From patchwork Tue Sep 21 06:27:22 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 30400 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a6b:6506:0:0:0:0:0 with SMTP id z6csp2136922iob; Mon, 20 Sep 2021 23:28:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwIkB7f21Q9FKvnssOvp1TK2sCt/LTRjEPs+deiAHQjtmD8mvBmV8T6Symg9aTRaJBZVR8G X-Received: by 2002:a17:907:11c2:: with SMTP id va2mr12357073ejb.160.1632205690616; Mon, 20 Sep 2021 23:28:10 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id cn17si9774808edb.188.2021.09.20.23.28.10; Mon, 20 Sep 2021 23:28:10 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=fS6D8Yv1; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 5E19068AF78; Tue, 21 Sep 2021 09:28:07 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-oln040092075074.outbound.protection.outlook.com [40.92.75.74]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C56E368A9C9 for ; Tue, 21 Sep 2021 09:28:00 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bScSQP8m1fa7AdU/HkBwSWFOjzTFcbYbmxdyiaGx1Y0wy6YAC4L8bcYxcjitUcGa49c88U5FTOdUuXaWnJop8kFkC1OiwhhuhnZFkbViuX5lP90pI6AfDamc4UMh0/FD3ifCNi6yps0tMdhvzfJcJs1CXjvI0IouGYyJBTmfLZiC9dt0VQa6wSIp4UyFYfVSzKonHJH/Q7/G2uhaidMeiLfRtoyz94zulnwYNz1EkqWIZzf4zVFdLo+1nUc0+obK24faP9RBLhVILK0An0yx42ql+HVpWAYOIEob/sBD36u2PlSB2PGefhI9qHCKHbboDxEsTo6un1M4dph9yQnbFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Tdp7Fx0Fe+HUbt5Y5T8Jw9U5DFwMLEULyXFFIffcrr0=; b=nnKDncANK8iRPM5Po7lc1k9A9c4+BQdqMCNrnkYX2/nEt8v977Jmy2GkemHo7OLlRt06eghHMjd3ckgm92sfakIe9Sjl96EBLYt7Ai/rooQ2BN8q9g9Wa632ypy0aqzPO0vOTgZatXPgHkDigAsPL4SVanlmoxDvc/EHN7kgD3ltr/td3nacwaOmpCL8iyijItpDWdxfecWOaSMvTTaD76STfye9efAZdlLGdrsKO5yRuZXdI9mPEp+/YGKAnbb2uxKc3QDHwYQYH4L3A5I4Kx0gRwIHoC+Qs2zZVz5k8FikcYaDRb7GTS3tA47XGkWGE0ZhHxIJhWYk81D2JfiWuw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tdp7Fx0Fe+HUbt5Y5T8Jw9U5DFwMLEULyXFFIffcrr0=; b=fS6D8Yv1FzW5VB5ciq2SY9siLsXOX/QnJO/4nPVb+isfOnBN4lD5fbivfi+p22/agVPwQ7htl5plEZScFDxVyNuLEAXZELXY7xMbmEX/UV0R4VKKfsX8Bbobur1REws/cM3r7hM7+HJVPazjZlZXpmIYVo6NwQHGJAGFTBf81uwjODmIISYHH7IrgcnpHAFV08UBo8FDPLOYM9BVqK+430X31v1Qpr8RtVn/y8STsIkYasNY3vi1cJspGZw8CVxDQVzKf8D0KPU/fm4pYc39D2sLkhvq17/B3MLdsQbkty+fzp9rRvzX+d1QibtgtDNoe6RZG1U/g57Y9/nIOQ+3dA== Received: from AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) by AM7PR03MB6264.eurprd03.prod.outlook.com (2603:10a6:20b:13d::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14; Tue, 21 Sep 2021 06:27:59 +0000 Received: from AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::787b:2156:ca99:fe00]) by AM7PR03MB6660.eurprd03.prod.outlook.com ([fe80::787b:2156:ca99:fe00%3]) with mapi id 15.20.4523.016; Tue, 21 Sep 2021 06:27:59 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Tue, 21 Sep 2021 08:27:22 +0200 Message-ID: X-Mailer: git-send-email 2.30.2 In-Reply-To: References: X-TMN: [yMrqn7sQ6Py3nnPX7nHk1tJeNps+3CvT] X-ClientProxiedBy: PR0P264CA0075.