Re: [FFmpeg-devel] [PATCH] http: support retry on connection error
Pinging again... Thanks, Eran From: Eran Kornblau Sent: Sunday, October 25, 2020 3:40 PM To: FFmpeg development discussions and patches mailto:ffmpeg-devel@ffmpeg.org>> Subject: [PATCH] http: support retry on connection error Hi, This patch adds 2 options to http: - reconnect_on_status - a list of http status codes that should be retried. the list can contain explicit status codes or the strings 4xx/5xx. - reconnect_on_err - reconnects on arbitrary errors during connect, e.g. ECONNRESET/ETIMEDOUT. The retry employs the same exponential backoff logic as the existing reconnect/reconnect_at_eof flags. Related tickets: https://trac.ffmpeg.org/ticket/6066 https://trac.ffmpeg.org/ticket/7768 Thanks! Eran ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 5/5] avcodec/cfhd: check peak.offset so it stays within the 32bit range
Michael Niedermayer:
> Fixes: signed integer overflow: -2147483648 - 4 cannot be represented in type
> 'int'
> Fixes:
> 26907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5746202330267648
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer
> ---
> libavcodec/cfhd.c | 4
> 1 file changed, 4 insertions(+)
>
> diff --git a/libavcodec/cfhd.c b/libavcodec/cfhd.c
> index a2b9c7c76a..e3fbfa4b91 100644
> --- a/libavcodec/cfhd.c
> +++ b/libavcodec/cfhd.c
> @@ -617,6 +617,10 @@ static int cfhd_decode(AVCodecContext *avctx, void
> *data, int *got_frame,
> s->peak.level = 0;
> } else if (tag == -PeakLevel && s->peak.offset) {
> s->peak.level = data;
> +if (s->peak.offset < INT_MIN + 4) {
> +ret = AVERROR_INVALIDDATA;
> +goto end;
> +}
> bytestream2_seek(&s->peak.base, s->peak.offset - 4, SEEK_CUR);
> } else
> av_log(avctx, AV_LOG_DEBUG, "Unknown tag %i data %x\n", tag,
> data);
>
Is this peak.offset actually intended to be signed? And if so wouldn't
it make more sense to actually check that the buffer contains the seek
target?
- Andreas
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 3/5] avformat/utils: wrap_timestamp() is only needed for less than 64 bits
Fixes: shift exponent 64 is too large for 64-bit type 'unsigned long long'
Fixes:
26497/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5690188355076096
Fixes:
26903/clusterfuzz-testcase-minimized-ffmpeg_dem_LUODAT_fuzzer-5641466929741824
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 503e583ad0..e4a4e7651b 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -101,7 +101,7 @@ static int is_relative(int64_t ts) {
*/
static int64_t wrap_timestamp(const AVStream *st, int64_t timestamp)
{
-if (st->internal->pts_wrap_behavior != AV_PTS_WRAP_IGNORE &&
+if (st->internal->pts_wrap_behavior != AV_PTS_WRAP_IGNORE &&
st->pts_wrap_bits < 64 &&
st->internal->pts_wrap_reference != AV_NOPTS_VALUE && timestamp !=
AV_NOPTS_VALUE) {
if (st->internal->pts_wrap_behavior == AV_PTS_WRAP_ADD_OFFSET &&
timestamp < st->internal->pts_wrap_reference)
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 2/5] avformat/id3v2: Sanity check tlen before alloc and uncompress
Fixes: Timeout (>20sec -> 65ms)
Fixes:
26896/clusterfuzz-testcase-minimized-ffmpeg_dem_DAUD_fuzzer-5691024049176576
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/id3v2.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libavformat/id3v2.c b/libavformat/id3v2.c
index cecd9b9f6d..336a3964de 100644
--- a/libavformat/id3v2.c
+++ b/libavformat/id3v2.c
@@ -993,6 +993,9 @@ static void id3v2_parse(AVIOContext *pb, AVDictionary
**metadata,
av_log(s, AV_LOG_DEBUG, "Compresssed frame %s tlen=%d
dlen=%ld\n", tag, tlen, dlen);
+if (tlen <= 0)
+goto seek;
+
av_fast_malloc(&uncompressed_buffer,
&uncompressed_buffer_size, dlen);
if (!uncompressed_buffer) {
av_log(s, AV_LOG_ERROR, "Failed to alloc %ld bytes\n",
dlen);
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 5/5] avcodec/cfhd: check peak.offset so it stays within the 32bit range
Fixes: signed integer overflow: -2147483648 - 4 cannot be represented in type
'int'
Fixes:
26907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5746202330267648
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavcodec/cfhd.c | 4
