 2ms) Fixes: 16735/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5090676403863552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 093d1f42507e07d9acb43a8a3135e4ebe3530fe2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Set fragment.found_tfhd only after TFHD has been parsedMichael Niedermayer2019-06-271-2/+1
| | | | | | | | | | | Fixes: Assertion failure Fixes: crbug971646.mp4 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 696312c487d9d8c49a087017a829d1cdcbd68651) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Skip stsd adjustment without chunksMichael Niedermayer2019-06-271-0/+2
| | | | | | | | | | | Fixes: Assertion failure Fixes: clusterfuzz-testcase-minimized-media_pipeline_integration_fuzzer-5683096400822272 Found-by: Clusterfuzz Reported-by: Dan Sanders <sandersd@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 18a567c369d74af5ef651b07c4c5615f5598616b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Fix potential integer overflow in entry check in mov_read_trun()Michael Niedermayer2019-03-311-1/+1
| | | | | | | | No testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ff13a92a6f8413402f5b3cacedda7c10d350b487) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Do not use reference stream in mov_read_sidx() if there is no ↵Michael Niedermayer2019-03-141-1/+1
| | | | | | | | | | | | reference stream Fixes: NULL pointer dereference Fixes: clusterfuzz-testcase-minimized-audio_decoder_fuzzer-5634316373721088 Reported-by: Chris Cunningham <chcunningham@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b0d8b7cb8e86367178ef0c35dcae359d820c3b27) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: fix hang while seek on a kind of fragmented mp4Charles Liu2019-02-111-9/+12
| | | | | | | | | | | | | | | | | | | | Binary searching would hang if the fragment items do NOT have timestamp for the specified stream. For example, a fmp4 consists of separated 'moof' boxes for each track, and separated 'sidx' for each segment, but no 'mfra' box. Then every fragment item only have the timestamp for one of its tracks. Example: ffmpeg -f lavfi -i testsrc -f lavfi -i sine -movflags dash+frag_keyframe+skip_trailer+separate_moof -t 1 out.mp4 ffmpeg -ss 0.5 -i out.mp4 -f null none Also fixes the hang in ticket #7572, but not the reason for having AV_NOPTS_VALUE timestamps there. Signed-off-by: Charles Liu <liuchh83@gmail.com> Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit aa25198f1b925a464bdfa83a98476f08d26c9209)
* avformat/mov: validate chunk_count vs stsc_datachcunningham2019-02-081-2/+12
| | | | | | | | | | | | Bad content may contain stsc boxes with a first_chunk index that exceeds stco.entries (chunk_count). This ammends the existing check to include cases where chunk_count == 0. It also patches up the case when stsc refers to unknown chunks, but stts has no samples (so we can simply ignore stsc). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1c15449ca9a5bfa387868ac55628397273da761f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov.c: require tfhd to begin parsing trunchcunningham2019-02-081-0/+10
| | | | | | | | | | | | Detecting missing tfhd avoids re-using tfhd track info from the previous moof. For files with multiple tracks, this may make a mess of the avindex and fragindex, which can later trigger av_assert0 in mov_read_trun(). Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3ea87e5d9ea075d5b3c0f4f8c6c48e514b454cbe) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libavformat/mov: Fix NULL-dereference read for some encrypted content.Jacob Trimble2019-01-211-3/+3
| | | | | | | | | | | | | | When reading frames, we need to use the fragment for the correct stream. Sometimes the "current" fragment is not the same as the one the frame is for. Found by Chromium's ClusterFuzz: https://crbug.com/906392 and https://crbug.com/915524 Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 555f332e7adbd492ca74fa7329c492819b52e2ed) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavf/mov: ensure only one tkhd per trakchcunningham2019-01-211-1/+11
| | | | | | | | | | | | Chromium fuzzing produced a whacky file with extra tkhds. This caused an AVStream that was already in use to be corrupted by assigning it a new id, which blows up later in mov_read_trun because the MOVFragmentStreamInfo.index_entry now points OOB. Reviewed-by: Baptiste Coudurier <baptiste.coudurier@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c9f7b6f7a9fdffa0ab8f3aa84a1f701cf5b3a6e9) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* Use QT format for audio sample descriptors depending on stsd version.Justin Ruggles2018-09-091-3/+3
