[issue1907] Potential SEGV in h264_mp4toannexb_bsf.c
New submission from Thomas Devanneaux thom...@gmail.com: Invalid h264 NAL size might cause a read overflow and a SEGV when applying the h264_mp4toannexb filter. Here is a patch: Index: h264_mp4toannexb_bsf.c === --- h264_mp4toannexb_bsf.c (revision 22986) +++ h264_mp4toannexb_bsf.c (working copy) @@ -56,6 +56,7 @@ H264BSFContext *ctx = bsfc-priv_data; uint8_t unit_type; uint32_t nal_size, cumul_size = 0; +const uint8_t *buf_end = buf + buf_size; /* nothing to filter */ if (!avctx-extradata || avctx-extradata_size 6) { @@ -109,6 +110,9 @@ *poutbuf_size = 0; *poutbuf = NULL; do { +if (buf + ctx-length_size buf_end) +goto fail; + if (ctx-length_size == 1) nal_size = buf[0]; else if (ctx-length_size == 2) @@ -119,6 +123,9 @@ buf += ctx-length_size; unit_type = *buf 0x1f; +if (buf + nal_size buf_end) +goto fail; + /* prepend only to the first type 5 NAL unit of an IDR picture */ if (ctx-first_idr unit_type == 5) { alloc_and_copy(poutbuf, poutbuf_size, @@ -139,6 +146,12 @@ } while (cumul_size buf_size); return 1; + + fail: +av_free(*poutbuf); +*poutbuf_size = 0; +*poutbuf = NULL; +return AVERROR(EINVAL); } static void h264_mp4toannexb_close(AVBitStreamFilterContext *bsfc) -- messages: 10274 priority: normal status: new substatus: new title: Potential SEGV in h264_mp4toannexb_bsf.c type: patch FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1907
[issue1907] Potential SEGV in h264_mp4toannexb_bsf.c
Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at added the comment: Could you upload a sample triggering the crash? -- status: new - open substatus: new - needs_more_info FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1907
[issue1908] Conceiva ConvertHQ violates the LGPL
New submission from Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at: I installed Conceiva ConvertHQ. Not surprisingly, avcodec.dll, avformat.dll, lame_enc.dll are installed. Not at all surprisingly, the EULA is incompatible, no credits are shown, no sources are offered. About box says: ConvertHQ Version 1.1.1.1 Copyright (c) 2008 Conceiva Pty.Ltd. Portions of this product have been licensed from JUNGLE, Inc. Warning: This program is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this program, or any portion of it, may result in severe civil and criminal penalties. (How very true!) -- files: Converter.txt messages: 10276 priority: normal status: open substatus: open title: Conceiva ConvertHQ violates the LGPL topic: (L)GPL violation FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1908 END-USER LICENSE AGREEMENT FOR CONCEIVA SOFTWARE IMPORTANT-READ CAREFULLY: This End-User License Agreement (EULA) is a legal agreement between you (either an individual or a single entity) and Conceiva Pty. Ltd. for the Conceiva software accompanying this EULA, which includes computer software and may include online or electronic documentation (SOFTWARE PRODUCT or SOFTWARE). By exercising your rights to make and use copies of the SOFTWARE PRODUCT, you agree to be bound by the terms of this EULA. If you do not agree to the terms of this EULA, promptly notify Conceiva Pty. Ltd. SOFTWARE PRODUCT LICENSE The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The SOFTWARE PRODUCT is licensed, not sold. 1. GRANT OF LICENSE. This EULA grants you the following rights: - Systems Software. You may install and use one copy of the SOFTWARE PRODUCT on a single computer. - Storage/Network Use. You may also store or install a copy of the SOFTWARE PRODUCT on a storage device, such as a network server, used only to install or run the SOFTWARE PRODUCT on your other computers over an internal network; however, you must acquire and dedicate a license for each separate computer on which the SOFTWARE PRODUCT is installed or run from the storage device. A license for the SOFTWARE PRODUCT may not be shared or used concurrently on different computers. 2. DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS. - Limitations on Reverse Engineering, Decompilation, and Disassembly. This EULA is your proof of license to exercise the rights granted herein and must be retained by you. You may not reverse engineer, decompile, or disassemble the SOFTWARE PRODUCT, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation. - Separation of Components. The SOFTWARE PRODUCT is licensed as a single product. Its component parts may not be separated for use on more than one computer. - Rental. You may not rent or lease the SOFTWARE PRODUCT. - Software Transfer. You may permanently transfer all of your rights under this EULA, provided you retain no copies, you transfer all of the SOFTWARE PRODUCT (including all component parts, any upgrades, this EULA) and, and the recipient agrees to the terms of this EULA. - Termination. Without prejudice to any other rights, Conceiva Pty. Ltd. may terminate this EULA if you fail to comply with the terms and conditions of this EULA. In such event, you must destroy all copies of the SOFTWARE PRODUCT and all of its component parts. 3. COPYRIGHT. All title and copyrights in and to the SOFTWARE PRODUCT, and any copies of the SOFTWARE PRODUCT, are owned by Conceiva Pty. Ltd. or its suppliers. The SOFTWARE PRODUCT is protected by copyright laws and international treaty provisions. Therefore, you must treat the SOFTWARE PRODUCT like any other copyrighted material except that you may either (a) make one copy of the SOFTWARE PRODUCT solely for backup or archival purposes, or (b) install the SOFTWARE PRODUCT on a single computer provided you keep the original solely for backup or archival purposes. 4. NO LIABILITY FOR CONSEQUENTIAL DAMAGES. In no event shall Conceiva Pty. Ltd. or its suppliers be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or any other pecuniary loss) arising out of the use of or inability to use this SOFTWARE PRODUCT, even if Conceiva Pty. Ltd. has been advised of the possibility of such damages. 5. LIMITED WARRANTY. Conceiva Pty. Ltd. warrants that the SOFTWARE PRODUCT will perform substantially in accordance with the accompanying written materials for a period of ninety (90) days from the date of receipt. To the extent allowed by applicable law, implied warranties on the SOFTWARE PRODUCT and hardware, if any, are
[issue1901] RGB24 raw avi decoder doesn't respect DIB standard structure
pal_64 pieradrien.lefeb...@gmail.com added the comment: I browsed Mplayer source code and you are right it doesn't use ffmpeg codecs to decode raw files. Nevertheless, I've done the same analysis with VLC and it seems to rely directly on FFMPEG codecs and that's the same thing with image processing libraries (e.g. OpenCV). So I'm a bit desappointed using FFMPEG here... FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1901
[issue488] License violation by Conceiva
Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at added the comment: I just installed Mezzmo: After choosing Japanese as installation language, the attached - incompatible - EULA was shown (I did not attach a translation, but the version actually shown). Apart from this (imo undeniable) issue: Ronald, are you sure that Mezzmo (the English version) is fulfilling section 3.a (I assume b and c are not relevant) of the GPL? In what way does Conceiva accompany [the program] with the complete corresponding machine-readable source code? Note that the source code is not mentioned in the About box or the EULA, so how does the average user know about it? Will re-add to Shame. -- status: closed - open substatus: fixed - open FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue488 END-USER LICENSE AGREEMENT FOR CONCEIVA SOFTWARE IMPORTANT-READ CAREFULLY: This End-User License Agreement (EULA) is a legal agreement between you (either an individual or a single entity) and Conceiva Pty. Ltd. for the Conceiva software accompanying this EULA, which includes computer software and may include online or electronic documentation (SOFTWARE PRODUCT or SOFTWARE). By exercising your rights to make and use copies of the SOFTWARE PRODUCT, you agree to be bound by the terms of this EULA. If you do not agree to the terms of this EULA, promptly notify Conceiva Pty. Ltd. SOFTWARE PRODUCT LICENSE The SOFTWARE PRODUCT is protected by copyright laws and international copyright treaties, as well as other intellectual property laws and treaties. The SOFTWARE PRODUCT is licensed, not sold. 1. GRANT OF LICENSE. This EULA grants you the following rights: - Systems Software. You may install SOFTWARE PRODUCT on multiple computers, but you can only use SOFTWARE PRODUCT on a single computer at any one time. You are not permitted to run more than one copy of SOFTWARE PRODUCT concurrently on different computers. You must acquire and dedicate a license for each concurrent use of the SOFTWARE PRODUCT. - Storage/Network Use. You may also store or install a copy of the SOFTWARE PRODUCT on a storage device, such as a network server, used only to install or run the SOFTWARE PRODUCT on your other computers over an internal network; however, you must acquire and dedicate a license for each concurrent use of the SOFTWARE PRODUCT. A license for the SOFTWARE PRODUCT may not be used concurrently on different computers. 2. DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS. - Limitations on Reverse Engineering, Decompilation, and Disassembly. This EULA is your proof of license to exercise the rights granted herein and must be retained by you. You may not reverse engineer, decompile, or disassemble the SOFTWARE PRODUCT, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation. A special exception applies to FFmpeg. You are permitted to reverse engineer the FFmpeg program that is included in SOFTWARE PRODUCT. - Separation of Components. The SOFTWARE PRODUCT is licensed as a single product. Its component parts may not be separated for use on more than one computer, with the exception of FFmpeg. - Rental. You may not rent or lease the SOFTWARE PRODUCT. - Software Transfer. You may permanently transfer all of your rights under this EULA, provided you retain no copies, you transfer all of the SOFTWARE PRODUCT (including all component parts, any upgrades, this EULA) and, and the recipient agrees to the terms of this EULA. - Termination. Without prejudice to any other rights, Conceiva Pty. Ltd. may terminate this EULA if you fail to comply with the terms and conditions of this EULA. In such event, you must destroy all copies of the SOFTWARE PRODUCT and all of its component parts. 3. COPYRIGHT. All title and copyrights in and to the SOFTWARE PRODUCT, and any copies of the SOFTWARE PRODUCT, are owned by Conceiva Pty. Ltd., its suppliers or its technology providers. The SOFTWARE PRODUCT is protected by copyright laws and international treaty provisions. Therefore, you must treat the SOFTWARE PRODUCT like any other copyrighted material except that you may either (a) make one copy of the SOFTWARE PRODUCT solely for backup or archival purposes, or (b) install the SOFTWARE PRODUCT on a single computer provided you keep the original solely for backup or archival purposes. 4. NO LIABILITY FOR CONSEQUENTIAL DAMAGES. In no event shall Conceiva Pty. Ltd. or its suppliers be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or any other pecuniary loss) arising out of the use of or inability to use this SOFTWARE PRODUCT, even if Conceiva Pty. Ltd. has been advised of the possibility of such damages. 5. LIMITED WARRANTY.
[issue488] License violation by Conceiva
Ronald S. Bultje rsbul...@gmail.com added the comment: provided that you also do one of the following, as per section 3. Assuming their about dialog/eula/website has a link to the source, that fullfills 3b, so 3a no longer applies. FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue488
[issue272] ConvertXtoDVD license violation
Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at added the comment: Latest versions incompatible EULA uploaded. -- status: closed - open substatus: fixed - open FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue272 LICENCE DUTILISATION Veuillez lire la licence dutilisation du logiciel ConvertXtoDVD Configuration minimum requise / logiciel fonctionnant sur : Windows 98/2000/XP/Vista/7 LICENCE DUTILISATION DE ConvertXtoDVD IMPORTANT - A LIRE ATTENTIVEMENT : Cette licence dutilisation est un accord légal entre vous (un individu ou une entité unique) et VSO Software pour le logiciel ConvertXtoDVD de VSO Software, qui inclut le logiciel dordinateur et peut inclure une documentation en ligne ou électronique (« SOFTWARE »). En installant, en copiant, ou autrement en employant le LOGICIEL, vous acceptez dêtre liés par les limites de cette licence dutilisation. Si vous nêtes pas daccord sur les limites de cet accord, ninstallez pas, ne copier pas ou nemployez pas le LOGICIEL. Le logiciel est la propriété de VSO Software et est protégé par les lois françaises de la propriété intellectuelle, les dispositions de traités internationaux ou autres lois nationales. 