1 /*
2 * MOV demuxer
3 * Copyright (c) 2001 Fabrice Bellard
4 * Copyright (c) 2009 Baptiste Coudurier <baptiste dot coudurier at gmail dot com>
5 *
6 * first version by Francois Revol <revol@free.fr>
7 * seek function by Gael Chardon <gael.dev@4now.net>
8 *
9 * This file is part of FFmpeg.
10 *
11 * FFmpeg is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU Lesser General Public
13 * License as published by the Free Software Foundation; either
14 * version 2.1 of the License, or (at your option) any later version.
15 *
16 * FFmpeg is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * Lesser General Public License for more details.
20 *
21 * You should have received a copy of the GNU Lesser General Public
22 * License along with FFmpeg; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 */
25
26 #include <inttypes.h>
27 #include <limits.h>
28 #include <stdint.h>
29
30 #include "libavutil/attributes.h"
31 #include "libavutil/channel_layout.h"
32 #include "libavutil/internal.h"
33 #include "libavutil/intreadwrite.h"
34 #include "libavutil/intfloat.h"
35 #include "libavutil/mathematics.h"
36 #include "libavutil/time_internal.h"
37 #include "libavutil/avassert.h"
38 #include "libavutil/avstring.h"
39 #include "libavutil/dict.h"
40 #include "libavutil/display.h"
41 #include "libavutil/opt.h"
42 #include "libavutil/aes.h"
43 #include "libavutil/aes_ctr.h"
44 #include "libavutil/pixdesc.h"
45 #include "libavutil/sha.h"
46 #include "libavutil/spherical.h"
47 #include "libavutil/stereo3d.h"
48 #include "libavutil/timecode.h"
49 #include "libavcodec/ac3tab.h"
50 #include "libavcodec/flac.h"
51 #include "libavcodec/mpegaudiodecheader.h"
52 #include "avformat.h"
53 #include "internal.h"
54 #include "avio_internal.h"
55 #include "riff.h"
56 #include "isom.h"
57 #include "libavcodec/get_bits.h"
58 #include "id3v1.h"
59 #include "mov_chan.h"
60 #include "replaygain.h"
61
62 #if CONFIG_ZLIB
63 #include <zlib.h>
64 #endif
65
66 #include "qtpalette.h"
67
68 /* those functions parse an atom */
69 /* links atom IDs to parse functions */
70 typedef struct MOVParseTableEntry {
71 uint32_t type;
72 int (*parse)(MOVContext *ctx, AVIOContext *pb, MOVAtom atom);
73 } MOVParseTableEntry;
74
75 static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom);
76 static int mov_read_mfra(MOVContext *c, AVIOContext *f);
77 static int64_t add_ctts_entry(MOVStts** ctts_data, unsigned int* ctts_count, unsigned int* allocated_size,
78 int count, int duration);
79
mov_metadata_track_or_disc_number(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)80 static int mov_metadata_track_or_disc_number(MOVContext *c, AVIOContext *pb,
81 unsigned len, const char *key)
82 {
83 char buf[16];
84
85 short current, total = 0;
86 avio_rb16(pb); // unknown
87 current = avio_rb16(pb);
88 if (len >= 6)
89 total = avio_rb16(pb);
90 if (!total)
91 snprintf(buf, sizeof(buf), "%d", current);
92 else
93 snprintf(buf, sizeof(buf), "%d/%d", current, total);
94 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
95 av_dict_set(&c->fc->metadata, key, buf, 0);
96
97 return 0;
98 }
99
mov_metadata_int8_bypass_padding(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)100 static int mov_metadata_int8_bypass_padding(MOVContext *c, AVIOContext *pb,
101 unsigned len, const char *key)
102 {
103 /* bypass padding bytes */
104 avio_r8(pb);
105 avio_r8(pb);
106 avio_r8(pb);
107
108 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
109 av_dict_set_int(&c->fc->metadata, key, avio_r8(pb), 0);
110
111 return 0;
112 }
113
mov_metadata_int8_no_padding(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)114 static int mov_metadata_int8_no_padding(MOVContext *c, AVIOContext *pb,
115 unsigned len, const char *key)
116 {
117 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
118 av_dict_set_int(&c->fc->metadata, key, avio_r8(pb), 0);
119
120 return 0;
121 }
122
mov_metadata_gnre(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)123 static int mov_metadata_gnre(MOVContext *c, AVIOContext *pb,
124 unsigned len, const char *key)
125 {
126 short genre;
127
128 avio_r8(pb); // unknown
129
130 genre = avio_r8(pb);
131 if (genre < 1 || genre > ID3v1_GENRE_MAX)
132 return 0;
133 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