1 file changed, 4 insertions(+)
diff --git a/libavcodec/cfhd.c b/libavcodec/cfhd.c
index a2b9c7c76a..e3fbfa4b91 100644
--- a/libavcodec/cfhd.c
+++ b/libavcodec/cfhd.c
@@ -617,6 +617,10 @@ static int cfhd_decode(AVCodecContext *avctx, void *data,
int *got_frame,
s->peak.level = 0;
} else if (tag == -PeakLevel && s->peak.offset) {
s->peak.level = data;
+if (s->peak.offset < INT_MIN + 4) {
+ret = AVERROR_INVALIDDATA;
+goto end;
+}
bytestream2_seek(&s->peak.base, s->peak.offset - 4, SEEK_CUR);
} else
av_log(avctx, AV_LOG_DEBUG, "Unknown tag %i data %x\n", tag,
data);
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 4/5] avformat/lvfdec: Check stream_index before use
Fixes: assertion failure
Fixes:
26905/clusterfuzz-testcase-minimized-ffmpeg_dem_LVF_fuzzer-5724267599364096.fuzz
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/lvfdec.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/libavformat/lvfdec.c b/libavformat/lvfdec.c
index 8b8d6f01b9..4c87728def 100644
--- a/libavformat/lvfdec.c
+++ b/libavformat/lvfdec.c
@@ -106,6 +106,7 @@ static int lvf_read_packet(AVFormatContext *s, AVPacket
*pkt)
unsigned size, flags, timestamp, id;
int64_t pos;
int ret, is_video = 0;
+int stream_index;
pos = avio_tell(s->pb);
while (!avio_feof(s->pb)) {
@@ -121,12 +122,15 @@ static int lvf_read_packet(AVFormatContext *s, AVPacket
*pkt)
case MKTAG('0', '1', 'w', 'b'):
if (size < 8)
return AVERROR_INVALIDDATA;
+stream_index = is_video ? 0 : 1;
+if (stream_index >= s->nb_streams)
+return AVERROR_INVALIDDATA;
timestamp = avio_rl32(s->pb);
flags = avio_rl32(s->pb);
ret = av_get_packet(s->pb, pkt, size - 8);
if (flags & (1 << 12))
pkt->flags |= AV_PKT_FLAG_KEY;
-pkt->stream_index = is_video ? 0 : 1;
+pkt->stream_index = stream_index;
pkt->pts = timestamp;
pkt->pos = pos;
return ret;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 1/5] avformat/tedcaptionsdec: Check for overflow in parse_int()
Fixes: signed integer overflow: 111 * 10 cannot be represented
in type 'long'
Fixes:
26892/clusterfuzz-testcase-minimized-ffmpeg_dem_TEDCAPTIONS_fuzzer-5756045055754240
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/tedcaptionsdec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavformat/tedcaptionsdec.c b/libavformat/tedcaptionsdec.c
index 6c25d602d6..c15aeea06c 100644
--- a/libavformat/tedcaptionsdec.c
+++ b/libavformat/tedcaptionsdec.c
@@ -172,6 +172,8 @@ static int parse_int(AVIOContext *pb, int *cur_byte,
int64_t *result)
if ((unsigned)*cur_byte - '0' > 9)
return AVERROR_INVALIDDATA;
while (BETWEEN(*cur_byte, '0', '9')) {
+if (val > INT_MAX/10 - (*cur_byte - '0'))
+return AVERROR_INVALIDDATA;
val = val * 10 + (*cur_byte - '0');
next_byte(pb, cur_byte);
}
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH] Ticket #8750 Add inline function for the vec_xl intrinsic in non-VSX environments
On Sat, 31. Oct 10:17, Andriy Gelman wrote:
> On Fri, 16. Oct 00:02, Andriy Gelman wrote:
> > On Fri, 09. Oct 20:17, Andriy Gelman wrote:
> > > From: Chip Kerchner
> > >
> > > ---
> > > libswscale/ppc/yuv2rgb_altivec.c | 10 ++
> > > 1 file changed, 10 insertions(+)
> > >
> > > diff --git a/libswscale/ppc/yuv2rgb_altivec.c
> > > b/libswscale/ppc/yuv2rgb_altivec.c
> > > index 536545293d..930ef6b98f 100644
> > > --- a/libswscale/ppc/yuv2rgb_altivec.c
> > > +++ b/libswscale/ppc/yuv2rgb_altivec.c
> > > @@ -283,6 +283,16 @@ static inline void cvtyuvtoRGB(SwsContext *c, vector
> > > signed short Y,
> > > *
> > > --
> > > */
> > >
> > > +#if !HAVE_VSX
> > > +static inline vector unsigned char vec_xl(signed long long offset, const
> > > ubyte *addr)
> > > +{
> > > +const vector unsigned char *v_addr = (const vector unsigned char *)
> > > (addr + offset);
> > > +vector unsigned char align_perm = vec_lvsl(offset, addr);
> > > +
> > > +return (vector unsigned char) vec_perm(v_addr[0], v_addr[1],
> > > align_perm);
> > > +}
> > > +#endif /* !HAVE_VSX */
> > > +
> > > #define DEFCSP420_CVT(name, out_pixels)
> > > \
> > > static int altivec_ ## name(SwsContext *c, const unsigned char **in,
> > > \
> > > int *instrides, int srcSliceY, int
> > > srcSliceH, \
> >
> > Ping.
