1 /*
2  * AVI demuxer
3  * Copyright (c) 2001 Fabrice Bellard
4  *
5  * This file is part of FFmpeg.
6  *
7  * FFmpeg is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU Lesser General Public
9  * License as published by the Free Software Foundation; either
10  * version 2.1 of the License, or (at your option) any later version.
11  *
12  * FFmpeg is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with FFmpeg; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20  */
21 
22 #include <inttypes.h>
23 
24 #include "libavutil/avassert.h"
25 #include "libavutil/avstring.h"
26 #include "libavutil/opt.h"
27 #include "libavutil/dict.h"
28 #include "libavutil/internal.h"
29 #include "libavutil/intreadwrite.h"
30 #include "libavutil/mathematics.h"
31 #include "avformat.h"
32 #include "avi.h"
33 #include "dv.h"
34 #include "internal.h"
35 #include "isom.h"
36 #include "riff.h"
37 #include "libavcodec/bytestream.h"
38 #include "libavcodec/exif.h"
39 #include "libavcodec/internal.h"
40 
41 typedef struct AVIStream {
42     int64_t frame_offset;   /* current frame (video) or byte (audio) counter
43                              * (used to compute the pts) */
44     int remaining;
45     int packet_size;
46 
47     uint32_t handler;
48     uint32_t scale;
49     uint32_t rate;
50     int sample_size;        /* size of one sample (or packet)
51                              * (in the rate/scale sense) in bytes */
52 
53     int64_t cum_len;        /* temporary storage (used during seek) */
54     int prefix;             /* normally 'd'<<8 + 'c' or 'w'<<8 + 'b' */
55     int prefix_count;
56     uint32_t pal[256];
57     int has_pal;
58     int dshow_block_align;  /* block align variable used to emulate bugs in
59                              * the MS dshow demuxer */
60 
61     AVFormatContext *sub_ctx;
62     AVPacket *sub_pkt;
63     AVBufferRef *sub_buffer;
64 
65     int64_t seek_pos;
66 } AVIStream;
67 
68 typedef struct AVIContext {
69     const AVClass *class;
70     int64_t riff_end;
71     int64_t movi_end;
72     int64_t fsize;
73     int64_t io_fsize;
74     int64_t movi_list;
75     int64_t last_pkt_pos;
76     int index_loaded;
77     int is_odml;
78     int non_interleaved;
79     int stream_index;
80     DVDemuxContext *dv_demux;
81     int odml_depth;
82     int use_odml;
83 #define MAX_ODML_DEPTH 1000
84     int64_t dts_max;
85 } AVIContext;
86 
87 
88 static const AVOption options[] = {
89     { "use_odml", "use odml index", offsetof(AVIContext, use_odml), AV_OPT_TYPE_BOOL, {.i64 = 1}, -1, 1, AV_OPT_FLAG_DECODING_PARAM},
90     { NULL },
91 };
92 
93 static const AVClass demuxer_class = {
94     .class_name = "avi",
95     .item_name  = av_default_item_name,
96     .option     = options,
97     .version    = LIBAVUTIL_VERSION_INT,
98     .category   = AV_CLASS_CATEGORY_DEMUXER,
99 };
100 
101 
102 static const char avi_headers[][8] = {
103     { 'R', 'I', 'F', 'F', 'A', 'V', 'I', ' '  },
104     { 'R', 'I', 'F', 'F', 'A', 'V', 'I', 'X'  },
105     { 'R', 'I', 'F', 'F', 'A', 'V', 'I', 0x19 },
106     { 'O', 'N', '2', ' ', 'O', 'N', '2', 'f'  },
107     { 'R', 'I', 'F', 'F', 'A', 'M', 'V', ' '  },
108     { 0 }
109 };
110 
111 static const AVMetadataConv avi_metadata_conv[] = {
112     { "strn", "title" },
113     { "isbj", "subject" },
114     { "inam", "title" },
115     { "iart", "artist" },
116     { "icop", "copyright" },
117     { "icmt", "comment" },
118     { "ignr", "genre" },
119     { "iprd", "product" },
120     { "isft", "software" },
121 
122     { 0 },
123 };
124 
125 static int avi_read_close(AVFormatContext *s);
126 static int avi_load_index(AVFormatContext *s);
127 static int guess_ni_flag(AVFormatContext *s);
128 
129 #define print_tag(s, str, tag, size)                                      \
130     av_log(s, AV_LOG_TRACE, "pos:%"PRIX64" %s: tag=%s size=0x%x\n", \
131            avio_tell(pb), str, av_fourcc2str(tag), size)                  \
132 
get_duration(AVIStream * ast,int len)133 static inline int get_duration(AVIStream *ast, int len)
134 {
135     if (ast->sample_size)
136         return len;
137     else if (ast->dshow_block_align)
138         return (len + (int64_t)ast->dshow_block_align - 1) / ast->dshow_block_align;
139     else
140         return 1;
141 }
142 
get_riff(AVFormatContext * s,AVIOContext * pb)143 static int get_riff(AVFormatContext *s, AVIOContext *pb)
144 {
145     AVIContext *avi = s->priv_data;
146     char header[8] = {0};
147     int i;
148 
149     /* check RIFF header */
150     avio_read(pb, header, 4);
151     avi->riff_end  = avio_rl32(pb); /* RIFF chunk size */
152     avi->riff_end += avio_tell(pb); /* RIFF chunk end */
153     avio_read(pb, header + 4, 4);
154 
155     for (i = 0; avi_headers[i][0]; i++)
156         if (!memcmp(header, avi_headers[i], 8))
157             break;
158     if (!avi_headers[i][0])
159         return AVERROR_INVALIDDATA;
160 
161     if (header[7] == 0x19)
162         av_log(s, AV_LOG_INFO,
163                "This file has been generated by a totally broken muxer.\n");
164 
165     return 0;
166 }
167 
read_odml_index(AVFormatContext * s,int64_t frame_num)168 static int read_odml_index(AVFormatContext *s, int64_t frame_num)
169 {
170     AVIContext *avi     = s->priv_data;
171     AVIOContext *pb     = s->pb;
172     int longs_per_entry = avio_rl16(pb);
173     int index_sub_type  = avio_r8(pb);
174     int index_type      = avio_r8(pb);
175     int entries_in_use  = avio_rl32(pb);
176     int chunk_id        = avio_rl32(pb);
177     int64_t base        = avio_rl64(pb);
178     int stream_id       = ((chunk_id      & 0xFF) - '0') * 10 +
179                           ((chunk_id >> 8 & 0xFF) - '0');
180     AVStream *st;
181     AVIStream *ast;
182     int i;
183     int64_t last_pos = -1;
184     int64_t filesize = avi->fsize;
185 
186     av_log(s, AV_LOG_TRACE,
187             "longs_per_entry:%d index_type:%d entries_in_use:%d "
188             "chunk_id:%X base:%16"PRIX64" frame_num:%"PRId64"\n",
189             longs_per_entry,
190             index_type,
191             entries_in_use,
192             chunk_id,
193             base,
194             frame_num);
195 
196     if (stream_id >= s->nb_streams || stream_id < 0)
197         return AVERROR_INVALIDDATA;
198     st  = s->streams[stream_id];
199     ast = st->priv_data;
200 
201     if (index_sub_type)
202         return AVERROR_INVALIDDATA;
203 
204     avio_rl32(pb);
205 
206     if (index_type && longs_per_entry != 2)
207         return AVERROR_INVALIDDATA;
208     if (index_type > 1)
209         return AVERROR_INVALIDDATA;
210 
211     if (filesize > 0 && base >= filesize) {
212         av_log(s, AV_LOG_ERROR, "ODML index invalid\n");
213         if (base >> 32 == (base & 0xFFFFFFFF) &&
214             (base & 0xFFFFFFFF) < filesize    &&
215             filesize <= 0xFFFFFFFF)
216             base &= 0xFFFFFFFF;
217         else
218             return AVERROR_INVALIDDATA;
219     }
220 
221     for (i = 0; i < entries_in_use; i++) {
222         if (index_type) {
223             int64_t pos = avio_rl32(pb) + base - 8;
224             int len     = avio_rl32(pb);
225             int key     = len >= 0;
226             len &= 0x7FFFFFFF;
227 
228             av_log(s, AV_LOG_TRACE, "pos:%"PRId64", len:%X\n", pos, len);
229 
230             if (avio_feof(pb))
231                 return AVERROR_INVALIDDATA;
232 
233             if (last_pos == pos || pos == base - 8)
234                 avi->non_interleaved = 1;
235             if (last_pos != pos && len)
236                 av_add_index_entry(st, pos, ast->cum_len, len, 0,
237                                    key ? AVINDEX_KEYFRAME : 0);
238 
239             ast->cum_len += get_duration(ast, len);
240             last_pos      = pos;
241         } else {
242             int64_t offset, pos;
243             int duration;
244             offset = avio_rl64(pb);
245             avio_rl32(pb);       /* size */
246             duration = avio_rl32(pb);
247 
248             if (avio_feof(pb) || offset > INT64_MAX - 8)
249                 return AVERROR_INVALIDDATA;
250 
251             pos = avio_tell(pb);
252 
253             if (avi->odml_depth > MAX_ODML_DEPTH) {
254                 av_log(s, AV_LOG_ERROR, "Too deeply nested ODML indexes\n");
255                 return AVERROR_INVALIDDATA;
256             }
257 
258             if (avio_seek(pb, offset + 8, SEEK_SET) < 0)
259                 return -1;
260             avi->odml_depth++;
261             read_odml_index(s, frame_num);
262             avi->odml_depth--;
263             frame_num += duration;
264 
265             if (avio_seek(pb, pos, SEEK_SET) < 0) {
266                 av_log(s, AV_LOG_ERROR, "Failed to restore position after reading index\n");
267                 return -1;
268             }
269 
270         }
271     }
272     avi->index_loaded = 2;
273     return 0;
274 }
275 
clean_index(AVFormatContext * s)276 static void clean_index(AVFormatContext *s)
277 {
278     int i;
279     int64_t j;
280 
281     for (i = 0; i < s->nb_streams; i++) {
282         AVStream *st   = s->streams[i];
283         AVIStream *ast = st->priv_data;
284         int n          = st->nb_index_entries;
285         int max        = ast->sample_size;
286         int64_t pos, size, ts;
287 
288         if (n != 1 || ast->sample_size == 0)
289             continue;
290 
291         while (max < 1024)
292             max += max;
293 
294         pos  = st->index_entries[0].pos;
295         size = st->index_entries[0].size;
296         ts   = st->index_entries[0].timestamp;
297 
298         for (j = 0; j < size; j += max)
299             av_add_index_entry(st, pos + j, ts + j, FFMIN(max, size - j), 0,
300                                AVINDEX_KEYFRAME);
301     }
302 }
303 