134 av_dict_set(&c->fc->metadata, key, ff_id3v1_genre_str[genre-1], 0);
135
136 return 0;
137 }
138
139 static const uint32_t mac_to_unicode[128] = {
140 0x00C4,0x00C5,0x00C7,0x00C9,0x00D1,0x00D6,0x00DC,0x00E1,
141 0x00E0,0x00E2,0x00E4,0x00E3,0x00E5,0x00E7,0x00E9,0x00E8,
142 0x00EA,0x00EB,0x00ED,0x00EC,0x00EE,0x00EF,0x00F1,0x00F3,
143 0x00F2,0x00F4,0x00F6,0x00F5,0x00FA,0x00F9,0x00FB,0x00FC,
144 0x2020,0x00B0,0x00A2,0x00A3,0x00A7,0x2022,0x00B6,0x00DF,
145 0x00AE,0x00A9,0x2122,0x00B4,0x00A8,0x2260,0x00C6,0x00D8,
146 0x221E,0x00B1,0x2264,0x2265,0x00A5,0x00B5,0x2202,0x2211,
147 0x220F,0x03C0,0x222B,0x00AA,0x00BA,0x03A9,0x00E6,0x00F8,
148 0x00BF,0x00A1,0x00AC,0x221A,0x0192,0x2248,0x2206,0x00AB,
149 0x00BB,0x2026,0x00A0,0x00C0,0x00C3,0x00D5,0x0152,0x0153,
150 0x2013,0x2014,0x201C,0x201D,0x2018,0x2019,0x00F7,0x25CA,
151 0x00FF,0x0178,0x2044,0x20AC,0x2039,0x203A,0xFB01,0xFB02,
152 0x2021,0x00B7,0x201A,0x201E,0x2030,0x00C2,0x00CA,0x00C1,
153 0x00CB,0x00C8,0x00CD,0x00CE,0x00CF,0x00CC,0x00D3,0x00D4,
154 0xF8FF,0x00D2,0x00DA,0x00DB,0x00D9,0x0131,0x02C6,0x02DC,
155 0x00AF,0x02D8,0x02D9,0x02DA,0x00B8,0x02DD,0x02DB,0x02C7,
156 };
157
mov_read_mac_string(MOVContext * c,AVIOContext * pb,int len,char * dst,int dstlen)158 static int mov_read_mac_string(MOVContext *c, AVIOContext *pb, int len,
159 char *dst, int dstlen)
160 {
161 char *p = dst;
162 char *end = dst+dstlen-1;
163 int i;
164
165 for (i = 0; i < len; i++) {
166 uint8_t t, c = avio_r8(pb);
167
168 if (p >= end)
169 continue;
170
171 if (c < 0x80)
172 *p++ = c;
173 else if (p < end)
174 PUT_UTF8(mac_to_unicode[c-0x80], t, if (p < end) *p++ = t;);
175 }
176 *p = 0;
177 return p - dst;
178 }
179
mov_read_covr(MOVContext * c,AVIOContext * pb,int type,int len)180 static int mov_read_covr(MOVContext *c, AVIOContext *pb, int type, int len)
181 {
182 AVPacket pkt;
183 AVStream *st;
184 MOVStreamContext *sc;
185 enum AVCodecID id;
186 int ret;
187
188 switch (type) {
189 case 0xd: id = AV_CODEC_ID_MJPEG; break;
190 case 0xe: id = AV_CODEC_ID_PNG; break;
191 case 0x1b: id = AV_CODEC_ID_BMP; break;
192 default:
193 av_log(c->fc, AV_LOG_WARNING, "Unknown cover type: 0x%x.\n", type);
194 avio_skip(pb, len);
195 return 0;
196 }
197
198 st = avformat_new_stream(c->fc, NULL);
199 if (!st)
200 return AVERROR(ENOMEM);
201 sc = av_mallocz(sizeof(*sc));
202 if (!sc)
203 return AVERROR(ENOMEM);
204 st->priv_data = sc;
205
206 ret = av_get_packet(pb, &pkt, len);
207 if (ret < 0)
208 return ret;
209
210 if (pkt.size >= 8 && id != AV_CODEC_ID_BMP) {
211 if (AV_RB64(pkt.data) == 0x89504e470d0a1a0a) {
212 id = AV_CODEC_ID_PNG;
213 } else {
214 id = AV_CODEC_ID_MJPEG;
215 }
216 }
217
218 st->disposition |= AV_DISPOSITION_ATTACHED_PIC;
219
220 st->attached_pic = pkt;
221 st->attached_pic.stream_index = st->index;
222 st->attached_pic.flags |= AV_PKT_FLAG_KEY;
223
224 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
225 st->codecpar->codec_id = id;
226
227 return 0;
228 }
229
230 // 3GPP TS 26.244
mov_metadata_loci(MOVContext * c,AVIOContext * pb,unsigned len)231 static int mov_metadata_loci(MOVContext *c, AVIOContext *pb, unsigned len)
232 {
233 char language[4] = { 0 };
234 char buf[200], place[100];
235 uint16_t langcode = 0;
236 double longitude, latitude, altitude;
237 const char *key = "location";
238
239 if (len < 4 + 2 + 1 + 1 + 4 + 4 + 4) {
240 av_log(c->fc, AV_LOG_ERROR, "loci too short\n");
241 return AVERROR_INVALIDDATA;
242 }
243
244 avio_skip(pb, 4); // version+flags
245 langcode = avio_rb16(pb);
246 ff_mov_lang_to_iso639(langcode, language);
247 len -= 6;
248
249 len -= avio_get_str(pb, len, place, sizeof(place));
250 if (len < 1) {
251 av_log(c->fc, AV_LOG_ERROR, "place name too long\n");
252 return AVERROR_INVALIDDATA;
253 }
254 avio_skip(pb, 1); // role
255 len -= 1;
256
257 if (len < 12) {
258 av_log(c->fc, AV_LOG_ERROR,
259 "loci too short (%u bytes left, need at least %d)\n", len, 12);
260 return AVERROR_INVALIDDATA;
261 }
262 longitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
263 latitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
264 altitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
265
266 // Try to output in the same format as the ?xyz field
267 snprintf(buf, sizeof(buf), "%+08.4f%+09.4f", latitude, longitude);