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:18::15) To AM7PR03MB6660.eurprd03.prod.outlook.com (2603:10a6:20b:1c1::22) X-Microsoft-Original-Message-ID: <20210921062746.3534685-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sblaptop.fritz.box (188.192.142.38) by PR0P264CA0075.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:18::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14 via Frontend Transport; Tue, 21 Sep 2021 06:27:59 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: eed635f0-7b44-40c8-e829-08d97cc8f4e3 X-MS-Exchange-SLBlob-MailProps: f36zkjAOy3VTIMmVNh1pkyvCCSshice6I6VF7VnPxFik6H9LyY6gyjitvGwLvmNoSNlhTus692gM06D8miJb1b2wcD2a8vbuQcUWV3KEgh5DOaop3li3no1iARuMseKWnfRw0w0+QBvzgzyheM4RShk29A54eWHvzEWIHESWXnY4zJ00r3iuq24ZkyGaUclA8FHyhOlfzmzSDS6gxi5hBLIvE9nCaZp8eDOIpZwK7aTOQiK7XaHl41tOUuVIB9DiRqzfZY1Or8ykQEEwTBthm6wrmOXA323UJa9OJxbnxVnoAU1bSGcKdjiRdZrGQ3N9/tpJOBDsGVj/YTE2UOpcZf4KrPO/fSzWaV/MA0iMULpus6E2+FRGW7XFnjrv0uw5ttYxZoqfK5E5VzIjMACjNWxr1TmioXgEofRLpinG2kM5QaIXVhzZfC7SuH6LDiSV/QMduUm5FkHgm9MGXw45bdenSkLnZ2gGMuBvzbOJepKjv7Mt16tOg5mHrKxUv8RW0B567mjfF2ikgxqrzoo11jgHJmkc2z14w3lAFbe6B6i0ZB76ksuQMipkFZpMPMF2n+Hr+lkfzh+/qyIBWB8A3tXNdGlPTVcDn/nhDCjAQBIgzT6W8BhJrl3Qe3R4XIkF4Q63FUlMD5L9lCUg1hG5NJtknkVUWJlF/Sc1h6n71IEfrum6RyizY0gtW9VICXefA6V06sA6bx+p3lFXTVHjrwZp6zMqvtnaUKQeBvCW8ig= X-MS-TrafficTypeDiagnostic: AM7PR03MB6264: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZdKYucYkxlXzxX5PV781ecyfwhjGCLs9/wVZXknqifhE0wWvvow1vBeNiZg0HMjZwJWnF5NqejbvIr9gRq2XB6Tmx/9Y821O11/p7c0tVbiG8et0R9Qs8cfAqPsgUx4E8lsEhAcXL9ELWBmoph8Max4vIGIHdseAcJ7c1CZ/5FxYvmGZVjg/vQrtVjo6IuouVLhz7b/O8D2/RHA5Y4eDSeQ0jjwFmltp9VDF33bBkOaU5Pn0OsOfW//H3EaPTF7YFdWWlKKyyVgbFotz7meOMY0Q+vsKcVIGTQJGoD6FLHuEgxVgoaUSGOxcE2bf/D2k0oEBt3Y8EMmtQEVzsEnaXFqq2vDKZFtuSRfOmmW0vLH//NAIfhed9AngI2qQSvx93bTpwkRftupjA4iP0mLU4Xboxy/tmNuu5BBIblKZ2Aud7TS15fzJOTU9mS/dZgjY X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Iyn4vFkaJ7eQO6/CEyv6bkp73jdjoZgBc5nQ3Rb/TjNVngawpXCpetG/l1kzaKGTZ/1n9PCifDzKyNo38pRIhvvQLDCYSOwLxe03t6h1DAXHT+hmRmoMCSd4rt5V3/nTgK0lJ/iOdNE26F61hLahAQ== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: eed635f0-7b44-40c8-e829-08d97cc8f4e3 X-MS-Exchange-CrossTenant-AuthSource: AM7PR03MB6660.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Sep 2021 06:27:59.5626 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR03MB6264 Subject: [FFmpeg-devel] [PATCH 02/26] avfilter/af_agate: Honour query_formats API, fix segfault X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: 4KKzsAK/DWp6 The sidechaingate filter wants its main input and its (only) output to have the same channel layout and number of channels; yet it does not link them in its query_formats callback. Instead it sets the outlink to only accept the first offered choice for the main input's channel layout and then sets both inputs to independently accept any channel counts. The config_output callback then overwrote the outlink's channel layout and channels properties with the main input's, even though they may differ in case the first offered choice for the main input's