avi_read_tag(AVFormatContext * s,AVStream * st,uint32_t tag,uint32_t size)304 static int avi_read_tag(AVFormatContext *s, AVStream *st, uint32_t tag,
305                         uint32_t size)
306 {
307     AVIOContext *pb = s->pb;
308     char key[5]     = { 0 };
309     char *value;
310 
311     size += (size & 1);
312 
313     if (size == UINT_MAX)
314         return AVERROR(EINVAL);
315     value = av_malloc(size + 1);
316     if (!value)
317         return AVERROR(ENOMEM);
318     if (avio_read(pb, value, size) != size) {
319         av_freep(&value);
320         return AVERROR_INVALIDDATA;
321     }
322     value[size] = 0;
323 
324     AV_WL32(key, tag);
325 
326     return av_dict_set(st ? &st->metadata : &s->metadata, key, value,
327                        AV_DICT_DONT_STRDUP_VAL);
328 }
329 
330 static const char months[12][4] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
331                                     "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
332 
avi_metadata_creation_time(AVDictionary ** metadata,char * date)333 static void avi_metadata_creation_time(AVDictionary **metadata, char *date)
334 {
335     char month[4], time[9], buffer[64];
336     int i, day, year;
337     /* parse standard AVI date format (ie. "Mon Mar 10 15:04:43 2003") */
338     if (sscanf(date, "%*3s%*[ ]%3s%*[ ]%2d%*[ ]%8s%*[ ]%4d",
339                month, &day, time, &year) == 4) {
340         for (i = 0; i < 12; i++)
341             if (!av_strcasecmp(month, months[i])) {
342                 snprintf(buffer, sizeof(buffer), "%.4d-%.2d-%.2d %s",
343                          year, i + 1, day, time);
344                 av_dict_set(metadata, "creation_time", buffer, 0);
345             }
346     } else if (date[4] == '/' && date[7] == '/') {
347         date[4] = date[7] = '-';
348         av_dict_set(metadata, "creation_time", date, 0);
349     }
350 }
351 
avi_read_nikon(AVFormatContext * s,uint64_t end)352 static void avi_read_nikon(AVFormatContext *s, uint64_t end)
353 {
354     while (avio_tell(s->pb) < end && !avio_feof(s->pb)) {
355         uint32_t tag  = avio_rl32(s->pb);
356         uint32_t size = avio_rl32(s->pb);
357         switch (tag) {
358         case MKTAG('n', 'c', 't', 'g'):  /* Nikon Tags */
359         {
360             uint64_t tag_end = avio_tell(s->pb) + size;
361             while (avio_tell(s->pb) < tag_end && !avio_feof(s->pb)) {
362                 uint16_t tag     = avio_rl16(s->pb);
363                 uint16_t size    = avio_rl16(s->pb);
364                 const char *name = NULL;
365                 char buffer[64]  = { 0 };
366                 size = FFMIN(size, tag_end - avio_tell(s->pb));
367                 size -= avio_read(s->pb, buffer,
368                                   FFMIN(size, sizeof(buffer) - 1));
369                 switch (tag) {
370                 case 0x03:
371                     name = "maker";
372                     break;
373                 case 0x04:
374                     name = "model";
375                     break;
376                 case 0x13:
377                     name = "creation_time";
378                     if (buffer[4] == ':' && buffer[7] == ':')
379                         buffer[4] = buffer[7] = '-';
380                     break;
381                 }
382                 if (name)
383                     av_dict_set(&s->metadata, name, buffer, 0);
384                 avio_skip(s->pb, size);
385             }
386             break;
387         }
388         default:
389             avio_skip(s->pb, size);
390             break;
391         }
392     }
393 }
394 
avi_extract_stream_metadata(AVFormatContext * s,AVStream * st)395 static int avi_extract_stream_metadata(AVFormatContext *s, AVStream *st)
396 {
397     GetByteContext gb;
398     uint8_t *data = st->codecpar->extradata;
399     int data_size = st->codecpar->extradata_size;
400     int tag, offset;
401 
402     if (!data || data_size < 8) {
403         return AVERROR_INVALIDDATA;
404     }
405 
406     bytestream2_init(&gb, data, data_size);
407 
408     tag = bytestream2_get_le32(&gb);
409 
410     switch (tag) {
411     case MKTAG('A', 'V', 'I', 'F'):
412         // skip 4 byte padding
413         bytestream2_skip(&gb, 4);
414         offset = bytestream2_tell(&gb);
415 
416         // decode EXIF tags from IFD, AVI is always little-endian
417         return avpriv_exif_decode_ifd(s, data + offset, data_size - offset,
418                                       1, 0, &st->metadata);
419         break;
420     case MKTAG('C', 'A', 'S', 'I'):
421         avpriv_request_sample(s, "RIFF stream data tag type CASI (%u)", tag);
422         break;
423     case MKTAG('Z', 'o', 'r', 'a'):
424         avpriv_request_sample(s, "RIFF stream data tag type Zora (%u)", tag);
425         break;
426     default:
427         break;
428     }
429 
430     return 0;
431 }
432 
calculate_bitrate(AVFormatContext * s)433 static int calculate_bitrate(AVFormatContext *s)
434 {
435     AVIContext *avi = s->priv_data;
436     int i, j;
437     int64_t lensum = 0;
438     int64_t maxpos = 0;
439 
440     for (i = 0; i<s->nb_streams; i++) {
441         int64_t len = 0;
442         AVStream *st = s->streams[i];
443 
444         if (!st->nb_index_entries)
445             continue;
446 
447         for (j = 0; j < st->nb_index_entries; j++)
448             len += st->index_entries[j].size;
449         maxpos = FFMAX(maxpos, st->index_entries[j-1].pos);
450         lensum += len;
451     }
452     if (maxpos < av_rescale(avi->io_fsize, 9, 10)) // index does not cover the whole file
453         return 0;
454     if (lensum*9/10 > maxpos || lensum < maxpos*9/10) // frame sum and filesize mismatch
455         return 0;
456 
457     for (i = 0; i<s->nb_streams; i++) {
458         int64_t len = 0;
459         AVStream *st = s->streams[i];
460         int64_t duration;
461         int64_t bitrate;
462 
463         for (j = 0; j < st->nb_index_entries; j++)
464             len += st->index_entries[j].size;
465 
466         if (st->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
467             continue;
468         duration = st->index_entries[j-1].timestamp - st->index_entries[0].timestamp;
469         bitrate = av_rescale(8*len, st->time_base.den, duration * st->time_base.num);
470         if (bitrate > 0) {
471             st->codecpar->bit_rate = bitrate;
472         }
473     }
474     return 1;
475 }
476 
477 #define RETURN_ERROR(code) do { ret = (code); goto fail; } while (0)
avi_read_header(AVFormatContext * s)478 static int avi_read_header(AVFormatContext *s)
479 {
480     AVIContext *avi = s->priv_data;
481     AVIOContext *pb = s->pb;
482     unsigned int tag, tag1, handler;
483     int codec_type, stream_index, frame_period;
484     unsigned int size;
485     int i;
486     AVStream *st;
487     AVIStream *ast      = NULL;
488     int avih_width      = 0, avih_height = 0;
489     int amv_file_format = 0;
490     uint64_t list_end   = 0;
491     int64_t pos;
492     int ret;
493     AVDictionaryEntry *dict_entry;
494 
495     avi->stream_index = -1;
496 
497     ret = get_riff(s, pb);
498     if (ret < 0)
499         return ret;
500 
501     av_log(avi, AV_LOG_DEBUG, "use odml:%d\n", avi->use_odml);
502 
503     avi->io_fsize = avi->fsize = avio_size(pb);
504     if (avi->fsize <= 0 || avi->fsize < avi->riff_end)
505         avi->fsize = avi->riff_end == 8 ? INT64_MAX : avi->riff_end;
506 
507     /* first list tag */
508     stream_index = -1;
509     codec_type   = -1;
510     frame_period = 0;
511     for (;;) {
512         if (avio_feof(pb))
513             RETURN_ERROR(AVERROR_INVALIDDATA);
514         tag  = avio_rl32(pb);
515         size = avio_rl32(pb);
516 
517         print_tag(s, "tag", tag, size);
518 
519         switch (tag) {
520         case MKTAG('L', 'I', 'S', 'T'):
521             list_end = avio_tell(pb) + size;
522             /* Ignored, except at start of video packets. */
523             tag1 = avio_rl32(pb);
524 
525             print_tag(s, "list", tag1, 0);
526 
527             if (tag1 == MKTAG('m', 'o', 'v', 'i')) {
528                 avi->movi_list = avio_tell(pb) - 4;
529                 if (size)
530                     avi->movi_end = avi->movi_list + size + (size & 1);
531                 else
532                     avi->movi_end = avi->fsize;
533                 av_log(s, AV_LOG_TRACE, "movi end=%"PRIx64"\n", avi->movi_end);
534                 goto end_of_header;
535             } else if (tag1 == MKTAG('I', 'N', 'F', 'O'))
536                 ff_read_riff_info(s, size - 4);
537             else if (tag1 == MKTAG('n', 'c', 'd', 't'))
538                 avi_read_nikon(s, list_end);
539 
540             break;
541         case MKTAG('I', 'D', 'I', 'T'):
542         {
543             unsigned char date[64] = { 0 };
544             size += (size & 1);
545             size -= avio_read(pb, date, FFMIN(size, sizeof(date) - 1));
546             avio_skip(pb, size);
547             avi_metadata_creation_time(&s->metadata, date);
548             break;
549         }
550         case MKTAG('d', 'm', 'l', 'h'):
551             avi->is_odml = 1;
552             avio_skip(pb, size + (size & 1));
553             break;
554         case MKTAG('a', 'm', 'v', 'h'):
555             amv_file_format = 1;
556         case MKTAG('a', 'v', 'i', 'h'):
557             /* AVI header */
558             /* using frame_period is bad idea */
559             frame_period = avio_rl32(pb);
560             avio_rl32(pb); /* max. bytes per second */
561             avio_rl32(pb);
562             avi->non_interleaved |= avio_rl32(pb) & AVIF_MUSTUSEINDEX;
563 
564             avio_skip(pb, 2 * 4);
565             avio_rl32(pb);
566             avio_rl32(pb);
567             avih_width  = avio_rl32(pb);
568             avih_height = avio_rl32(pb);