268 if (altitude)
269 av_strlcatf(buf, sizeof(buf), "%+f", altitude);
270 av_strlcatf(buf, sizeof(buf), "/%s", place);
271
272 if (*language && strcmp(language, "und")) {
273 char key2[16];
274 snprintf(key2, sizeof(key2), "%s-%s", key, language);
275 av_dict_set(&c->fc->metadata, key2, buf, 0);
276 }
277 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
278 return av_dict_set(&c->fc->metadata, key, buf, 0);
279 }
280
mov_metadata_hmmt(MOVContext * c,AVIOContext * pb,unsigned len)281 static int mov_metadata_hmmt(MOVContext *c, AVIOContext *pb, unsigned len)
282 {
283 int i, n_hmmt;
284
285 if (len < 2)
286 return 0;
287 if (c->ignore_chapters)
288 return 0;
289
290 n_hmmt = avio_rb32(pb);
291 for (i = 0; i < n_hmmt && !pb->eof_reached; i++) {
292 int moment_time = avio_rb32(pb);
293 avpriv_new_chapter(c->fc, i, av_make_q(1, 1000), moment_time, AV_NOPTS_VALUE, NULL);
294 }
295 return 0;
296 }
297
mov_read_udta_string(MOVContext * c,AVIOContext * pb,MOVAtom atom)298 static int mov_read_udta_string(MOVContext *c, AVIOContext *pb, MOVAtom atom)
299 {
300 char tmp_key[5];
301 char key2[32], language[4] = {0};
302 char *str = NULL;
303 const char *key = NULL;
304 uint16_t langcode = 0;
305 uint32_t data_type = 0, str_size, str_size_alloc;
306 int (*parse)(MOVContext*, AVIOContext*, unsigned, const char*) = NULL;
307 int raw = 0;
308 int num = 0;
309
310 switch (atom.type) {
311 case MKTAG( '@','P','R','M'): key = "premiere_version"; raw = 1; break;
312 case MKTAG( '@','P','R','Q'): key = "quicktime_version"; raw = 1; break;
313 case MKTAG( 'X','M','P','_'):
314 if (c->export_xmp) { key = "xmp"; raw = 1; } break;
315 case MKTAG( 'a','A','R','T'): key = "album_artist"; break;
316 case MKTAG( 'a','k','I','D'): key = "account_type";
317 parse = mov_metadata_int8_no_padding; break;
318 case MKTAG( 'a','p','I','D'): key = "account_id"; break;
319 case MKTAG( 'c','a','t','g'): key = "category"; break;
320 case MKTAG( 'c','p','i','l'): key = "compilation";
321 parse = mov_metadata_int8_no_padding; break;
322 case MKTAG( 'c','p','r','t'): key = "copyright"; break;
323 case MKTAG( 'd','e','s','c'): key = "description"; break;
324 case MKTAG( 'd','i','s','k'): key = "disc";
325 parse = mov_metadata_track_or_disc_number; break;
326 case MKTAG( 'e','g','i','d'): key = "episode_uid";
327 parse = mov_metadata_int8_no_padding; break;
328 case MKTAG( 'F','I','R','M'): key = "firmware"; raw = 1; break;
329 case MKTAG( 'g','n','r','e'): key = "genre";
330 parse = mov_metadata_gnre; break;
331 case MKTAG( 'h','d','v','d'): key = "hd_video";
332 parse = mov_metadata_int8_no_padding; break;
333 case MKTAG( 'H','M','M','T'):
334 return mov_metadata_hmmt(c, pb, atom.size);
335 case MKTAG( 'k','e','y','w'): key = "keywords"; break;
336 case MKTAG( 'l','d','e','s'): key = "synopsis"; break;
337 case MKTAG( 'l','o','c','i'):
338 return mov_metadata_loci(c, pb, atom.size);
339 case MKTAG( 'm','a','n','u'): key = "make"; break;
340 case MKTAG( 'm','o','d','l'): key = "model"; break;
341 case MKTAG( 'p','c','s','t'): key = "podcast";
342 parse = mov_metadata_int8_no_padding; break;
343 case MKTAG( 'p','g','a','p'): key = "gapless_playback";
344 parse = mov_metadata_int8_no_padding; break;
345 case MKTAG( 'p','u','r','d'): key = "purchase_date"; break;
346 case MKTAG( 'r','t','n','g'): key = "rating";
347 parse = mov_metadata_int8_no_padding; break;
348 case MKTAG( 's','o','a','a'): key = "sort_album_artist"; break;
349 case MKTAG( 's','o','a','l'): key = "sort_album"; break;
350 case MKTAG( 's','o','a','r'): key = "sort_artist"; break;
351 case MKTAG( 's','o','c','o'): key = "sort_composer"; break;
352 case MKTAG( 's','o','n','m'): key = "sort_name"; break;
353 case MKTAG( 's','o','s','n'): key = "sort_show"; break;
354 case MKTAG( 's','t','i','k'): key = "media_type";
355 parse = mov_metadata_int8_no_padding; break;
356 case MKTAG( 't','r','k','n'): key = "track";
357 parse = mov_metadata_track_or_disc_number; break;
358 case MKTAG( 't','v','e','n'): key = "episode_id"; break;
359 case MKTAG( 't','v','e','s'): key = "episode_sort";
360 parse = mov_metadata_int8_bypass_padding; break;
361 case MKTAG( 't','v','n','n'): key = "network"; break;
362 case MKTAG( 't','v','s','h'): key = "show"; break;