channel layout turns out not to be the final one. Consider e.g. the following filtergraph: [in]aformat=channel_layouts=mono,aformat=channel_layouts=stereo|mono[out];\ [out][in2]sidechaingate,stereotools The two aformats ensure that the first offered channel layout (stereo) will not be chosen for the input; yet it is the only offered channel layout for the output of sidechaingate and will therefore be chosen by the query_formats framework. Because the sidechaingate outputs interleaved doubles which stereotools expects the output of sidechaingate appears to be suitable as input for stereotools without further conversions. Yet stereotools actually only receives a mono frame and therefore overreads its input buffer which leads to segfaults; it can also lead to heap corruption because there can be writes beyond the end of the buffer, too. Fix this by linking the channel layouts of the main input and the output in query_formats and remove the code overwriting it in config_output. Signed-off-by: Andreas Rheinhardt --- libavfilter/af_agate.c | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/libavfilter/af_agate.c b/libavfilter/af_agate.c index 284880833a..8e5cca4228 100644 --- a/libavfilter/af_agate.c +++ b/libavfilter/af_agate.c @@ -332,29 +332,19 @@ static int activate(AVFilterContext *ctx) static int scquery_formats(AVFilterContext *ctx) { - AVFilterChannelLayouts *layouts = NULL; static const enum AVSampleFormat sample_fmts[] = { AV_SAMPLE_FMT_DBL, AV_SAMPLE_FMT_NONE }; - int ret, i; - - if (!ctx->inputs[0]->incfg.channel_layouts || - !ctx->inputs[0]->incfg.channel_layouts->nb_channel_layouts) { - av_log(ctx, AV_LOG_WARNING, - "No channel layout for input 1\n"); - return AVERROR(EAGAIN); - } - - if ((ret = ff_add_channel_layout(&layouts, ctx->inputs[0]->incfg.channel_layouts->channel_layouts[0])) < 0 || - (ret = ff_channel_layouts_ref(layouts, &ctx->outputs[0]->incfg.channel_layouts)) < 0) + int ret = ff_channel_layouts_ref(ff_all_channel_counts(), + &ctx->inputs[1]->outcfg.channel_layouts); + if (ret < 0) return ret; - for (i = 0; i < 2; i++) { - layouts = ff_all_channel_counts(); - if ((ret = ff_channel_layouts_ref(layouts, &ctx->inputs[i]->outcfg.channel_layouts)) < 0) - return ret; - } + /* This will link the channel properties of the main input and the output; + * it won't touch the second input as its channel_layouts is already set. */ + if ((ret = ff_set_common_all_channel_counts(ctx)) < 0) + return ret; if ((ret = ff_set_common_formats_from_list(ctx, sample_fmts)) < 0) return ret; @@ -377,8 +367,6 @@ static int scconfig_output(AVFilterLink *outlink) outlink->sample_rate = ctx->inputs[0]->sample_rate; outlink->time_base = ctx->inputs[0]->time_base; - outlink->channel_layout = ctx->inputs[0]->channel_layout; - outlink->channels = ctx->inputs[0]->channels; s->fifo[0] = av_audio_fifo_alloc(ctx->inputs[0]->format, ctx->inputs[0]->channels, 1024); s->fifo[1] = av_audio_fifo_alloc(ctx->inputs[1]->format, ctx->inputs[1]->channels, 1024);