1. DÉFINITIONS La définition des termes contenus dans cette section, sappliquera dès que de tels termes sont employés dans cet accord, et dans tous les amendements ci-joint : AMÉLIORATIONS : signifie la correction de tous les défauts. Ces défauts sont en fait très complexes et peuvent être impossibles à corriger dans « létat actuel de lart ». Il nest pas donc possible pour VSO SOFTWARE de promettre des corrections systématiques. VSO SOFTWARE sengage à noter toutes les améliorations souhaitables et à produire de nouvelles versions améliorées quand des défauts possibles dextraction ont été établis. CARACTÉRISTIQUES : signifie que les paramètres dexécution fonctionnels du programme licencié seront efficaces dès la date de cet accord. BUGS : signifie que tous les défauts sérieux empêchant lutilisation normale de lordinateur, par exemple, en écrivant un CD qui causera un bug dans le système. La correction dun bug conduit à mettre à jour le programme licencié. 2. LICENCE DE LOGICIEL. Concernant les dispositions contenues ci-dessus, VSO SOFTWARE vous accorde une licence non-exclusive et non transmissible pour employer la version de code objet du logiciel gratuitement, et un nombre illimité dutilisations, avec un message en filigrane apparaissant sur chaque conversion effectuée par le LOGICIEL. Si vous employez ce logiciel sans le message en filigrane, des honoraires denregistrement sont exigés comme décrit sous la fiche de ConvertXtoDVD. Une clef dactivation sera fournie après enregistrement pour activer la version complète enregistrée. Cette clef est strictement personnelle et vous ne pouvez en aucun cas transférer, envoyer, ou en faire de la publicité. Lutilisation sans enregistrement de ConvertXtoDVD sans le message en filigrane ou après duplication de la clef denregistrement se trouve être une violation des lois de propriété intellectuelle et de copyright internationales et, vous serez jugés responsables. Vous pouvez copier le logiciel pour des buts darchive, toutefois nimporte quelle copie doit contenir les notices de propriété industrielle du logiciel original. 3. LIMITES Vous ne pouvez pas (1) laissez dautres individus se servir du logiciel, excepté en vertu dune des conditions énumérées ci-dessus ; (2) modifier, traduire, deffectuer une ingénierie inverse, décompiler, désassembler (excepté dans la mesure où les lois applicables interdisent spécifiquement de telle action), ou créer des travaux dérivés basés sur le logiciel ; (3) copier le logiciel autrement que comme indiqué ci-dessus ; (4) éditer ou fournir tous les résultats des études de performance sur le logiciel à un tiers sans consentement écrit antérieur de VSO SOFTWARE; (5) louer, ou mettre en vente, accorder un intérêt particulier pour la possession du logiciel, ou autrement transférer des droits sur le logiciel ; ou (6) supprimer nimporte quel copyright, marque déposée, droits de la propriété, déni ou mise en garde inclus dessus ou incorporés dans nimporte quelle partie du logiciel ; et (7) vendre, donner licence, ou en sous-licence, louer ou transférer le logiciel. Toute utilisation du logiciel autre quà usage privé et dune manière conforme au présent accord est interdite sans licence spécifique. Ainsi, il est interdit à quiconque de tirer profit de tous les applications possibles par lutilisation du logiciel. Si une utilisation dans un cadre commercial est envisagée, merci de contacter VSO Software pour envisager un contrat de licence spécifique dutilisation. 4. TITRE. Le titre et la propriété de tous les
[issue488] License violation by Conceiva
Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at added the comment: So do I understand you correctly that users are forced to search the website until they find a link to the source code? Or do we request companies to include the link in the About box and the EULA in this case? FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue488
[issue1907] Potential SEGV in h264_mp4toannexb_bsf.c
Thomas Devanneaux thom...@gmail.com added the comment: Including a sample file. Note that I manually corrupted the NALU size by replacing 00 00 with FF FF at offset 0x19c. Here is the command to reproduce the crash: $ ffmpeg -i test.flv -acodec copy -vcodec copy -vbsf h264_mp4toannexb - y out.ts FFmpeg version SVN-r22986, Copyright (c) 2000-2010 the FFmpeg developers built on Apr 28 2010 15:46:52 with gcc 4.2.1 (Apple Inc. build 5659) configuration: --prefix=/opt/local --enable-gpl --enable-version3 -- enable-nonfree --enable-postproc --enable-pthreads --enable-libfaac -- enable-libfaad --enable-libmp3lame --enable-libtheora --enable-libx264 --enable-libxvid --enable-x11grab --extra-cflags=-I/opt/local/include - -extra-libs=-L/opt/local/lib --enable-debug libavutil 50.14. 