363 case MKTAG( 't','v','s','n'): key = "season_number";
364 parse = mov_metadata_int8_bypass_padding; break;
365 case MKTAG(0xa9,'A','R','T'): key = "artist"; break;
366 case MKTAG(0xa9,'P','R','D'): key = "producer"; break;
367 case MKTAG(0xa9,'a','l','b'): key = "album"; break;
368 case MKTAG(0xa9,'a','u','t'): key = "artist"; break;
369 case MKTAG(0xa9,'c','h','p'): key = "chapter"; break;
370 case MKTAG(0xa9,'c','m','t'): key = "comment"; break;
371 case MKTAG(0xa9,'c','o','m'): key = "composer"; break;
372 case MKTAG(0xa9,'c','p','y'): key = "copyright"; break;
373 case MKTAG(0xa9,'d','a','y'): key = "date"; break;
374 case MKTAG(0xa9,'d','i','r'): key = "director"; break;
375 case MKTAG(0xa9,'d','i','s'): key = "disclaimer"; break;
376 case MKTAG(0xa9,'e','d','1'): key = "edit_date"; break;
377 case MKTAG(0xa9,'e','n','c'): key = "encoder"; break;
378 case MKTAG(0xa9,'f','m','t'): key = "original_format"; break;
379 case MKTAG(0xa9,'g','e','n'): key = "genre"; break;
380 case MKTAG(0xa9,'g','r','p'): key = "grouping"; break;
381 case MKTAG(0xa9,'h','s','t'): key = "host_computer"; break;
382 case MKTAG(0xa9,'i','n','f'): key = "comment"; break;
383 case MKTAG(0xa9,'l','y','r'): key = "lyrics"; break;
384 case MKTAG(0xa9,'m','a','k'): key = "make"; break;
385 case MKTAG(0xa9,'m','o','d'): key = "model"; break;
386 case MKTAG(0xa9,'n','a','m'): key = "title"; break;
387 case MKTAG(0xa9,'o','p','e'): key = "original_artist"; break;
388 case MKTAG(0xa9,'p','r','d'): key = "producer"; break;
389 case MKTAG(0xa9,'p','r','f'): key = "performers"; break;
390 case MKTAG(0xa9,'r','e','q'): key = "playback_requirements"; break;
391 case MKTAG(0xa9,'s','r','c'): key = "original_source"; break;
392 case MKTAG(0xa9,'s','t','3'): key = "subtitle"; break;
393 case MKTAG(0xa9,'s','w','r'): key = "encoder"; break;
394 case MKTAG(0xa9,'t','o','o'): key = "encoder"; break;
395 case MKTAG(0xa9,'t','r','k'): key = "track"; break;
396 case MKTAG(0xa9,'u','r','l'): key = "URL"; break;
397 case MKTAG(0xa9,'w','r','n'): key = "warning"; break;
398 case MKTAG(0xa9,'w','r','t'): key = "composer"; break;
399 case MKTAG(0xa9,'x','y','z'): key = "location"; break;
400 }
401 retry:
402 if (c->itunes_metadata && atom.size > 8) {
403 int data_size = avio_rb32(pb);
404 int tag = avio_rl32(pb);
405 if (tag == MKTAG('d','a','t','a') && data_size <= atom.size) {
406 data_type = avio_rb32(pb); // type
407 avio_rb32(pb); // unknown
408 str_size = data_size - 16;
409 atom.size -= 16;
410
411 if (atom.type == MKTAG('c', 'o', 'v', 'r')) {
412 int ret = mov_read_covr(c, pb, data_type, str_size);
413 if (ret < 0) {
414 av_log(c->fc, AV_LOG_ERROR, "Error parsing cover art.\n");
415 return ret;
416 }
417 atom.size -= str_size;
418 if (atom.size > 8)
419 goto retry;
420 return ret;
421 } else if (!key && c->found_hdlr_mdta && c->meta_keys) {
422 uint32_t index = AV_RB32(&atom.type);
423 if (index < c->meta_keys_count && index > 0) {
424 key = c->meta_keys[index];
425 } else {
426 av_log(c->fc, AV_LOG_WARNING,
427 "The index of 'data' is out of range: %"PRId32" < 1 or >= %d.\n",
428 index, c->meta_keys_count);
429 }
430 }
431 } else return 0;
432 } else if (atom.size > 4 && key && !c->itunes_metadata && !raw) {
433 str_size = avio_rb16(pb); // string length
434 if (str_size > atom.size) {
435 raw = 1;
436 avio_seek(pb, -2, SEEK_CUR);
437 av_log(c->fc, AV_LOG_WARNING, "UDTA parsing failed retrying raw\n");
438 goto retry;
439 }
440 langcode = avio_rb16(pb);
441 ff_mov_lang_to_iso639(langcode, language);
442 atom.size -= 4;
443 } else
444 str_size = atom.size;
445
446 if (c->export_all && !key) {
447 snprintf(tmp_key, 5, "%.4s", (char*)&atom.type);
448 key = tmp_key;
449 }
450
451 if (!key)
452 return 0;
453 if (atom.size < 0 || str_size >= INT_MAX/2)
454 return AVERROR_INVALIDDATA;
455
456 // Allocates enough space if data_type is a int32 or float32 number, otherwise
457 // worst-case requirement for output string in case of utf8 coded input
458 num = (data_type >= 21 && data_type <= 23);
459 str_size_alloc = (num ? 512 : (raw ? str_size : str_size * 2)) + 1;
460 str = av_mallocz(str_size_alloc);
461 if (!str)
462 return AVERROR(ENOMEM);
463
464 if (parse)
465 parse(c, pb, str_size, key);
466 else {