> > This patch fixes PPC64 build on patchwork.
> >
>
> ping
>
ping
> --
> Andriy
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 5/8] tools/target_dem_fuzzer: Consider it an EIO when reading position wraps around 64bit
On Sun, Oct 25, 2020 at 12:23:09AM +0200, Michael Niedermayer wrote: > Fixes: signed integer overflow: 9223372036854775807 + 564 cannot be > represented in type 'long' > Fixes: > 26494/clusterfuzz-testcase-minimized-ffmpeg_dem_VOC_fuzzer-576754158849228 > Fixes: > 26549/clusterfuzz-testcase-minimized-ffmpeg_dem_AVS_fuzzer-4844306424397824 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > tools/target_dem_fuzzer.c | 2 ++ > 1 file changed, 2 insertions(+) will apply [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB If you fake or manipulate statistics in a paper in physics you will never get a job again. If you fake or manipulate statistics in a paper in medicin you will get a job for life at the pharma industry. signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH v4] Unbreak av_malloc_max(0) API/ABI
Hi, On Fri, Nov 6, 2020 at 11:10 AM Joakim Tjernlund < joakim.tjernl...@infinera.com> wrote: > We unbundle the ffmpeg/mesa and use system mesa/ffmpeg That's the answer to my earlier question also, thank you. I'm fine with applying this, I would suggest that the "new" (correct) behaviour should live under a major update or under a different function name, but I'll leave it to others to make a final decision there... Ronald ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 5/7] avformat/mpegts: Limit copied data to space
On Wed, Nov 04, 2020 at 11:17:53PM +0100, Marton Balint wrote:
>
>
> On Wed, 4 Nov 2020, Michael Niedermayer wrote:
>
> > Fixes: out of array access
> > Fixes:
> > 26816/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTSRAW_fuzzer-6282861159907328.fuzz
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer
> > ---
> > libavformat/mpegts.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavformat/mpegts.c b/libavformat/mpegts.c
> > index ebb09991dc..80d010db6c 100644
> > --- a/libavformat/mpegts.c
> > +++ b/libavformat/mpegts.c
> > @@ -3169,7 +3169,7 @@ static int mpegts_raw_read_packet(AVFormatContext *s,
> > AVPacket *pkt)
> > return ret;
> > }
> > if (data != pkt->data)
> > -memcpy(pkt->data, data, ts->raw_packet_size);
> > +memcpy(pkt->data, data, TS_PACKET_SIZE);
> > finished_reading_packet(s, ts->raw_packet_size);
> > if (ts->mpeg2ts_compute_pcr) {
> > /* compute exact PCR for each packet */
>
> LGTM, thanks.
will apply
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
The real ebay dictionary, page 1
"Used only once"- "Some unspecified defect prevented a second use"
"In good condition" - "Can be repaird by experienced expert"
"As is" - "You wouldnt want it even if you were payed for it, if you knew ..."
signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/2] avcodec/gdv: Remove dead check
lgtm On Sat, Nov 7, 2020 at 2:30 AM Andreas Rheinhardt < andreas.rheinha...@gmail.com> wrote: > At the end of its decode function, the decoder sets *got_frame to 1 and > then checks whether ret is < 0; if so, it is returned, otherwise > avpkt->size is. But it is impossible for ret to be < 0 here and if it > were, it would be nonsense to set *got_frame to 1 before this. Therefore > just return avpkt->size unconditionally. > > Fixes Coverity issue #1439730. > > Signed-off-by: Andreas Rheinhardt > --- > libavcodec/gdv.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavcodec/gdv.c b/libavcodec/gdv.c > index f00f3ac145..2be1e2ea7f 100644 > --- a/libavcodec/gdv.c > +++ b/libavcodec/gdv.c > @@ -551,7 +551,7 @@ static int gdv_decode_frame(AVCodecContext *avctx, > void *data, > > *got_frame = 1; > > -return ret < 0 ? ret : avpkt->size; > +return avpkt->size; > } > > static av_cold int gdv_decode_close(AVCodecContext *avctx) > -- > 2.25.1 > > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/2] Revert "avcodec/adpcm_swf: support decoding multiple fixed-sized blocks at once"
Is incorrect behaviour. Was covering for an encoder bug where it produced frames of the wrong size. Fixes: out of array write Fixes: 26821/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_SWF_fuzzer-5764465137811456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg This reverts commit e9dd73d30d09043446ac6dd7b8ad31e557873852. Signed-off-by: Zane van Iperen Will apply series. ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