| | | | | | | | | | | | | | | | | ISOBMFF does not allow AudioSampleEntryV1 in stsd version 0, so assume the descriptor format is QTFF SoundDescriptionV1. ISOBMFF does not define a version 2. This fixes audio decoding for some MP4 files generated with Apple tools. The additional fields present in SoundDescriptionV1/V2 need to be read in order to correctly read additional boxes that contain information required for decoding the stream. Fixes #7376. Also see: https://github.com/HandBrake/HandBrake/issues/1555 Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* lavf/mov: factor out setting codec_idJohn Stebbins2018-09-081-4/+1
| | | | | | Since it is performed in all cases now. Signed-off-by: James Almer <jamrial@gmail.com>
* lavf/mov: add AVCodecTag entry for GoPro metadataJohn Stebbins2018-09-081-0/+3
| | | | | | This allows for validation of the track type Signed-off-by: James Almer <jamrial@gmail.com>
* avformat/mov: Error on too large stsd entry counts.Dale Curtis2018-09-011-1/+2
| | | | | | | | | | | | Entries are always at least 8 bytes per the parsing code, so if we see an impossible entry count avoid massive allocations. This is similar to an existing check in mov_read_stsc(). Since ff_mov_read_stsd_entries() does eof checks, an alternative approach could be to clamp the entry count to atom.size / 8. Signed-off-by: Dale Curtis <dalecurtis@chromium.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Correct opus-in-mp4 pre-skip to be uint16_t versus int16_t.Dale Curtis2018-08-231-1/+1
| | | | | | | | | This field is a uint16_t, see docs: http://opus-codec.org/docs/opus_in_isobmff.html#4.3.2 Signed-off-by: Dale Curtis <dalecurtis@chromium.org> Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Allow saio/saiz in clear content.Jacob Trimble2018-08-221-0/+6
| | | | | | | | | | | | | | If there is a saio/saiz in clear content, we shouldn't create the encryption index if we don't already have one. Otherwise it will confuse the cenc_filter. The changed method is also used for senc atoms, but they should not appear in clear content. Found by Chromium's ClusterFuzz: https://crbug.com/873432 Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/av1: update ff_isom_write_av1c() to the latest revision of the specJames Almer2018-08-171-10/+8
| | | | | | | | | | This will get ISOBMFF and Matroska up to date with the revised AV1 Codec Configuration Box spec. For now keep propagating raw OBUs as extradata until all libavcodec modules are adapted to handle AV1CodecConfigurationRecord formatted extradata. Tested-by: Thomas Daede <bztdlinux@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
* lavf/mov.c: Set start_time for all streams (in case of edit lists).Sasi Inguva2018-08-111-2/+2
| | | | | | | | | Fixes vorbis mp4 audio files, with edit list specified. Since st->skip_samples is not set in case of vorbis , ffmpeg computes the start_time as negative. Signed-off-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavf/mov: Force HEVC codec_id for code-point dvh1 and an hvcC atom.Carl Eugen Hoyos2018-08-091-0/+2
| | | | | | | The mp4 registration authority accepted a code-point for Dolby Vision HEVC that was already used as a fourcc for DVCPRO 100. Fixes ticket #7347.
* avformat/mov: Check default_encrypted_sample before use in ↵Michael Niedermayer2018-07-261-0/+5
| | | | | | | | | | mov_read_sample_encryption_info() Fixes: 2018-0721-sample Fixes: null pointer dereference Found-by: Nikita Knyzhov (knnikita@yandex.ru) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: add support for AV1 streamsJames Almer2018-07-201-0/+31
| | | | Signed-off-by: James Almer <jamrial@gmail.com>
* avformat/mov: only set handler_name from mdia->hdlrGyan Doshi2018-07-161-1/+2
| | | | | | 6 FATE references updated. Fixes #7104
* avformat/mov: Simplify last element computation in mov_estimate_video_delay()Michael Niedermayer2018-07-131-3/+2
| | | | | | Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Break out of inner loop early in mov_estimate_video_delay()Michael Niedermayer2018-07-131-0/+2
| | | | | | | | | | 0.266 <- 0.299 sec (this is time ffmpeg so containing alot other things) Sample for benchmark was: ffmpeg -f rawvideo -pix_fmt yuv420p -s 32x32 -i /dev/zero -t 24:00:00.00 out.mp4 Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Eliminate variable buf_size from mov_estimate_video_delay()Michael Niedermayer2018-07-121-11/+8
| | | | | | Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: remove modulo operations from mov_estimate_video_delay()Michael Niedermayer2018-07-121-3/+7
| | | | | | | | 0.324 <-0.491 sec Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Expose encryption info to the app.Jacob Trimble2018-07-041-1/+119
| | | | | | | | | | This exposes encryption info from the container to the app. This includes key ID, IV, and subsample byte ranges. The info is passed using the new side-data AV_PKT_DATA_ENCRYPTION_DATA and AV_PKT_DATA_ENCRYPTION_INIT_DATA. Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavf/mov: Do not fail hard for truncated stsz atoms.Carl Eugen Hoyos2018-06-191-1/+2
| | | | Fixes ticket #6433.