467 if (!raw && (data_type == 3 || (data_type == 0 && (langcode < 0x400 || langcode == 0x7fff)))) { // MAC Encoded
468 mov_read_mac_string(c, pb, str_size, str, str_size_alloc);
469 } else if (data_type == 21) { // BE signed integer, variable size
470 int val = 0;
471 if (str_size == 1)
472 val = (int8_t)avio_r8(pb);
473 else if (str_size == 2)
474 val = (int16_t)avio_rb16(pb);
475 else if (str_size == 3)
476 val = ((int32_t)(avio_rb24(pb)<<8))>>8;
477 else if (str_size == 4)
478 val = (int32_t)avio_rb32(pb);
479 if (snprintf(str, str_size_alloc, "%d", val) >= str_size_alloc) {
480 av_log(c->fc, AV_LOG_ERROR,
481 "Failed to store the number (%d) in string.\n", val);
482 av_free(str);
483 return AVERROR_INVALIDDATA;
484 }
485 } else if (data_type == 22) { // BE unsigned integer, variable size
486 unsigned int val = 0;
487 if (str_size == 1)
488 val = avio_r8(pb);
489 else if (str_size == 2)
490 val = avio_rb16(pb);
491 else if (str_size == 3)
492 val = avio_rb24(pb);
493 else if (str_size == 4)
494 val = avio_rb32(pb);
495 if (snprintf(str, str_size_alloc, "%u", val) >= str_size_alloc) {
496 av_log(c->fc, AV_LOG_ERROR,
497 "Failed to store the number (%u) in string.\n", val);
498 av_free(str);
499 return AVERROR_INVALIDDATA;
500 }
501 } else if (data_type == 23 && str_size >= 4) { // BE float32
502 float val = av_int2float(avio_rb32(pb));
503 if (snprintf(str, str_size_alloc, "%f", val) >= str_size_alloc) {
504 av_log(c->fc, AV_LOG_ERROR,
505 "Failed to store the float32 number (%f) in string.\n", val);
506 av_free(str);
507 return AVERROR_INVALIDDATA;
508 }
509 } else {
510 int ret = ffio_read_size(pb, str, str_size);
511 if (ret < 0) {
512 av_free(str);
513 return ret;
514 }
515 str[str_size] = 0;
516 }
517 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
518 av_dict_set(&c->fc->metadata, key, str, 0);
519 if (*language && strcmp(language, "und")) {
520 snprintf(key2, sizeof(key2), "%s-%s", key, language);
521 av_dict_set(&c->fc->metadata, key2, str, 0);
522 }
523 if (!strcmp(key, "encoder")) {
524 int major, minor, micro;
525 if (sscanf(str, "HandBrake %d.%d.%d", &major, &minor, µ) == 3) {
526 c->handbrake_version = 1000000*major + 1000*minor + micro;
527 }
528 }
529 }
530
531 av_freep(&str);
532 return 0;
533 }
534
mov_read_chpl(MOVContext * c,AVIOContext * pb,MOVAtom atom)535 static int mov_read_chpl(MOVContext *c, AVIOContext *pb, MOVAtom atom)
536 {
537 int64_t start;
538 int i, nb_chapters, str_len, version;
539 char str[256+1];
540 int ret;
541
542 if (c->ignore_chapters)
543 return 0;
544
545 if ((atom.size -= 5) < 0)
546 return 0;
547
548 version = avio_r8(pb);
549 avio_rb24(pb);
550 if (version)
551 avio_rb32(pb); // ???
552 nb_chapters = avio_r8(pb);
553
554 for (i = 0; i < nb_chapters; i++) {
555 if (atom.size < 9)
556 return 0;
557
558 start = avio_rb64(pb);
559 str_len = avio_r8(pb);
560
561 if ((atom.size -= 9+str_len) < 0)
562 return 0;
563
564 ret = ffio_read_size(pb, str, str_len);
565 if (ret < 0)
566 return ret;
567 str[str_len] = 0;
568 avpriv_new_chapter(c->fc, i, (AVRational){1,10000000}, start, AV_NOPTS_VALUE, str);
569 }
570 return 0;
571 }
572
573 #define MIN_DATA_ENTRY_BOX_SIZE 12
mov_read_dref(MOVContext * c,AVIOContext * pb,MOVAtom atom)574 static int mov_read_dref(MOVContext *c, AVIOContext *pb, MOVAtom atom)
575 {
576 AVStream *st;
577 MOVStreamContext *sc;
578 int entries, i, j;
579
580 if (c->fc->nb_streams < 1)
581 return 0;
582 st = c->fc->streams[c->fc->nb_streams-1];
583 sc = st->priv_data;
584
585 avio_rb32(pb); // version + flags
586 entries = avio_rb32(pb);
587 if (!entries ||
588 entries > (atom.size - 1) / MIN_DATA_ENTRY_BOX_SIZE + 1 ||
589 entries >= UINT_MAX / sizeof(*sc->drefs))
590 return AVERROR_INVALIDDATA;
591 sc->drefs_count = 0;
592 av_free(sc->drefs);
593 sc->drefs_count = 0;
594 sc->drefs = av_mallocz(entries * sizeof(*sc->drefs));
595 if (!sc->drefs)
596 return AVERROR(ENOMEM);
597 sc->drefs_count = entries;
598
599 for (i = 0; i < entries; i++) {
600 MOVDref *dref = &sc->drefs[i];
601 uint32_t size = avio_rb32(pb);
602 int64_t next = avio_tell(pb) + size - 4;
603
604 if (size < 12)
605 return AVERROR_INVALIDDATA;
606
607 dref->type = avio_rl32(pb);
608 avio_rb32(pb); // version + flags
609
610 if (dref->type == MKTAG('a','l','i','s') && size > 150) {