569 
570             avio_skip(pb, size - 10 * 4);
571             break;
572         case MKTAG('s', 't', 'r', 'h'):
573             /* stream header */
574 
575             tag1    = avio_rl32(pb);
576             handler = avio_rl32(pb); /* codec tag */
577 
578             if (tag1 == MKTAG('p', 'a', 'd', 's')) {
579                 avio_skip(pb, size - 8);
580                 break;
581             } else {
582                 stream_index++;
583                 st = avformat_new_stream(s, NULL);
584                 if (!st)
585                     RETURN_ERROR(AVERROR(ENOMEM));
586 
587                 st->id = stream_index;
588                 ast    = av_mallocz(sizeof(AVIStream));
589                 if (!ast)
590                     RETURN_ERROR(AVERROR(ENOMEM));
591                 st->priv_data = ast;
592             }
593             if (amv_file_format)
594                 tag1 = stream_index ? MKTAG('a', 'u', 'd', 's')
595                                     : MKTAG('v', 'i', 'd', 's');
596 
597             print_tag(s, "strh", tag1, -1);
598 
599             if (tag1 == MKTAG('i', 'a', 'v', 's') ||
600                 tag1 == MKTAG('i', 'v', 'a', 's')) {
601                 int64_t dv_dur;
602 
603                 /* After some consideration -- I don't think we
604                  * have to support anything but DV in type1 AVIs. */
605                 if (s->nb_streams != 1)
606                     RETURN_ERROR(AVERROR_INVALIDDATA);
607 
608                 if (handler != MKTAG('d', 'v', 's', 'd') &&
609                     handler != MKTAG('d', 'v', 'h', 'd') &&
610                     handler != MKTAG('d', 'v', 's', 'l'))
611                     return AVERROR_INVALIDDATA;
612 
613                 if (!CONFIG_DV_DEMUXER)
614                     return AVERROR_DEMUXER_NOT_FOUND;
615 
616                 ast = s->streams[0]->priv_data;
617                 st->priv_data = NULL;
618                 ff_free_stream(s, st);
619 
620                 avi->dv_demux = avpriv_dv_init_demux(s);
621                 if (!avi->dv_demux) {
622                     av_free(ast);
623                     return AVERROR(ENOMEM);
624                 }
625 
626                 s->streams[0]->priv_data = ast;
627                 avio_skip(pb, 3 * 4);
628                 ast->scale = avio_rl32(pb);
629                 ast->rate  = avio_rl32(pb);
630                 avio_skip(pb, 4);  /* start time */
631 
632                 dv_dur = avio_rl32(pb);
633                 if (ast->scale > 0 && ast->rate > 0 && dv_dur > 0) {
634                     dv_dur     *= AV_TIME_BASE;
635                     s->duration = av_rescale(dv_dur, ast->scale, ast->rate);
636                 }
637                 /* else, leave duration alone; timing estimation in utils.c
638                  * will make a guess based on bitrate. */
639 
640                 stream_index = s->nb_streams - 1;
641                 avio_skip(pb, size - 9 * 4);
642                 break;
643             }
644 
645             av_assert0(stream_index < s->nb_streams);
646             ast->handler = handler;
647 
648             avio_rl32(pb); /* flags */
649             avio_rl16(pb); /* priority */
650             avio_rl16(pb); /* language */
651             avio_rl32(pb); /* initial frame */
652             ast->scale = avio_rl32(pb);
653             ast->rate  = avio_rl32(pb);
654             if (!(ast->scale && ast->rate)) {
655                 av_log(s, AV_LOG_WARNING,
656                        "scale/rate is %"PRIu32"/%"PRIu32" which is invalid. "
657                        "(This file has been generated by broken software.)\n",
658                        ast->scale,
659                        ast->rate);
660                 if (frame_period) {
661                     ast->rate  = 1000000;
662                     ast->scale = frame_period;
663                 } else {
664                     ast->rate  = 25;
665                     ast->scale = 1;
666                 }
667             }
668             avpriv_set_pts_info(st, 64, ast->scale, ast->rate);
669 
670             ast->cum_len  = avio_rl32(pb); /* start */
671             st->nb_frames = avio_rl32(pb);
672 
673             st->start_time = 0;
674             avio_rl32(pb); /* buffer size */
675             avio_rl32(pb); /* quality */
676             if (ast->cum_len > 3600LL * ast->rate / ast->scale) {
677                 av_log(s, AV_LOG_ERROR, "crazy start time, iam scared, giving up\n");
678                 ast->cum_len = 0;
679             }
680             ast->sample_size = avio_rl32(pb);
681             ast->cum_len    *= FFMAX(1, ast->sample_size);
682             av_log(s, AV_LOG_TRACE, "%"PRIu32" %"PRIu32" %d\n",
683                     ast->rate, ast->scale, ast->sample_size);
684 
685             switch (tag1) {
686             case MKTAG('v', 'i', 'd', 's'):
687                 codec_type = AVMEDIA_TYPE_VIDEO;
688 
689                 ast->sample_size = 0;
690                 st->avg_frame_rate = av_inv_q(st->time_base);
691                 break;
692             case MKTAG('a', 'u', 'd', 's'):
693                 codec_type = AVMEDIA_TYPE_AUDIO;
694                 break;
695             case MKTAG('t', 'x', 't', 's'):
696                 codec_type = AVMEDIA_TYPE_SUBTITLE;
697                 break;
698             case MKTAG('d', 'a', 't', 's'):
699                 codec_type = AVMEDIA_TYPE_DATA;
700                 break;
701             default:
702                 av_log(s, AV_LOG_INFO, "unknown stream type %X\n", tag1);
703             }
704 
705             if (ast->sample_size < 0) {
706                 if (s->error_recognition & AV_EF_EXPLODE) {
707                     av_log(s, AV_LOG_ERROR,
708                            "Invalid sample_size %d at stream %d\n",
709                            ast->sample_size,
710                            stream_index);
711                     RETURN_ERROR(AVERROR_INVALIDDATA);
712                 }
713                 av_log(s, AV_LOG_WARNING,
714                        "Invalid sample_size %d at stream %d "
715                        "setting it to 0\n",
716                        ast->sample_size,
717                        stream_index);
718                 ast->sample_size = 0;
719             }
720 
721             if (ast->sample_size == 0) {
722                 st->duration = st->nb_frames;
723                 if (st->duration > 0 && avi->io_fsize > 0 && avi->riff_end > avi->io_fsize) {
724                     av_log(s, AV_LOG_DEBUG, "File is truncated adjusting duration\n");
725                     st->duration = av_rescale(st->duration, avi->io_fsize, avi->riff_end);
726                 }
727             }
728             ast->frame_offset = ast->cum_len;
729             avio_skip(pb, size - 12 * 4);
730             break;
731         case MKTAG('s', 't', 'r', 'f'):
732             /* stream header */
733             if (!size && (codec_type == AVMEDIA_TYPE_AUDIO ||
734                           codec_type == AVMEDIA_TYPE_VIDEO))
735                 break;
736             if (stream_index >= (unsigned)s->nb_streams || avi->dv_demux) {
737                 avio_skip(pb, size);
738             } else {
739                 uint64_t cur_pos = avio_tell(pb);
740                 unsigned esize;
741                 if (cur_pos < list_end)
742                     size = FFMIN(size, list_end - cur_pos);
743                 st = s->streams[stream_index];
744                 if (st->codecpar->codec_type != AVMEDIA_TYPE_UNKNOWN) {
745                     avio_skip(pb, size);
746                     break;
747                 }
748                 switch (codec_type) {
749                 case AVMEDIA_TYPE_VIDEO:
750                     if (amv_file_format) {
751                         st->codecpar->width      = avih_width;
752                         st->codecpar->height     = avih_height;
753                         st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
754                         st->codecpar->codec_id   = AV_CODEC_ID_AMV;
755                         avio_skip(pb, size);
756                         break;
757                     }
758                     tag1 = ff_get_bmp_header(pb, st, &esize);
759 
760                     if (tag1 == MKTAG('D', 'X', 'S', 'B') ||
761                         tag1 == MKTAG('D', 'X', 'S', 'A')) {
762                         st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
763                         st->codecpar->codec_tag  = tag1;
764                         st->codecpar->codec_id   = AV_CODEC_ID_XSUB;
765                         break;
766                     }
767 
768                     if (size > 10 * 4 && size < (1 << 30) && size < avi->fsize) {
769                         if (esize == size-1 && (esize&1)) {
770                             st->codecpar->extradata_size = esize - 10 * 4;
771                         } else
772                             st->codecpar->extradata_size =  size - 10 * 4;
773                         if (st->codecpar->extradata) {
774                             av_log(s, AV_LOG_WARNING, "New extradata in strf chunk, freeing previous one.\n");
775                         }
776                         ret = ff_get_extradata(s, st->codecpar, pb,
777                                                st->codecpar->extradata_size);
778                         if (ret < 0)
779                             return ret;
780                     }
781 
782                     // FIXME: check if the encoder really did this correctly
783                     if (st->codecpar->extradata_size & 1)
784                         avio_r8(pb);
785 
786                     /* Extract palette from extradata if bpp <= 8.
787                      * This code assumes that extradata contains only palette.