0 / 50.14. 0 libavcodec52.66. 0 / 52.66. 0 libavformat 52.61. 0 / 52.61. 0 libavdevice 52. 2. 0 / 52. 2. 0 libswscale 0.10. 0 / 0.10. 0 libpostproc 51. 2. 0 / 51. 2. 0 [h264 @ 0x101814200]AVC: nal size 16777013 [h264 @ 0x101814200]no frame! [h264 @ 0x101814200]Missing reference picture [h264 @ 0x101814200]decode_slice_header error [h264 @ 0x101814200]concealing 180 DC, 180 AC, 180 MV errors [flv @ 0x10180b000]Estimating duration from bitrate, this may be inaccurate Seems stream 0 codec frame rate differs from container frame rate: 47.95 (48000/1001) - 24.00 (24/1) Input #0, flv, from 'test.flv': Metadata: duration: 406 width : 320 height : 132 videodatarate : 0 framerate : 9 videocodecid: 7 audiodatarate : 0 audiosamplerate : 44100 audiosamplesize : 16 stereo : true audiocodecid: 10 filesize: 28737329 Duration: 00:06:45.69, start: 0.00, bitrate: N/A Stream #0.0: Video: h264, yuv420p, 320x132 [PAR 1:1 DAR 80:33], 24 tbr, 1k tbn, 47.95 tbc Stream #0.1: Audio: aac, 44100 Hz, stereo, s16 [mpegts @ 0x10180c200]muxrate 1 bps, pcr every 100 pkts, sdt every 200, pat/pmt every 40 pkts Output #0, mpegts, to 'out.ts': Metadata: encoder : Lavf52.61.0 Stream #0.0: Video: libx264, yuv420p, 320x132 [PAR 1:1 DAR 80:33], q=2-31, 90k tbn, 1k tbc Stream #0.1: Audio: aac, 44100 Hz, stereo Stream mapping: Stream #0.0 - #0.0 Stream #0.1 - #0.1 Press [q] to stop encoding Segmentation fault Here is the stack trace: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0x000100fb 0x7fe00f28 in __memcpy () (gdb) bt #0 0x7fe00f28 in __memcpy () #1 0x0001001f8615 in __inline_memcpy_chk (__dest=0x101800039, __src=0x100e00de4, __len=16777013) at _string.h:58 #2 0x0001001f856f in alloc_and_copy (poutbuf=0x7fff5fbfe5f0, poutbuf_size=0x7fff5fbfe5f8, sps_pps=0x100e02350 , sps_pps_size=53, in=0x100e00de4 e??@, in_size=16777013) at libavcodec/h264_mp4toannexb_bsf.c:42 #3 0x0001001f89a5 in h264_mp4toannexb_filter (bsfc=0x100e00d30, avctx=0x10100d400, args=0x0, poutbuf=0x7fff5fbfe5f0, poutbuf_size=0x7fff5fbfe5f8, buf=0x100e00de4 e??@, buf_size=57, keyframe=1) at libavcodec/h264_mp4toannexb_bsf.c:131 #4 0x000100115d93 in av_bitstream_filter_filter (bsfc=0x100e00d30, avctx=0x10100d400, args=0x0, poutbuf=0x7fff5fbfe5f0, poutbuf_size=0x7fff5fbfe5f8, buf=0x100e00de0 , buf_size=57, keyframe=1) at libavcodec/bitstream_filter.c:64 #5 0x00011a71 in write_frame (s=0x10100c200, pkt=0x7fff5fbfe900, avctx=0x10100d400, bsfc=0x100e00d30) at ffmpeg.c:592 #6 0x00015e70 in output_packet (ist=0x100e01ad0, ist_index=0, ost_table=0x100e00db0, nb_ostreams=2, pkt=0x7fff5fbfeb40) at ffmpeg.c:1580 #7 0x00019577 in av_transcode (output_files=0x10065fc40, nb_output_files=1, input_files=0x1006578e0, nb_input_files=1, stream_maps=0x100663e00, nb_stream_maps=0) at ffmpeg.c:2406 #8 0x0001dde3 in main (argc=12, argv=0x7fff5fbff610) at ffmpeg.c:4142 FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1907 test.flv Description: video/flv
[issue1743] Chaoji Jieba (Super Decoder)'s using FF libraries, License Violation?
Carl Eugen Hoyos ceho...@rainbow.studorg.tuwien.ac.at added the comment: I can confirm that the installer (size 21031124, md5sum 1cdc92e6f92d9ac4f9f87b322f9f4e54, uploaded to incoming/issue1743) contains libavcodec. MPlayer and others. Attribution to FFmpeg etc. is very unlikely, but otoh, I don't speak Chinese... -- status: new - open substatus: new - open FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1743
[issue488] License violation by Conceiva
Ronald S. Bultje rsbul...@gmail.com added the comment: The GPL is ambiguous about that, but I would obviously prefer if the source link was available in the About dialog and the EULA as well. FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue488
[issue1907] Potential SEGV in h264_mp4toannexb_bsf.c
Thomas Devanneaux thom...@gmail.com added the comment: Changing substatus from needs_more_info to open -- substatus: needs_more_info - open FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1907
[issue1901] RGB24 raw avi decoder doesn't respect DIB standard structure
Michael Niedermayer michae...@gmx.at added the comment: On Thu, Apr 29, 2010 at 12:44:45PM +, pal_64 wrote: [...] File 'RAW_AVI_reading_trouble.avi' not attached - you can download it from https://roundup.ffmpeg.org/file875. fixed in r22997. FFmpeg issue tracker iss...@roundup.ffmpeg.org https://roundup.ffmpeg.org/issue1901