611 /* macintosh alias record */
612 uint16_t volume_len, len;
613 int16_t type;
614 int ret;
615
616 avio_skip(pb, 10);
617
618 volume_len = avio_r8(pb);
619 volume_len = FFMIN(volume_len, 27);
620 ret = ffio_read_size(pb, dref->volume, 27);
621 if (ret < 0)
622 return ret;
623 dref->volume[volume_len] = 0;
624 av_log(c->fc, AV_LOG_DEBUG, "volume %s, len %d\n", dref->volume, volume_len);
625
626 avio_skip(pb, 12);
627
628 len = avio_r8(pb);
629 len = FFMIN(len, 63);
630 ret = ffio_read_size(pb, dref->filename, 63);
631 if (ret < 0)
632 return ret;
633 dref->filename[len] = 0;
634 av_log(c->fc, AV_LOG_DEBUG, "filename %s, len %d\n", dref->filename, len);
635
636 avio_skip(pb, 16);
637
638 /* read next level up_from_alias/down_to_target */
639 dref->nlvl_from = avio_rb16(pb);
640 dref->nlvl_to = avio_rb16(pb);
641 av_log(c->fc, AV_LOG_DEBUG, "nlvl from %d, nlvl to %d\n",
642 dref->nlvl_from, dref->nlvl_to);
643
644 avio_skip(pb, 16);
645
646 for (type = 0; type != -1 && avio_tell(pb) < next; ) {
647 if(avio_feof(pb))
648 return AVERROR_EOF;
649 type = avio_rb16(pb);
650 len = avio_rb16(pb);
651 av_log(c->fc, AV_LOG_DEBUG, "type %d, len %d\n", type, len);
652 if (len&1)
653 len += 1;
654 if (type == 2) { // absolute path
655 av_free(dref->path);
656 dref->path = av_mallocz(len+1);
657 if (!dref->path)
658 return AVERROR(ENOMEM);
659
660 ret = ffio_read_size(pb, dref->path, len);
661 if (ret < 0) {
662 av_freep(&dref->path);
663 return ret;
664 }
665 if (len > volume_len && !strncmp(dref->path, dref->volume, volume_len)) {
666 len -= volume_len;
667 memmove(dref->path, dref->path+volume_len, len);
668 dref->path[len] = 0;
669 }
670 // trim string of any ending zeros
671 for (j = len - 1; j >= 0; j--) {
672 if (dref->path[j] == 0)
673 len--;
674 else
675 break;
676 }
677 for (j = 0; j < len; j++)
678 if (dref->path[j] == ':' || dref->path[j] == 0)
679 dref->path[j] = '/';
680 av_log(c->fc, AV_LOG_DEBUG, "path %s\n", dref->path);
681 } else if (type == 0) { // directory name
682 av_free(dref->dir);
683 dref->dir = av_malloc(len+1);
684 if (!dref->dir)
685 return AVERROR(ENOMEM);
686
687 ret = ffio_read_size(pb, dref->dir, len);
688 if (ret < 0) {
689 av_freep(&dref->dir);
690 return ret;
691 }
692 dref->dir[len] = 0;
693 for (j = 0; j < len; j++)
694 if (dref->dir[j] == ':')
695 dref->dir[j] = '/';
696 av_log(c->fc, AV_LOG_DEBUG, "dir %s\n", dref->dir);
697 } else
698 avio_skip(pb, len);
699 }
700 } else {
701 av_log(c->fc, AV_LOG_DEBUG, "Unknown dref type 0x%08"PRIx32" size %"PRIu32"\n",
702 dref->type, size);
703 entries--;
704 i--;
705 }
706 avio_seek(pb, next, SEEK_SET);
707 }
708 return 0;
709 }
710
mov_read_hdlr(MOVContext * c,AVIOContext * pb,MOVAtom atom)711 static int mov_read_hdlr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
712 {
713 AVStream *st;
714 uint32_t type;
715 uint32_t ctype;
716 int64_t title_size;
717 char *title_str;
718 int ret;
719
720 avio_r8(pb); /* version */
721 avio_rb24(pb); /* flags */
722
723 /* component type */
724 ctype = avio_rl32(pb);
725 type = avio_rl32(pb); /* component subtype */
726
727 av_log(c->fc, AV_LOG_TRACE, "ctype=%s\n", av_fourcc2str(ctype));
728 av_log(c->fc, AV_LOG_TRACE, "stype=%s\n", av_fourcc2str(type));
729
730 if (c->trak_index < 0) { // meta not inside a trak
731 if (type == MKTAG('m','d','t','a')) {
732 c->found_hdlr_mdta = 1;
733 }
734 return 0;
735 }
736
737 st = c->fc->streams[c->fc->nb_streams-1];
738
739 if (type == MKTAG('v','i','d','e'))
740 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
741 else if (type == MKTAG('s','o','u','n'))
742 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
743 else if (type == MKTAG('m','1','a',' '))
744 st->codecpar->codec_id = AV_CODEC_ID_MP2;
745 else if ((type == MKTAG('s','u','b','p')) || (type == MKTAG('c','l','c','p')))
746 st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
747
748 avio_rb32(pb); /* component manufacture */
749 avio_rb32(pb); /* component flags */
750 avio_rb32(pb); /* component flags mask */
751
752 title_size = atom.size - 24;
753 if (title_size > 0) {
754 if (title_size > FFMIN(INT_MAX, SIZE_MAX-1))
755 return AVERROR_INVALIDDATA;
756 title_str = av_malloc(title_size + 1); /* Add null terminator */
757 if (!title_str)
758 return AVERROR(ENOMEM);