788                      * This is true for all paletted codecs implemented in
789                      * FFmpeg. */
790                     if (st->codecpar->extradata_size &&
791                         (st->codecpar->bits_per_coded_sample <= 8)) {
792                         int pal_size = (1 << st->codecpar->bits_per_coded_sample) << 2;
793                         const uint8_t *pal_src;
794 
795                         pal_size = FFMIN(pal_size, st->codecpar->extradata_size);
796                         pal_src  = st->codecpar->extradata +
797                                    st->codecpar->extradata_size - pal_size;
798                         /* Exclude the "BottomUp" field from the palette */
799                         if (pal_src - st->codecpar->extradata >= 9 &&
800                             !memcmp(st->codecpar->extradata + st->codecpar->extradata_size - 9, "BottomUp", 9))
801                             pal_src -= 9;
802                         for (i = 0; i < pal_size / 4; i++)
803                             ast->pal[i] = 0xFFU<<24 | AV_RL32(pal_src + 4 * i);
804                         ast->has_pal = 1;
805                     }
806 
807                     print_tag(s, "video", tag1, 0);
808 
809                     st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
810                     st->codecpar->codec_tag  = tag1;
811                     st->codecpar->codec_id   = ff_codec_get_id(ff_codec_bmp_tags,
812                                                             tag1);
813                     /* If codec is not found yet, try with the mov tags. */
814                     if (!st->codecpar->codec_id) {
815                         st->codecpar->codec_id =
816                             ff_codec_get_id(ff_codec_movvideo_tags, tag1);
817                         if (st->codecpar->codec_id)
818                            av_log(s, AV_LOG_WARNING,
819                                   "mov tag found in avi (fourcc %s)\n",
820                                   av_fourcc2str(tag1));
821                     }
822                     if (!st->codecpar->codec_id)
823                         st->codecpar->codec_id = ff_codec_get_id(ff_codec_bmp_tags_unofficial, tag1);
824 
825                     /* This is needed to get the pict type which is necessary
826                      * for generating correct pts. */
827                     st->need_parsing = AVSTREAM_PARSE_HEADERS;
828 
829                     if (st->codecpar->codec_id == AV_CODEC_ID_MPEG4 &&
830                         ast->handler == MKTAG('X', 'V', 'I', 'D'))
831                         st->codecpar->codec_tag = MKTAG('X', 'V', 'I', 'D');
832 
833                     if (st->codecpar->codec_tag == MKTAG('V', 'S', 'S', 'H'))
834                         st->need_parsing = AVSTREAM_PARSE_FULL;
835                     if (st->codecpar->codec_id == AV_CODEC_ID_RV40)
836                         st->need_parsing = AVSTREAM_PARSE_NONE;
837                     if (st->codecpar->codec_id == AV_CODEC_ID_HEVC &&
838                         st->codecpar->codec_tag == MKTAG('H', '2', '6', '5'))
839                         st->need_parsing = AVSTREAM_PARSE_FULL;
840 
841                     if (st->codecpar->codec_id  == AV_CODEC_ID_AVRN &&
842                         st->codecpar->codec_tag == MKTAG('A', 'V', 'R', 'n') &&
843                         (st->codecpar->extradata_size < 31 ||
844                           memcmp(&st->codecpar->extradata[28], "1:1", 3)))
845                         st->codecpar->codec_id = AV_CODEC_ID_MJPEG;
846 
847                     if (st->codecpar->codec_tag == 0 && st->codecpar->height > 0 &&
848                         st->codecpar->extradata_size < 1U << 30) {
849                         st->codecpar->extradata_size += 9;
850                         if ((ret = av_reallocp(&st->codecpar->extradata,
851                                                st->codecpar->extradata_size +
852                                                AV_INPUT_BUFFER_PADDING_SIZE)) < 0) {
853                             st->codecpar->extradata_size = 0;
854                             return ret;
855                         } else
856                             memcpy(st->codecpar->extradata + st->codecpar->extradata_size - 9,
857                                    "BottomUp", 9);
858                     }
859                     st->codecpar->height = FFABS(st->codecpar->height);
860 
861 //                    avio_skip(pb, size - 5 * 4);
862                     break;
863                 case AVMEDIA_TYPE_AUDIO:
864                     ret = ff_get_wav_header(s, pb, st->codecpar, size, 0);
865                     if (ret < 0)
866                         return ret;
867                     ast->dshow_block_align = st->codecpar->block_align;
868                     if (ast->sample_size && st->codecpar->block_align &&
869                         ast->sample_size != st->codecpar->block_align) {
870                         av_log(s,
871                                AV_LOG_WARNING,
872                                "sample size (%d) != block align (%d)\n",
873                                ast->sample_size,
874                                st->codecpar->block_align);
875                         ast->sample_size = st->codecpar->block_align;
876                     }
877                     /* 2-aligned
878                      * (fix for Stargate SG-1 - 3x18 - Shades of Grey.avi) */
879                     if (size & 1)
880                         avio_skip(pb, 1);
881                     /* Force parsing as several audio frames can be in
882                      * one packet and timestamps refer to packet start. */
883                     st->need_parsing = AVSTREAM_PARSE_TIMESTAMPS;
884                     /* ADTS header is in extradata, AAC without header must be
885                      * stored as exact frames. Parser not needed and it will
886                      * fail. */
887                     if (st->codecpar->codec_id == AV_CODEC_ID_AAC &&
888                         st->codecpar->extradata_size)
889                         st->need_parsing = AVSTREAM_PARSE_NONE;
890                     // The flac parser does not work with AVSTREAM_PARSE_TIMESTAMPS
891                     if (st->codecpar->codec_id == AV_CODEC_ID_FLAC)
892                         st->need_parsing = AVSTREAM_PARSE_NONE;
893                     /* AVI files with Xan DPCM audio (wrongly) declare PCM
894                      * audio in the header but have Axan as stream_code_tag. */
895                     if (ast->handler == AV_RL32("Axan")) {
896                         st->codecpar->codec_id  = AV_CODEC_ID_XAN_DPCM;
897                         st->codecpar->codec_tag = 0;
898                         ast->dshow_block_align = 0;
899                     }
900                     if (amv_file_format) {
901                         st->codecpar->codec_id    = AV_CODEC_ID_ADPCM_IMA_AMV;
902                         ast->dshow_block_align = 0;
903                     }
904                     if ((st->codecpar->codec_id == AV_CODEC_ID_AAC  ||
905                          st->codecpar->codec_id == AV_CODEC_ID_FLAC ||
906                          st->codecpar->codec_id == AV_CODEC_ID_MP2 ) && ast->dshow_block_align <= 4 && ast->dshow_block_align) {
907                         av_log(s, AV_LOG_DEBUG, "overriding invalid dshow_block_align of %d\n", ast->dshow_block_align);
908                         ast->dshow_block_align = 0;
909                     }
910                     if (st->codecpar->codec_id == AV_CODEC_ID_AAC && ast->dshow_block_align == 1024 && ast->sample_size == 1024 ||
911                        st->codecpar->codec_id == AV_CODEC_ID_AAC && ast->dshow_block_align == 4096 && ast->sample_size == 4096 ||
912                        st->codecpar->codec_id == AV_CODEC_ID_MP3 && ast->dshow_block_align == 1152 && ast->sample_size == 1152) {
913                         av_log(s, AV_LOG_DEBUG, "overriding sample_size\n");
914                         ast->sample_size = 0;
915                     }
916                     break;
917                 case AVMEDIA_TYPE_SUBTITLE:
918                     st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
919                     st->internal->request_probe= 1;
920                     avio_skip(pb, size);
921                     break;
922                 default:
923                     st->codecpar->codec_type = AVMEDIA_TYPE_DATA;
924                     st->codecpar->codec_id   = AV_CODEC_ID_NONE;
925                     st->codecpar->codec_tag  = 0;
926                     avio_skip(pb, size);
927                     break;
928                 }
929             }
930             break;
931         case MKTAG('s', 't', 'r', 'd'):
932             if (stream_index >= (unsigned)s->nb_streams
933                 || s->streams[stream_index]->codecpar->extradata_size
934                 || s->streams[stream_index]->codecpar->codec_tag == MKTAG('H','2','6','4')) {
935                 avio_skip(pb, size);
936             } else {
937                 uint64_t cur_pos = avio_tell(pb);
938                 if (cur_pos < list_end)
939                     size = FFMIN(size, list_end - cur_pos);
940                 st = s->streams[stream_index];
941 
942                 if (size<(1<<30)) {
943                     if (st->codecpar->extradata) {
944                         av_log(s, AV_LOG_WARNING, "New extradata in strd chunk, freeing previous one.\n");
945                     }
946                     if ((ret = ff_get_extradata(s, st->codecpar, pb, size)) < 0)
947                         goto fail;
948                 }
949 
950                 if (st->codecpar->extradata_size & 1) //FIXME check if the encoder really did this correctly
951                     avio_r8(pb);
952 
953                 ret = avi_extract_stream_metadata(s, st);
954                 if (ret < 0) {
955                     av_log(s, AV_LOG_WARNING, "could not decoding EXIF data in stream header.\n");
956                 }
957             }
958             break;
959         case MKTAG('i', 'n', 'd', 'x'):
960             pos = avio_tell(pb);
961             if ((pb->seekable & AVIO_SEEKABLE_NORMAL) && !(s->flags & AVFMT_FLAG_IGNIDX) &&
962                 avi->use_odml &&
963                 read_odml_index(s, 0) < 0 &&
964                 (s->error_recognition & AV_EF_EXPLODE))
965                 RETURN_ERROR(AVERROR_INVALIDDATA);
966             avio_seek(pb, pos + size, SEEK_SET);
967             break;
968         case MKTAG('v', 'p', 'r', 'p'):
969             if (stream_index < (unsigned)s->nb_streams && size > 9 * 4) {
970                 AVRational active, active_aspect;
971 
972                 st = s->streams[stream_index];
973                 avio_rl32(pb);
974                 avio_rl32(pb);
975                 avio_rl32(pb);
976                 avio_rl32(pb);
977                 avio_rl32(pb);
978 
979                 active_aspect.den = avio_rl16(pb);
980                 active_aspect.num = avio_rl16(pb);
981                 active.num        = avio_rl32(pb);
982                 active.den        = avio_rl32(pb);
983                 avio_rl32(pb); // nbFieldsPerFrame
984 
985                 if (active_aspect.num && active_aspect.den &&
986                     active.num && active.den) {
987                     st->sample_aspect_ratio = av_div_q(active_aspect, active);
988                     av_log(s, AV_LOG_TRACE, "vprp %d/%d %d/%d\n",
989                             active_aspect.num, active_aspect.den,
990                             active.num, active.den);
991                 }
992                 size -= 9 * 4;
993             }
994             avio_skip(pb, size);
995             break;
996         case MKTAG('s', 't', 'r', 'n'):
997         case MKTAG('i', 's', 'b', 'j'):
998         case MKTAG('i', 'n', 'a', 'm'):
999         case MKTAG('i', 'a', 'r', 't'):
1000         case MKTAG('i', 'c', 'o', 'p'):
1001         case MKTAG('i', 'c', 'm', 't'):
1002         case MKTAG('i', 'g', 'n', 'r'):
1003         case MKTAG('i', 'p', 'o', 'd'):
1004         case MKTAG('i', 's', 'o', 'f'):
1005             if (s->nb_streams) {
1006                 ret = avi_read_tag(s, s->streams[s->nb_streams - 1], tag, size);
1007                 if (ret < 0)
1008                     goto fail;
1009                 break;
1010             }
1011         default:
1012             if (size > 1000000) {
1013                 av_log(s, AV_LOG_ERROR,
1014                        "Something went wrong during header parsing, "
1015                        "tag %s has size %u, "
1016                        "I will ignore it and try to continue anyway.\n",
1017                        av_fourcc2str(tag), size);
1018                 if (s->error_recognition & AV_EF_EXPLODE)
1019                     RETURN_ERROR(AVERROR_INVALIDDATA);
1020                 avi->movi_list = avio_tell(pb) - 4;
1021                 avi->movi_end  = avi->fsize;
1022                 goto end_of_header;
1023             }
1024         /* Do not fail for very large idx1 tags */
1025         case MKTAG('i', 'd', 'x', '1'):
1026             /* skip tag */
1027             size += (size & 1);
1028             avio_skip(pb, size);
1029             break;
1030         }
1031     }
1032 
1033 end_of_header:
1034     /* check stream number */
1035     if (stream_index != s->nb_streams - 1) {
1036         RETURN_ERROR(AVERROR_INVALIDDATA);
1037     }
1038 
1039     if (!avi->index_loaded && (pb->seekable & AVIO_SEEKABLE_NORMAL))
1040         avi_load_index(s);
1041     calculate_bitrate(s);
1042     avi->index_loaded    |= 1;
1043 
1044     if ((ret = guess_ni_flag(s)) < 0)
1045         goto fail;
1046 
1047     avi->non_interleaved |= ret | (s->flags & AVFMT_FLAG_SORT_DTS);
1048 
1049     dict_entry = av_dict_get(s->metadata, "ISFT", NULL, 0);
1050     if (dict_entry && !strcmp(dict_entry->value, "PotEncoder"))
1051         for (i = 0; i < s->nb_streams; i++) {
1052             AVStream *st = s->streams[i];
1053             if (   st->codecpar->codec_id == AV_CODEC_ID_MPEG1VIDEO
1054                 || st->codecpar->codec_id == AV_CODEC_ID_MPEG2VIDEO)
1055                 st->need_parsing = AVSTREAM_PARSE_FULL;
1056         }
1057 
1058     for (i = 0; i < s->nb_streams; i++) {
1059         AVStream *st = s->streams[i];
1060         if (st->nb_index_entries)
1061             break;
1062     }
1063     // DV-in-AVI cannot be non-interleaved, if set this must be
1064     // a mis-detection.