* avformat/mov: Only set pkt->duration to non negative valuesMichael Niedermayer2018-06-141-1/+3
| | | | | Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Add check for per-sample IV size.Jacob Trimble2018-06-131-2/+7
| | | | | | | Found by Chrome's ClusterFuzz: http://crbug.com/849062. Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Fix reading saio/saiz for clear content.Jacob Trimble2018-06-091-16/+55
| | | | | | | | | | | This validates that the common encryption saio/saiz atoms only appear when the data is actually encrypted. This also ignores those atoms in clear content. Found by Chrome's ClusterFuzz: http://crbug.com/850389 Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavf/mov.c: Set st->start_time for video streams explicitly.Sasi Inguva2018-06-061-4/+16
| | | | | | | If start_time is not set, ffmpeg takes the duration from the global movie instead of the per stream duration. Signed-off-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavf/mov.c: Fix timestamps to be strictly monotonic for video also.Sasi Inguva2018-06-051-4/+5
| | | | | | | | | | | We already do this for audio, but it should be done for video too. If we don't, seeking back to the start of the file, for example, can become quite broken, since the first N packets will have repeating and nonmonotonic PTS, yet they need to be decoded even if they are to be discarded. Signed-off-by: Sasi Inguva <isasi@isasi.mtv.corp.google.com> Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* libavformat/mov: Fix heap buffer overflow.Jacob Trimble2018-06-021-3/+3
| | | | | | | Found by Chrome's ClusterFuzz: https://crbug.com/847060 Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: replace a value error by clipping into valid range in ↵Michael Niedermayer2018-05-221-3/+11
| | | | | | | | mov_read_stsc() Fixes: #7165 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Only fail for STCO/STSC contradictions if both existMichael Niedermayer2018-05-211-1/+1
| | | | | | | | Fixes regression with playback of GF9720Repeal20the20Eighth20with20Helen20Linehan.m4a See: crbug 822666 Found-by: "Mattias Wadman <mattias.wadman@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Break out early if chunk_count is 0 in mov_build_index()Michael Niedermayer2018-05-211-0/+3
| | | | | | | | | Without this some operations might overflow (undefined behavior) even though the index adding loop would never execute No testcase known Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* mov: Properly abide by the track's media durationDerek Buitenhuis2018-04-261-3/+3
| | | | | | | | | | | | | | | | | The track's media duration from the mdhd atom takes precedence over both the stts and elst atom for calculating and setting the track's total duraion. Technically, we shouldn't be using the stts atom at all for calculating stream durations. This fixes incorrect stream and final packet durations on files with edit lists that are longer than the media duration. The FATE changes are expected, and output is more correct (the AAC frame is not 1028 samples). Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* avformat/mov: Fix parsing of saio/siaz atoms in encrypted content.Jacob Trimble2018-04-211-0/+237
| | | | | | | This doesn't support saio atoms with more than one offset. Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Remove old encryption info methods.Jacob Trimble2018-04-191-91/+0
| | | | | Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Fix memory leak in encryption info.Jacob Trimble2018-04-191-0/+1
| | | | | Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Increase support for common encryption.Jacob Trimble2018-04-191-81/+313
| | | | | | | | | | | | | | | | | | - Parse schm atom to get different encryption schemes. - Allow senc atom to appear in track fragments. - Allow 16-byte IVs. - Allow constant IVs (specified in tenc). - Allow only tenc to specify encryption (i.e. no senc/saiz/saio). - Use sample descriptor to detect clear fragments. This doesn't support: - Different sample descriptor holding different encryption info. - Only first sample descriptor can be encrypted. - Encrypted sample groups (i.e. seig). - Non-'cenc' encryption scheme when using -decryption_key. Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Fix extradata memleakMichael Niedermayer2018-04-121-0/+6
| | | | | | | | Fixes: crbug 822705 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Fix parsing of tfdt when using sample descriptors.Jacob Trimble2018-04-051-1/+1
| | | | | Signed-off-by: Jacob Trimble <modmaker@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: parse multiple iTunes cover imagesTimo Teräs2018-04-011-0/+4
| | | | | | | | | Multiple cover images are supported by having multiple data atoms inside the covr atom. AtomicParsley and mutagen amongst others support and document this construct. Signed-off-by: Timo Teräs <timo.teras@iki.fi> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Move +1 in check to avoid hypothetical overflow in ↵Michael Niedermayer2018-03-261-1/+1
| | | | | | add_ctts_entry() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
View Lorry Controller Status