759
760 ret = ffio_read_size(pb, title_str, title_size);
761 if (ret < 0) {
762 av_freep(&title_str);
763 return ret;
764 }
765 title_str[title_size] = 0;
766 if (title_str[0]) {
767 int off = (!c->isom && title_str[0] == title_size - 1);
768 // flag added so as to not set stream handler name if already set from mdia->hdlr
769 av_dict_set(&st->metadata, "handler_name", title_str + off, AV_DICT_DONT_OVERWRITE);
770 }
771 av_freep(&title_str);
772 }
773
774 return 0;
775 }
776
mov_read_esds(MOVContext * c,AVIOContext * pb,MOVAtom atom)777 static int mov_read_esds(MOVContext *c, AVIOContext *pb, MOVAtom atom)
778 {
779 return ff_mov_read_esds(c->fc, pb);
780 }
781
mov_read_dac3(MOVContext * c,AVIOContext * pb,MOVAtom atom)782 static int mov_read_dac3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
783 {
784 AVStream *st;
785 enum AVAudioServiceType *ast;
786 int ac3info, acmod, lfeon, bsmod;
787
788 if (c->fc->nb_streams < 1)
789 return 0;
790 st = c->fc->streams[c->fc->nb_streams-1];
791
792 ast = (enum AVAudioServiceType*)av_stream_new_side_data(st, AV_PKT_DATA_AUDIO_SERVICE_TYPE,
793 sizeof(*ast));
794 if (!ast)
795 return AVERROR(ENOMEM);
796
797 ac3info = avio_rb24(pb);
798 bsmod = (ac3info >> 14) & 0x7;
799 acmod = (ac3info >> 11) & 0x7;
800 lfeon = (ac3info >> 10) & 0x1;
801 st->codecpar->channels = ((int[]){2,1,2,3,3,4,4,5})[acmod] + lfeon;
802 st->codecpar->channel_layout = avpriv_ac3_channel_layout_tab[acmod];
803 if (lfeon)
804 st->codecpar->channel_layout |= AV_CH_LOW_FREQUENCY;
805 *ast = bsmod;
806 if (st->codecpar->channels > 1 && bsmod == 0x7)
807 *ast = AV_AUDIO_SERVICE_TYPE_KARAOKE;
808
809 #if FF_API_LAVF_AVCTX
810 FF_DISABLE_DEPRECATION_WARNINGS
811 st->codec->audio_service_type = *ast;
812 FF_ENABLE_DEPRECATION_WARNINGS
813 #endif
814
815 return 0;
816 }
817
mov_read_dec3(MOVContext * c,AVIOContext * pb,MOVAtom atom)818 static int mov_read_dec3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
819 {
820 AVStream *st;
821 enum AVAudioServiceType *ast;
822 int eac3info, acmod, lfeon, bsmod;
823
824 if (c->fc->nb_streams < 1)
825 return 0;
826 st = c->fc->streams[c->fc->nb_streams-1];
827
828 ast = (enum AVAudioServiceType*)av_stream_new_side_data(st, AV_PKT_DATA_AUDIO_SERVICE_TYPE,
829 sizeof(*ast));
830 if (!ast)
831 return AVERROR(ENOMEM);
832
833 /* No need to parse fields for additional independent substreams and its
834 * associated dependent substreams since libavcodec's E-AC-3 decoder
835 * does not support them yet. */
836 avio_rb16(pb); /* data_rate and num_ind_sub */
837 eac3info = avio_rb24(pb);
838 bsmod = (eac3info >> 12) & 0x1f;
839 acmod = (eac3info >> 9) & 0x7;
840 lfeon = (eac3info >> 8) & 0x1;
841 st->codecpar->channel_layout = avpriv_ac3_channel_layout_tab[acmod];
842 if (lfeon)
843 st->codecpar->channel_layout |= AV_CH_LOW_FREQUENCY;
844 st->codecpar->channels = av_get_channel_layout_nb_channels(st->codecpar->channel_layout);
845 *ast = bsmod;
846 if (st->codecpar->channels > 1 && bsmod == 0x7)
847 *ast = AV_AUDIO_SERVICE_TYPE_KARAOKE;
848
849 #if FF_API_LAVF_AVCTX
850 FF_DISABLE_DEPRECATION_WARNINGS
851 st->codec->audio_service_type = *ast;
852 FF_ENABLE_DEPRECATION_WARNINGS
853 #endif
854
855 return 0;
856 }
857
mov_read_ddts(MOVContext * c,AVIOContext * pb,MOVAtom atom)858 static int mov_read_ddts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
859 {
860 const uint32_t ddts_size = 20;
861 AVStream *st = NULL;
862 uint8_t *buf = NULL;
863 uint32_t frame_duration_code = 0;
864 uint32_t channel_layout_code = 0;
865 GetBitContext gb;
866
867 buf = av_malloc(ddts_size + AV_INPUT_BUFFER_PADDING_SIZE);
868 if (!buf) {
869 return AVERROR(ENOMEM);
870 }
871 if (avio_read(pb, buf, ddts_size) < ddts_size) {
872 av_free(buf);
873 return AVERROR_INVALIDDATA;
874 }
875
876 init_get_bits(&gb, buf, 8*ddts_size);
877
878 if (c->fc->nb_streams < 1) {
879 av_free(buf);
880 return 0;
881 }
882 st = c->fc->streams[c->fc->nb_streams-1];
883
884 st->codecpar->sample_rate = get_bits_long(&gb, 32);
885 if (st->codecpar->sample_rate <= 0) {
886 av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
887 av_free(buf);
888 return AVERROR_INVALIDDATA;
889 }
890 skip_bits_long(&gb, 32); /* max bitrate */
891 st->codecpar->bit_rate = get_bits_long(&gb, 32);