1065     if (avi->dv_demux)
1066         avi->non_interleaved = 0;
1067     if (i == s->nb_streams && avi->non_interleaved) {
1068         av_log(s, AV_LOG_WARNING,
1069                "Non-interleaved AVI without index, switching to interleaved\n");
1070         avi->non_interleaved = 0;
1071     }
1072 
1073     if (avi->non_interleaved) {
1074         av_log(s, AV_LOG_INFO, "non-interleaved AVI\n");
1075         clean_index(s);
1076     }
1077 
1078     ff_metadata_conv_ctx(s, NULL, avi_metadata_conv);
1079     ff_metadata_conv_ctx(s, NULL, ff_riff_info_conv);
1080 
1081     return 0;
1082 fail:
1083     avi_read_close(s);
1084     return ret;
1085 }
1086 
read_gab2_sub(AVFormatContext * s,AVStream * st,AVPacket * pkt)1087 static int read_gab2_sub(AVFormatContext *s, AVStream *st, AVPacket *pkt)
1088 {
1089     if (pkt->size >= 7 &&
1090         pkt->size < INT_MAX - AVPROBE_PADDING_SIZE &&
1091         !strcmp(pkt->data, "GAB2") && AV_RL16(pkt->data + 5) == 2) {
1092         uint8_t desc[256];
1093         int score      = AVPROBE_SCORE_EXTENSION, ret;
1094         AVIStream *ast = st->priv_data;
1095         ff_const59 AVInputFormat *sub_demuxer;
1096         AVRational time_base;
1097         int size;
1098         AVProbeData pd;
1099         unsigned int desc_len;
1100         AVIOContext *pb = avio_alloc_context(pkt->data + 7,
1101                                              pkt->size - 7,
1102                                              0, NULL, NULL, NULL, NULL);
1103         if (!pb)
1104             goto error;
1105 
1106         desc_len = avio_rl32(pb);
1107 
1108         if (desc_len > pb->buf_end - pb->buf_ptr)
1109             goto error;
1110 
1111         ret = avio_get_str16le(pb, desc_len, desc, sizeof(desc));
1112         avio_skip(pb, desc_len - ret);
1113         if (*desc)
1114             av_dict_set(&st->metadata, "title", desc, 0);
1115 
1116         avio_rl16(pb);   /* flags? */
1117         avio_rl32(pb);   /* data size */
1118 
1119         size = pb->buf_end - pb->buf_ptr;
1120         pd = (AVProbeData) { .buf      = av_mallocz(size + AVPROBE_PADDING_SIZE),
1121                              .buf_size = size };
1122         if (!pd.buf)
1123             goto error;
1124         memcpy(pd.buf, pb->buf_ptr, size);
1125         sub_demuxer = av_probe_input_format2(&pd, 1, &score);
1126         av_freep(&pd.buf);
1127         if (!sub_demuxer)
1128             goto error;
1129 
1130         if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass"))
1131             goto error;
1132 
1133         if (!(ast->sub_pkt = av_packet_alloc()))
1134             goto error;
1135 
1136         if (!(ast->sub_ctx = avformat_alloc_context()))
1137             goto error;
1138 
1139         ast->sub_ctx->pb = pb;
1140 
1141         if (ff_copy_whiteblacklists(ast->sub_ctx, s) < 0)
1142             goto error;
1143 
1144         if (!avformat_open_input(&ast->sub_ctx, "", sub_demuxer, NULL)) {
1145             if (ast->sub_ctx->nb_streams != 1)
1146                 goto error;
1147             ff_read_packet(ast->sub_ctx, ast->sub_pkt);
1148             avcodec_parameters_copy(st->codecpar, ast->sub_ctx->streams[0]->codecpar);
1149             time_base = ast->sub_ctx->streams[0]->time_base;
1150             avpriv_set_pts_info(st, 64, time_base.num, time_base.den);
1151         }
1152         ast->sub_buffer = pkt->buf;
1153         pkt->buf = NULL;
1154         av_packet_unref(pkt);
1155         return 1;
1156 
1157 error:
1158         av_packet_free(&ast->sub_pkt);
1159         av_freep(&ast->sub_ctx);
1160         avio_context_free(&pb);
1161     }
1162     return 0;
1163 }
1164 
get_subtitle_pkt(AVFormatContext * s,AVStream * next_st,AVPacket * pkt)1165 static AVStream *get_subtitle_pkt(AVFormatContext *s, AVStream *next_st,
1166                                   AVPacket *pkt)
1167 {
1168     AVIStream *ast, *next_ast = next_st->priv_data;
1169     int64_t ts, next_ts, ts_min = INT64_MAX;
1170     AVStream *st, *sub_st = NULL;
1171     int i;
1172 
1173     next_ts = av_rescale_q(next_ast->frame_offset, next_st->time_base,
1174                            AV_TIME_BASE_Q);
1175 
1176     for (i = 0; i < s->nb_streams; i++) {
1177         st  = s->streams[i];
1178         ast = st->priv_data;
1179         if (st->discard < AVDISCARD_ALL && ast && ast->sub_pkt && ast->sub_pkt->data) {
1180             ts = av_rescale_q(ast->sub_pkt->dts, st->time_base, AV_TIME_BASE_Q);
1181             if (ts <= next_ts && ts < ts_min) {
1182                 ts_min = ts;
1183                 sub_st = st;
1184             }
1185         }
1186     }
1187 
1188     if (sub_st) {
1189         ast               = sub_st->priv_data;
1190         av_packet_move_ref(pkt, ast->sub_pkt);
1191         pkt->stream_index = sub_st->index;
1192 
1193         if (ff_read_packet(ast->sub_ctx, ast->sub_pkt) < 0)
1194             ast->sub_pkt->data = NULL;
1195     }
1196     return sub_st;
1197 }
1198 
get_stream_idx(const unsigned * d)1199 static int get_stream_idx(const unsigned *d)
1200 {
1201     if (d[0] >= '0' && d[0] <= '9' &&
1202         d[1] >= '0' && d[1] <= '9') {
1203         return (d[0] - '0') * 10 + (d[1] - '0');
1204     } else {
1205         return 100; // invalid stream ID
1206     }
1207 }
1208 
1209 /**
1210  *
1211  * @param exit_early set to 1 to just gather packet position without making the changes needed to actually read & return the packet
1212  */
avi_sync(AVFormatContext * s,int exit_early)1213 static int avi_sync(AVFormatContext *s, int exit_early)
1214 {
1215     AVIContext *avi = s->priv_data;
1216     AVIOContext *pb = s->pb;
1217     int n;
1218     unsigned int d[8];
1219     unsigned int size;
1220     int64_t i, sync;
1221 
1222 start_sync:
1223     memset(d, -1, sizeof(d));
1224     for (i = sync = avio_tell(pb); !avio_feof(pb); i++) {
1225         int j;
1226 
1227         for (j = 0; j < 7; j++)
1228             d[j] = d[j + 1];
1229         d[7] = avio_r8(pb);
1230 
1231         size = d[4] + (d[5] << 8) + (d[6] << 16) + (d[7] << 24);
1232 
1233         n = get_stream_idx(d + 2);
1234         ff_tlog(s, "%X %X %X %X %X %X %X %X %"PRId64" %u %d\n",
1235                 d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], i, size, n);
1236         if (i*(avi->io_fsize>0) + (uint64_t)size > avi->fsize || d[0] > 127)
1237             continue;
1238 
1239         // parse ix##
1240         if ((d[0] == 'i' && d[1] == 'x' && n < s->nb_streams) ||
1241             // parse JUNK
1242             (d[0] == 'J' && d[1] == 'U' && d[2] == 'N' && d[3] == 'K') ||
1243             (d[0] == 'i' && d[1] == 'd' && d[2] == 'x' && d[3] == '1') ||
1244             (d[0] == 'i' && d[1] == 'n' && d[2] == 'd' && d[3] == 'x')) {
1245             avio_skip(pb, size);
1246             goto start_sync;
1247         }
1248 
1249         // parse stray LIST
1250         if (d[0] == 'L' && d[1] == 'I' && d[2] == 'S' && d[3] == 'T') {
1251             avio_skip(pb, 4);
1252             goto start_sync;
1253         }
1254 
1255         n = get_stream_idx(d);
1256 
1257         if (!((i - avi->last_pkt_pos) & 1) &&
1258             get_stream_idx(d + 1) < s->nb_streams)
1259             continue;
1260 
1261         // detect ##ix chunk and skip
1262         if (d[2] == 'i' && d[3] == 'x' && n < s->nb_streams) {
1263             avio_skip(pb, size);
1264             goto start_sync;
1265         }
1266 
1267         if (d[2] == 'w' && d[3] == 'c' && n < s->nb_streams) {
1268             avio_skip(pb, 16 * 3 + 8);
1269             goto start_sync;
1270         }
1271 
1272         if (avi->dv_demux && n != 0)
1273             continue;
1274 
1275         // parse ##dc/##wb
1276         if (n < s->nb_streams) {
1277             AVStream *st;
1278             AVIStream *ast;
1279             st  = s->streams[n];
1280             ast = st->priv_data;
1281 
1282             if (!ast) {
1283                 av_log(s, AV_LOG_WARNING, "Skipping foreign stream %d packet\n", n);
1284                 continue;
1285             }
1286 
1287             if (s->nb_streams >= 2) {
1288                 AVStream *st1   = s->streams[1];
1289                 AVIStream *ast1 = st1->priv_data;
1290                 // workaround for broken small-file-bug402.avi
1291                 if (ast1 && d[2] == 'w' && d[3] == 'b'
1292                    && n == 0
1293                    && st ->codecpar->codec_type == AVMEDIA_TYPE_VIDEO
1294                    && st1->codecpar->codec_type == AVMEDIA_TYPE_AUDIO
1295                    && ast->prefix == 'd'*256+'c'
1296                    && (d[2]*256+d[3] == ast1->prefix || !ast1->prefix_count)
1297                   ) {
1298                     n   = 1;
1299                     st  = st1;
1300                     ast = ast1;
1301                     av_log(s, AV_LOG_WARNING,
1302                            "Invalid stream + prefix combination, assuming audio.\n");
1303                 }
