This avoids a memcpy improving performance if SHM is not used.
Signed-off-by: NMarton Balint <cus@passwd.hu>

Width and height expressions can refer to each other. Width is
evaluated twice to allow for reference to output height. So we
should not error out upon failure of first evaluation of width.

No functional changes. ref/unref vs add/sub is symmetrical.
Signed-off-by: NJames Almer <jamrial@gmail.com>

Reviewed-by: NMichael Niedermayer <michael@niedermayer.cc>
Signed-off-by: NJames Almer <jamrial@gmail.com>

Fixes: fate-fitsdec-bitpix-64

Possibly Fixes: -nan is outside the range of representable values of type 'unsigned short'
Possibly Fixes: 17769/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FITS_fuzzer-5678314672357376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

If an error happens in vobsub_read_header() after allocating the
AVFormatContext intended to read the sub-file, both the AVFormatContext
as well as the data in the subtitles queues leaks. This has been fixed.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

vobsub_read_header() uses an AVBPrint to write a string and up until
now, it collected the string stored in the AVBPrint via
av_bprint_finalize(), which might involve an allocation and copy of the
string. But this is unnecessary, as the lifetime of the returned string
does not exceed the lifetime of the AVBPrint. So use the string in the
AVBPrint directly.

This also makes it possible to easily fix a memleak: In certain error
situations, the string stored in the AVBPrint would not be freed (if it
was dynamically allocated). This has been fixed, too.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

When the VobSub demuxer was added, the fields it required were simply
added to the MpegDemuxContext (if the VobSub demuxer was selected at
all). The mpeg demuxer of course doesn't use these fields even if they
are there; and the VobSub demuxer doesn't use the old ones: It opens an
mpeg subdemuxer of its own and uses this where a mpeg demuxer is
required. Hence the two contexts can be split, saving memory.

Furthermore several headers can now be moved to the section that is
guarded by #if CONFIG_VOBSUB_DEMUXER (this even includes avassert.h
which was unguarded and has been added in 9cde9f70 despite not being
used in that patch).
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

When parsing EBML lacing, for every number read, a new AVIOContext has
been initialized (via ffio_init_context()) just for this number. This
has been changed: The context is kept now.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

When parsing the sizes of the frames in a lace fails, sometimes no
error message was raised (e.g. when using xiph or fixed-size lacing).
Only EBML lacing generated error messages (which were wrongly declared
as AV_LOG_INFO), but even here not all errors resulted in an error
message. So add a generic error message to catch them all.

Moreover, if parsing one of the EBML numbers fails, ebml_read_num already
emits its own error messages, so that all that is needed is a generic error
message to indicate that this happened during parsing the sizes of the
frames in a block; in other words, the error messages specific to
parsing EBML lace numbers can be and have been removed.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

870e7552 introduced validating the lace sizes when they are parsed and
removed the old check; yet when merging this libav commit in 6902c3ac,
the old check for whether the frame extends beyond the frame has been kept.
It is unnecessary and has been removed.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

Up until now, when an error happened in one of the inner loops in
matroska_parse_laces, a variable designated for the return value has
been set to an error value and break has been used to exit the
current loop/case. This was done so that the end of matroska_parse_laces
is reached, because said function allocated memory which is later used
and freed in the calling function and passed at the end of
matroska_parse_laces.

But given that there is no allocation any more, one can now return
immediately. And this commit does this.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

The maximal number of frames in a lace can be 256; hence one has a not
excessive upper bound on the size of an array that can hold the sizes of
all the frames in a lace. Yet up until now, said array has been
dynamically allocated. This has been changed.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

It avoids the overhead of function calls.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

Up until c4e0e314, the seek table has been included in the tta
extradata, so that the size of said extradata was 22 (the size of a TTA1
header) + 4 * number of frames. The decoder rejected anything below a
size of 30 and so the Matroska demuxer exported 30 byte long extradata,
of which only 18 were set (it ignores a CRC-32 and simply leaves it at
0). But this is unnecessary since said commit, so reduce the size to 22.

Furthermore, replace 30 by 22 in a comment about the extradata size in
libavcodec/tta.c.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

That way one doesn't have to free later. In this case (concerning TTA
extradata), this also fixes a memleak when the output samplerate is
invalid.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NLimin Wang <lance.lmwang@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fix a NULL dereference and leaks.
Signed-off-by: NKusanagi Kouichi <slash@ac.auone-net.jp>
Signed-off-by: NMarton Balint <cus@passwd.hu>

This should improve coverage
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This should increase coverage
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

6144 byte alignment is needed.
Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

This sets the range of the first automatically assigned PMT PID or elementary
stream PID parameters to [0x20, 0x1ffa]. You can still assign manually a PID
for a stream using AVStream->id in the wider [0x10, 0x1ffe] range as specified
by ISO13818-1. But since DVB and ATSC both reserves some PIDs, let's not allow
them to be automatically assigned.

Also make sure that assigned PID numbers are valid and fix the error message
for the previous PID collision checks.
Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Introduced since 07793962.
Signed-off-by: NLinjie Fu <linjie.fu@intel.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

The unsharp filter uses an array of arrays of uint32_t, each of which is
separately allocated. These arrays also need to freed separately; but
before doing so, one needs to check whether the array of arrays has
actually been allocated, otherwise one would dereference a NULL pointer.
This fixes #8408.

Furthermore, the array of arrays needs to be zero-initialized so that
no uninitialized pointer will be freed in case an allocation of one of
the individual arrays fails.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: NPaul B Mahol <onemda@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NJames Almer <jamrial@gmail.com>

This fixes marking keyframes in svc samples.
Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

This reverts commit 8174e5c7.

It's no longer needed after the previous commit.
Signed-off-by: NJames Almer <jamrial@gmail.com>