1304             }
1305 
1306             if (d[2] == 'p' && d[3] == 'c' && size <= 4 * 256 + 4) {
1307                 int k    = avio_r8(pb);
1308                 int last = (k + avio_r8(pb) - 1) & 0xFF;
1309 
1310                 avio_rl16(pb); // flags
1311 
1312                 // b + (g << 8) + (r << 16);
1313                 for (; k <= last; k++)
1314                     ast->pal[k] = 0xFFU<<24 | avio_rb32(pb)>>8;
1315 
1316                 ast->has_pal = 1;
1317                 goto start_sync;
1318             } else if (((ast->prefix_count < 5 || sync + 9 > i) &&
1319                         d[2] < 128 && d[3] < 128) ||
1320                        d[2] * 256 + d[3] == ast->prefix /* ||
1321                        (d[2] == 'd' && d[3] == 'c') ||
1322                        (d[2] == 'w' && d[3] == 'b') */) {
1323                 if (exit_early)
1324                     return 0;
1325                 if (d[2] * 256 + d[3] == ast->prefix)
1326                     ast->prefix_count++;
1327                 else {
1328                     ast->prefix       = d[2] * 256 + d[3];
1329                     ast->prefix_count = 0;
1330                 }
1331 
1332                 if (!avi->dv_demux &&
1333                     ((st->discard >= AVDISCARD_DEFAULT && size == 0) /* ||
1334                         // FIXME: needs a little reordering
1335                         (st->discard >= AVDISCARD_NONKEY &&
1336                         !(pkt->flags & AV_PKT_FLAG_KEY)) */
1337                     || st->discard >= AVDISCARD_ALL)) {
1338 
1339                     ast->frame_offset += get_duration(ast, size);
1340                     avio_skip(pb, size);
1341                     goto start_sync;
1342                 }
1343 
1344                 avi->stream_index = n;
1345                 ast->packet_size  = size + 8;
1346                 ast->remaining    = size;
1347 
1348                 if (size) {
1349                     uint64_t pos = avio_tell(pb) - 8;
1350                     if (!st->index_entries || !st->nb_index_entries ||
1351                         st->index_entries[st->nb_index_entries - 1].pos < pos) {
1352                         av_add_index_entry(st, pos, ast->frame_offset, size,
1353                                            0, AVINDEX_KEYFRAME);
1354                     }
1355                 }
1356                 return 0;
1357             }
1358         }
1359     }
1360 
1361     if (pb->error)
1362         return pb->error;
1363     return AVERROR_EOF;
1364 }
1365 
ni_prepare_read(AVFormatContext * s)1366 static int ni_prepare_read(AVFormatContext *s)
1367 {
1368     AVIContext *avi = s->priv_data;
1369     int best_stream_index = 0;
1370     AVStream *best_st     = NULL;
1371     AVIStream *best_ast;
1372     int64_t best_ts = INT64_MAX;
1373     int i;
1374 
1375     for (i = 0; i < s->nb_streams; i++) {
1376         AVStream *st   = s->streams[i];
1377         AVIStream *ast = st->priv_data;
1378         int64_t ts     = ast->frame_offset;
1379         int64_t last_ts;
1380 
1381         if (!st->nb_index_entries)
1382             continue;
1383 
1384         last_ts = st->index_entries[st->nb_index_entries - 1].timestamp;
1385         if (!ast->remaining && ts > last_ts)
1386             continue;
1387 
1388         ts = av_rescale_q(ts, st->time_base,
1389                           (AVRational) { FFMAX(1, ast->sample_size),
1390                                          AV_TIME_BASE });
1391 
1392         av_log(s, AV_LOG_TRACE, "%"PRId64" %d/%d %"PRId64"\n", ts,
1393                 st->time_base.num, st->time_base.den, ast->frame_offset);
1394         if (ts < best_ts) {
1395             best_ts           = ts;
1396             best_st           = st;
1397             best_stream_index = i;
1398         }
1399     }
1400     if (!best_st)
1401         return AVERROR_EOF;
1402 
1403     best_ast = best_st->priv_data;
1404     best_ts  = best_ast->frame_offset;
1405     if (best_ast->remaining) {
1406         i = av_index_search_timestamp(best_st,
1407                                       best_ts,
1408                                       AVSEEK_FLAG_ANY |
1409                                       AVSEEK_FLAG_BACKWARD);
1410     } else {
1411         i = av_index_search_timestamp(best_st, best_ts, AVSEEK_FLAG_ANY);
1412         if (i >= 0)
1413             best_ast->frame_offset = best_st->index_entries[i].timestamp;
1414     }
1415 
1416     if (i >= 0) {
1417         int64_t pos = best_st->index_entries[i].pos;
1418         pos += best_ast->packet_size - best_ast->remaining;
1419         if (avio_seek(s->pb, pos + 8, SEEK_SET) < 0)
1420           return AVERROR_EOF;
1421 
1422         av_assert0(best_ast->remaining <= best_ast->packet_size);
1423 
1424         avi->stream_index = best_stream_index;
1425         if (!best_ast->remaining)
1426             best_ast->packet_size =
1427             best_ast->remaining   = best_st->index_entries[i].size;
1428     }
1429     else
1430         return AVERROR_EOF;
1431 
1432     return 0;
1433 }
1434 
avi_read_packet(AVFormatContext * s,AVPacket * pkt)1435 static int avi_read_packet(AVFormatContext *s, AVPacket *pkt)
1436 {
1437     AVIContext *avi = s->priv_data;
1438     AVIOContext *pb = s->pb;
1439     int err;
1440 
1441     if (CONFIG_DV_DEMUXER && avi->dv_demux) {
1442         int size = avpriv_dv_get_packet(avi->dv_demux, pkt);
1443         if (size >= 0)
1444             return size;
1445         else
1446             goto resync;
1447     }
1448 
1449     if (avi->non_interleaved) {
1450         err = ni_prepare_read(s);
1451         if (err < 0)
1452             return err;
1453     }
1454 
1455 resync:
1456     if (avi->stream_index >= 0) {
1457         AVStream *st   = s->streams[avi->stream_index];
1458         AVIStream *ast = st->priv_data;
1459         int dv_demux = CONFIG_DV_DEMUXER && avi->dv_demux;
1460         int size, err;
1461 
1462         if (get_subtitle_pkt(s, st, pkt))
1463             return 0;
1464 
1465         // minorityreport.AVI block_align=1024 sample_size=1 IMA-ADPCM
1466         if (ast->sample_size <= 1)
1467             size = INT_MAX;
1468         else if (ast->sample_size < 32)
1469             // arbitrary multiplier to avoid tiny packets for raw PCM data
1470             size = 1024 * ast->sample_size;
1471         else
1472             size = ast->sample_size;
1473 
1474         if (size > ast->remaining)
1475             size = ast->remaining;
1476         avi->last_pkt_pos = avio_tell(pb);
1477         err               = av_get_packet(pb, pkt, size);
1478         if (err < 0)
1479             return err;
1480         size = err;
1481 
1482         if (ast->has_pal && pkt->size < (unsigned)INT_MAX / 2 && !dv_demux) {
1483             uint8_t *pal;
1484             pal = av_packet_new_side_data(pkt,
1485                                           AV_PKT_DATA_PALETTE,
1486                                           AVPALETTE_SIZE);
1487             if (!pal) {
1488                 av_log(s, AV_LOG_ERROR,
1489                        "Failed to allocate data for palette\n");
1490             } else {
1491                 memcpy(pal, ast->pal, AVPALETTE_SIZE);
1492                 ast->has_pal = 0;
1493             }
1494         }
1495 
1496         if (CONFIG_DV_DEMUXER && dv_demux) {
1497             AVBufferRef *avbuf = pkt->buf;
1498             size = avpriv_dv_produce_packet(avi->dv_demux, pkt,
1499                                             pkt->data, pkt->size, pkt->pos);
1500             pkt->buf    = avbuf;
1501             pkt->flags |= AV_PKT_FLAG_KEY;
1502             if (size < 0)
1503                 av_packet_unref(pkt);
1504         } else if (st->codecpar->codec_type == AVMEDIA_TYPE_SUBTITLE &&
1505                    !st->codecpar->codec_tag && read_gab2_sub(s, st, pkt)) {
1506             ast->frame_offset++;
1507             avi->stream_index = -1;
1508             ast->remaining    = 0;
1509             goto resync;
1510         } else {
1511             /* XXX: How to handle B-frames in AVI? */
1512             pkt->dts = ast->frame_offset;
1513 //                pkt->dts += ast->start;
1514             if (ast->sample_size)
1515                 pkt->dts /= ast->sample_size;
1516             pkt->stream_index = avi->stream_index;
1517 
1518             if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && st->index_entries) {
1519                 AVIndexEntry *e;
1520                 int index;
1521 
1522                 index = av_index_search_timestamp(st, ast->frame_offset, AVSEEK_FLAG_ANY);
1523                 e     = &st->index_entries[index];
1524 
1525                 if (index >= 0 && e->timestamp == ast->frame_offset) {
1526                     if (index == st->nb_index_entries-1) {
1527                         int key=1;
1528                         uint32_t state=-1;
1529                         if (st->codecpar->codec_id == AV_CODEC_ID_MPEG4) {
1530                             const uint8_t *ptr = pkt->data, *end = ptr + FFMIN(size, 256);
1531                             while (ptr < end) {
1532                                 ptr = avpriv_find_start_code(ptr, end, &state);
1533                                 if (state == 0x1B6 && ptr < end) {
1534                                     key = !(*ptr & 0xC0);
1535                                     break;
1536                                 }
1537                             }
1538                         }
1539                         if (!key)
1540                             e->flags &= ~AVINDEX_KEYFRAME;
1541                     }
1542                     if (e->flags & AVINDEX_KEYFRAME)
1543                         pkt->flags |= AV_PKT_FLAG_KEY;
1544                 }
1545             } else {
1546                 pkt->flags |= AV_PKT_FLAG_KEY;
1547             }
1548             ast->frame_offset += get_duration(ast, pkt->size);
1549         }
1550         ast->remaining -= err;
1551         if (!ast->remaining) {
1552             avi->stream_index = -1;
1553             ast->packet_size  = 0;
1554         }
1555 
1556         if (!avi->non_interleaved && pkt->pos >= 0 && ast->seek_pos > pkt->pos) {
1557             av_packet_unref(pkt);
1558             goto resync;
1559         }
1560         ast->seek_pos= 0;
1561 
1562         if (!avi->non_interleaved && st->nb_index_entries>1 && avi->index_loaded>1) {
1563             int64_t dts= av_rescale_q(pkt->dts, st->time_base, AV_TIME_BASE_Q);
1564 
1565             if (avi->dts_max < dts) {
1566                 avi->dts_max = dts;
1567             } else if (avi->dts_max - (uint64_t)dts > 2*AV_TIME_BASE) {
1568                 avi->non_interleaved= 1;
1569                 av_log(s, AV_LOG_INFO, "Switching to NI mode, due to poor interleaving\n");
1570             }
1571         }
1572 
1573         return 0;
1574     }
1575 
1576     if ((err = avi_sync(s, 0)) < 0)
1577         return err;
1578     goto resync;
1579 }
1580 
1581 /* XXX: We make the implicit supposition that the positions are sorted
1582  * for each stream. */
avi_read_idx1(AVFormatContext * s,int size)1583 static int avi_read_idx1(AVFormatContext *s, int size)
1584 {
1585     AVIContext *avi = s->priv_data;
1586     AVIOContext *pb = s->pb;
1587     int nb_index_entries, i;
1588     AVStream *st;
1589     AVIStream *ast;
1590     int64_t pos;
1591     unsigned int index, tag, flags, len, first_packet = 1;
1592     int64_t last_pos = -1;
1593     unsigned last_idx = -1;
1594     int64_t idx1_pos, first_packet_pos = 0, data_offset = 0;
1595     int anykey = 0;
1596 
1597     nb_index_entries = size / 16;
1598     if (nb_index_entries <= 0)
1599         return AVERROR_INVALIDDATA;
1600 
1601     idx1_pos = avio_tell(pb);
1602     avio_seek(pb, avi->movi_list + 4, SEEK_SET);
1603     if (avi_sync(s, 1) == 0)
1604         first_packet_pos = avio_tell(pb) - 8;
1605     avi->stream_index = -1;
1606     avio_seek(pb, idx1_pos, SEEK_SET);
1607 
1608     if (s->nb_streams == 1 && s->streams[0]->codecpar->codec_tag == AV_RL32("MMES")) {
1609         first_packet_pos = 0;
1610         data_offset = avi->movi_list;
1611     }
1612 
1613     /* Read the entries and sort them in each stream component. */
1614     for (i = 0; i < nb_index_entries; i++) {
1615         if (avio_feof(pb))
1616             return -1;
1617 
1618         tag   = avio_rl32(pb);
1619         flags = avio_rl32(pb);
1620         pos   = avio_rl32(pb);
1621         len   = avio_rl32(pb);
1622         av_log(s, AV_LOG_TRACE, "%d: tag=0x%x flags=0x%x pos=0x%"PRIx64" len=%d/",
1623                 i, tag, flags, pos, len);
1624 
1625         index  = ((tag      & 0xff) - '0') * 10;
1626         index +=  (tag >> 8 & 0xff) - '0';
1627         if (index >= s->nb_streams)
1628             continue;
1629         st  = s->streams[index];
1630         ast = st->priv_data;
1631 
1632         /* Skip 'xxpc' palette change entries in the index until a logic
1633          * to process these is properly implemented. */
1634         if ((tag >> 16 & 0xff) == 'p' && (tag >> 24 & 0xff) == 'c')
1635             continue;
1636 
1637         if (first_packet && first_packet_pos) {
1638             if (avi->movi_list + 4 != pos || pos + 500 > first_packet_pos)
1639                 data_offset  = first_packet_pos - pos;
1640             first_packet = 0;
1641         }
1642         pos += data_offset;
1643 
1644         av_log(s, AV_LOG_TRACE, "%d cum_len=%"PRId64"\n", len, ast->cum_len);
1645 
1646         // even if we have only a single stream, we should
1647         // switch to non-interleaved to get correct timestamps
1648         if (last_pos == pos)
1649             avi->non_interleaved = 1;
1650         if (last_idx != pos && len) {
1651             av_add_index_entry(st, pos, ast->cum_len, len, 0,
1652                                (flags & AVIIF_INDEX) ? AVINDEX_KEYFRAME : 0);
1653             last_idx= pos;
1654         }
1655         ast->cum_len += get_duration(ast, len);
1656         last_pos      = pos;
1657         anykey       |= flags&AVIIF_INDEX;
1658     }
1659     if (!anykey) {
1660         for (index = 0; index < s->nb_streams; index++) {
1661             st = s->streams[index];
1662             if (st->nb_index_entries)
1663                 st->index_entries[0].flags |= AVINDEX_KEYFRAME;
1664         }
1665     }
1666     return 0;
1667 }
1668 
1669 /* Scan the index and consider any file with streams more than
1670  * 2 seconds or 64MB apart non-interleaved. */
check_stream_max_drift(AVFormatContext * s)1671 static int check_stream_max_drift(AVFormatContext *s)
1672 {
1673     int64_t min_pos, pos;
1674     int i;
1675     int *idx = av_mallocz_array(s->nb_streams, sizeof(*idx));
1676     if (!idx)
1677         return AVERROR(ENOMEM);
1678     for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1LU) {
1679         int64_t max_dts = INT64_MIN / 2;
1680         int64_t min_dts = INT64_MAX / 2;
1681         int64_t max_buffer = 0;
1682 
1683         min_pos = INT64_MAX;
1684 
1685         for (i = 0; i < s->nb_streams; i++) {
1686             AVStream *st = s->streams[i];
1687             AVIStream *ast = st->priv_data;
1688             int n = st->nb_index_entries;
1689             while (idx[i] < n && st->index_entries[idx[i]].pos < pos)
1690                 idx[i]++;
1691             if (idx[i] < n) {
1692                 int64_t dts;
1693                 dts = av_rescale_q(st->index_entries[idx[i]].timestamp /
1694                                    FFMAX(ast->sample_size, 1),
1695                                    st->time_base, AV_TIME_BASE_Q);
1696                 min_dts = FFMIN(min_dts, dts);
1697                 min_pos = FFMIN(min_pos, st->index_entries[idx[i]].pos);
1698             }
1699         }
1700         for (i = 0; i < s->nb_streams; i++) {
1701             AVStream *st = s->streams[i];
1702             AVIStream *ast = st->priv_data;
1703 
1704             if (idx[i] && min_dts != INT64_MAX / 2) {
1705                 int64_t dts, delta_dts;
1706                 dts = av_rescale_q(st->index_entries[idx[i] - 1].timestamp /
1707                                    FFMAX(ast->sample_size, 1),
1708                                    st->time_base, AV_TIME_BASE_Q);
1709                 delta_dts = av_sat_sub64(dts, min_dts);
1710                 max_dts = FFMAX(max_dts, dts);
1711                 max_buffer = FFMAX(max_buffer,
1712                                    av_rescale(delta_dts,
1713                                               st->codecpar->bit_rate,
1714                                               AV_TIME_BASE));
1715             }
1716         }
1717         if (av_sat_sub64(max_dts, min_dts) > 2 * AV_TIME_BASE ||
1718             max_buffer > 1024 * 1024 * 8 * 8) {
1719             av_free(idx);
1720             return 1;
1721         }
1722     }
1723     av_free(idx);
1724     return 0;
1725 }
1726 
guess_ni_flag(AVFormatContext * s)1727 static int guess_ni_flag(AVFormatContext *s)
1728 {
1729     int i;
1730     int64_t last_start = 0;
1731     int64_t first_end  = INT64_MAX;
1732     int64_t oldpos     = avio_tell(s->pb);
1733 
1734     for (i = 0; i < s->nb_streams; i++) {
1735         AVStream *st = s->streams[i];
1736         int n        = st->nb_index_entries;
1737         unsigned int size;
1738 
1739         if (n <= 0)
1740             continue;
1741 
1742         if (n >= 2) {
1743             int64_t pos = st->index_entries[0].pos;
1744             unsigned tag[2];
1745             avio_seek(s->pb, pos, SEEK_SET);
1746             tag[0] = avio_r8(s->pb);
1747             tag[1] = avio_r8(s->pb);
1748             avio_rl16(s->pb);
1749             size = avio_rl32(s->pb);
1750             if (get_stream_idx(tag) == i && pos + size > st->index_entries[1].pos)
1751                 last_start = INT64_MAX;
1752             if (get_stream_idx(tag) == i && size == st->index_entries[0].size + 8)
1753                 last_start = INT64_MAX;
1754         }
1755 
1756         if (st->index_entries[0].pos > last_start)
1757             last_start = st->index_entries[0].pos;
1758         if (st->index_entries[n - 1].pos < first_end)
1759             first_end = st->index_entries[n - 1].pos;
1760     }
1761     avio_seek(s->pb, oldpos, SEEK_SET);
1762 
1763     if (last_start > first_end)
1764         return 1;
1765 
1766     return check_stream_max_drift(s);
1767 }
1768 
avi_load_index(AVFormatContext * s)1769 static int avi_load_index(AVFormatContext *s)
1770 {
1771     AVIContext *avi = s->priv_data;
1772     AVIOContext *pb = s->pb;
1773     uint32_t tag, size;
1774     int64_t pos = avio_tell(pb);
1775     int64_t next;
1776     int ret     = -1;
1777 
1778     if (avio_seek(pb, avi->movi_end, SEEK_SET) < 0)
1779         goto the_end; // maybe truncated file
1780     av_log(s, AV_LOG_TRACE, "movi_end=0x%"PRIx64"\n", avi->movi_end);
1781     for (;;) {
1782         tag  = avio_rl32(pb);
1783         size = avio_rl32(pb);
1784         if (avio_feof(pb))
1785             break;
1786         next = avio_tell(pb);
1787         if (next < 0 || next > INT64_MAX - size - (size & 1))
1788             break;
1789         next += size + (size & 1LL);
1790 
1791         if (tag == MKTAG('i', 'd', 'x', '1') &&
1792             avi_read_idx1(s, size) >= 0) {
1793             avi->index_loaded=2;
1794             ret = 0;
1795         }else if (tag == MKTAG('L', 'I', 'S', 'T')) {
1796             uint32_t tag1 = avio_rl32(pb);
1797 
1798             if (tag1 == MKTAG('I', 'N', 'F', 'O'))
1799                 ff_read_riff_info(s, size - 4);
1800         }else if (!ret)
1801             break;
1802 
1803         if (avio_seek(pb, next, SEEK_SET) < 0)
1804             break; // something is wrong here
1805     }
1806 
1807 the_end:
1808     avio_seek(pb, pos, SEEK_SET);
1809     return ret;
1810 }
1811 
seek_subtitle(AVStream * st,AVStream * st2,int64_t timestamp)1812 static void seek_subtitle(AVStream *st, AVStream *st2, int64_t timestamp)
1813 {
1814     AVIStream *ast2 = st2->priv_data;
1815     int64_t ts2     = av_rescale_q(timestamp, st->time_base, st2->time_base);
1816     av_packet_unref(ast2->sub_pkt);
1817     if (avformat_seek_file(ast2->sub_ctx, 0, INT64_MIN, ts2, ts2, 0) >= 0 ||
1818         avformat_seek_file(ast2->sub_ctx, 0, ts2, ts2, INT64_MAX, 0) >= 0)
1819         ff_read_packet(ast2->sub_ctx, ast2->sub_pkt);
1820 }
1821 
avi_read_seek(AVFormatContext * s,int stream_index,int64_t timestamp,int flags)1822 static int avi_read_seek(AVFormatContext *s, int stream_index,
1823                          int64_t timestamp, int flags)
1824 {
1825     AVIContext *avi = s->priv_data;
1826     AVStream *st;
1827     int i, index;
1828     int64_t pos, pos_min;
1829     AVIStream *ast;
1830 
1831     /* Does not matter which stream is requested dv in avi has the
1832      * stream information in the first video stream.
1833      */
1834     if (avi->dv_demux)
1835         stream_index = 0;
1836 
1837     if (!avi->index_loaded) {
1838         /* we only load the index on demand */
1839         avi_load_index(s);
1840         avi->index_loaded |= 1;
1841     }
1842     av_assert0(stream_index >= 0);
1843 
1844     st    = s->streams[stream_index];
1845     ast   = st->priv_data;
1846     index = av_index_search_timestamp(st,
1847                                       timestamp * FFMAX(ast->sample_size, 1),
1848                                       flags);
1849     if (index < 0) {
1850         if (st->nb_index_entries > 0)
1851             av_log(s, AV_LOG_DEBUG, "Failed to find timestamp %"PRId64 " in index %"PRId64 " .. %"PRId64 "\n",
1852                    timestamp * FFMAX(ast->sample_size, 1),
1853                    st->index_entries[0].timestamp,
1854                    st->index_entries[st->nb_index_entries - 1].timestamp);
1855         return AVERROR_INVALIDDATA;
1856     }
1857 
1858     /* find the position */
1859     pos       = st->index_entries[index].pos;
1860     timestamp = st->index_entries[index].timestamp / FFMAX(ast->sample_size, 1);
1861 
1862     av_log(s, AV_LOG_TRACE, "XX %"PRId64" %d %"PRId64"\n",
1863             timestamp, index, st->index_entries[index].timestamp);
1864 
1865     if (CONFIG_DV_DEMUXER && avi->dv_demux) {
1866         /* One and only one real stream for DV in AVI, and it has video  */
1867         /* offsets. Calling with other stream indexes should have failed */
1868         /* the av_index_search_timestamp call above.                     */
1869 
1870         if (avio_seek(s->pb, pos, SEEK_SET) < 0)
1871             return -1;
1872 
1873         /* Feed the DV video stream version of the timestamp to the */
1874         /* DV demux so it can synthesize correct timestamps.        */
1875         ff_dv_offset_reset(avi->dv_demux, timestamp);
1876 
1877         avi->stream_index = -1;
1878         return 0;
1879     }
1880 
1881     pos_min = pos;
1882     for (i = 0; i < s->nb_streams; i++) {
1883         AVStream *st2   = s->streams[i];
1884         AVIStream *ast2 = st2->priv_data;
1885 
1886         ast2->packet_size =
1887         ast2->remaining   = 0;
1888 
1889         if (ast2->sub_ctx) {
1890             seek_subtitle(st, st2, timestamp);
1891             continue;
1892         }
1893 
1894         if (st2->nb_index_entries <= 0)
1895             continue;
1896 
1897 //        av_assert1(st2->codecpar->block_align);
1898         index = av_index_search_timestamp(st2,
1899                                           av_rescale_q(timestamp,
1900                                                        st->time_base,
1901                                                        st2->time_base) *
1902                                           FFMAX(ast2->sample_size, 1),
1903                                           flags |
1904                                           AVSEEK_FLAG_BACKWARD |
1905                                           (st2->codecpar->codec_type != AVMEDIA_TYPE_VIDEO ? AVSEEK_FLAG_ANY : 0));
1906         if (index < 0)
1907             index = 0;
1908         ast2->seek_pos = st2->index_entries[index].pos;
1909         pos_min = FFMIN(pos_min,ast2->seek_pos);
1910     }
1911     for (i = 0; i < s->nb_streams; i++) {
1912         AVStream *st2 = s->streams[i];
1913         AVIStream *ast2 = st2->priv_data;
1914 
1915         if (ast2->sub_ctx || st2->nb_index_entries <= 0)
1916             continue;
1917 
1918         index = av_index_search_timestamp(
1919                 st2,
1920                 av_rescale_q(timestamp, st->time_base, st2->time_base) * FFMAX(ast2->sample_size, 1),
1921                 flags | AVSEEK_FLAG_BACKWARD | (st2->codecpar->codec_type != AVMEDIA_TYPE_VIDEO ? AVSEEK_FLAG_ANY : 0));
1922         if (index < 0)
1923             index = 0;
1924         while (!avi->non_interleaved && index>0 && st2->index_entries[index-1].pos >= pos_min)
1925             index--;
1926         ast2->frame_offset = st2->index_entries[index].timestamp;
1927     }
1928 
1929     /* do the seek */
1930     if (avio_seek(s->pb, pos_min, SEEK_SET) < 0) {
1931         av_log(s, AV_LOG_ERROR, "Seek failed\n");
1932         return -1;
1933     }
1934     avi->stream_index = -1;
1935     avi->dts_max      = INT_MIN;
1936     return 0;
1937 }
1938 
avi_read_close(AVFormatContext * s)1939 static int avi_read_close(AVFormatContext *s)
1940 {
1941     int i;
1942     AVIContext *avi = s->priv_data;
1943 
1944     for (i = 0; i < s->nb_streams; i++) {
1945         AVStream *st   = s->streams[i];
1946         AVIStream *ast = st->priv_data;
1947         if (ast) {
1948             if (ast->sub_ctx) {
1949                 av_freep(&ast->sub_ctx->pb);
1950                 avformat_close_input(&ast->sub_ctx);
1951             }
1952             av_buffer_unref(&ast->sub_buffer);
1953             av_packet_free(&ast->sub_pkt);
1954         }
1955     }
1956 
1957     av_freep(&avi->dv_demux);
1958 
1959     return 0;
1960 }
1961 
avi_probe(const AVProbeData * p)1962 static int avi_probe(const AVProbeData *p)
1963 {
1964     int i;
1965 
1966     /* check file header */
1967     for (i = 0; avi_headers[i][0]; i++)
1968         if (AV_RL32(p->buf    ) == AV_RL32(avi_headers[i]    ) &&
1969             AV_RL32(p->buf + 8) == AV_RL32(avi_headers[i] + 4))
1970             return AVPROBE_SCORE_MAX;
1971 
1972     return 0;
1973 }
1974 
1975 AVInputFormat ff_avi_demuxer = {
1976     .name           = "avi",
1977     .long_name      = NULL_IF_CONFIG_SMALL("AVI (Audio Video Interleaved)"),
1978     .priv_data_size = sizeof(AVIContext),
1979     .extensions     = "avi",
1980     .read_probe     = avi_probe,
1981     .read_header    = avi_read_header,
1982     .read_packet    = avi_read_packet,
1983     .read_close     = avi_read_close,
1984     .read_seek      = avi_read_seek,
1985     .priv_class = &demuxer_class,
1986 };
1987