892 st->codecpar->bits_per_coded_sample = get_bits(&gb, 8);
893 frame_duration_code = get_bits(&gb, 2);
894 skip_bits(&gb, 30); /* various fields */
895 channel_layout_code = get_bits(&gb, 16);
896
897 st->codecpar->frame_size =
898 (frame_duration_code == 0) ? 512 :
899 (frame_duration_code == 1) ? 1024 :
900 (frame_duration_code == 2) ? 2048 :
901 (frame_duration_code == 3) ? 4096 : 0;
902
903 if (channel_layout_code > 0xff) {
904 av_log(c->fc, AV_LOG_WARNING, "Unsupported DTS audio channel layout");
905 }
906 st->codecpar->channel_layout =
907 ((channel_layout_code & 0x1) ? AV_CH_FRONT_CENTER : 0) |
908 ((channel_layout_code & 0x2) ? AV_CH_FRONT_LEFT : 0) |
909 ((channel_layout_code & 0x2) ? AV_CH_FRONT_RIGHT : 0) |
910 ((channel_layout_code & 0x4) ? AV_CH_SIDE_LEFT : 0) |
911 ((channel_layout_code & 0x4) ? AV_CH_SIDE_RIGHT : 0) |
912 ((channel_layout_code & 0x8) ? AV_CH_LOW_FREQUENCY : 0);
913
914 st->codecpar->channels = av_get_channel_layout_nb_channels(st->codecpar->channel_layout);
915 av_free(buf);
916
917 return 0;
918 }
919
mov_read_chan(MOVContext * c,AVIOContext * pb,MOVAtom atom)920 static int mov_read_chan(MOVContext *c, AVIOContext *pb, MOVAtom atom)
921 {
922 AVStream *st;
923
924 if (c->fc->nb_streams < 1)
925 return 0;
926 st = c->fc->streams[c->fc->nb_streams-1];
927
928 if (atom.size < 16)
929 return 0;
930
931 /* skip version and flags */
932 avio_skip(pb, 4);
933
934 ff_mov_read_chan(c->fc, pb, st, atom.size - 4);
935
936 return 0;
937 }
938
mov_read_wfex(MOVContext * c,AVIOContext * pb,MOVAtom atom)939 static int mov_read_wfex(MOVContext *c, AVIOContext *pb, MOVAtom atom)
940 {
941 AVStream *st;
942 int ret;
943
944 if (c->fc->nb_streams < 1)
945 return 0;
946 st = c->fc->streams[c->fc->nb_streams-1];
947
948 if ((ret = ff_get_wav_header(c->fc, pb, st->codecpar, atom.size, 0)) < 0)
949 av_log(c->fc, AV_LOG_WARNING, "get_wav_header failed\n");
950
951 return ret;
952 }
953
mov_read_pasp(MOVContext * c,AVIOContext * pb,MOVAtom atom)954 static int mov_read_pasp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
955 {
956 const int num = avio_rb32(pb);
957 const int den = avio_rb32(pb);
958 AVStream *st;
959
960 if (c->fc->nb_streams < 1)
961 return 0;
962 st = c->fc->streams[c->fc->nb_streams-1];
963
964 if ((st->sample_aspect_ratio.den != 1 || st->sample_aspect_ratio.num) && // default
965 (den != st->sample_aspect_ratio.den || num != st->sample_aspect_ratio.num)) {
966 av_log(c->fc, AV_LOG_WARNING,
967 "sample aspect ratio already set to %d:%d, ignoring 'pasp' atom (%d:%d)\n",
968 st->sample_aspect_ratio.num, st->sample_aspect_ratio.den,
969 num, den);
970 } else if (den != 0) {
971 av_reduce(&st->sample_aspect_ratio.num, &st->sample_aspect_ratio.den,
972 num, den, 32767);
973 }
974 return 0;
975 }
976
977 /* this atom contains actual media data */
mov_read_mdat(MOVContext * c,AVIOContext * pb,MOVAtom atom)978 static int mov_read_mdat(MOVContext *c, AVIOContext *pb, MOVAtom atom)
979 {
980 if (atom.size == 0) /* wrong one (MP4) */
981 return 0;
982 c->found_mdat=1;
983 return 0; /* now go for moov */
984 }
985
986 #define DRM_BLOB_SIZE 56
987
mov_read_adrm(MOVContext * c,AVIOContext * pb,MOVAtom atom)988 static int mov_read_adrm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
989 {
990 uint8_t intermediate_key[20];
991 uint8_t intermediate_iv[20];
992 uint8_t input[64];
993 uint8_t output[64];
994 uint8_t file_checksum[20];
995 uint8_t calculated_checksum[20];
996 struct AVSHA *sha;
997 int i;
998 int ret = 0;
999 uint8_t *activation_bytes = c->activation_bytes;
1000 uint8_t *fixed_key = c->audible_fixed_key;
1001
1002 c->aax_mode = 1;
1003
1004 sha = av_sha_alloc();
1005 if (!sha)
1006 return AVERROR(ENOMEM);
1007 c->aes_decrypt = av_aes_alloc();
1008 if (!c->aes_decrypt) {
1009 ret = AVERROR(ENOMEM);
1010 goto fail;
1011 }
1012
1013 /* drm blob processing */
1014 avio_read(pb, output, 8); // go to offset 8, absolute position 0x251
1015 avio_read(pb, input, DRM_BLOB_SIZE);
1016 avio_read(pb, output, 4); // go to offset 4, absolute position 0x28d
1017 avio_read(pb, file_checksum, 20);
1018
1019 av_log(c->fc, AV_LOG_INFO, "[aax] file checksum == "); // required by external tools
1020 for (i = 0; i < 20; i++)
1021 av_log(c->fc, AV_LOG_INFO, "%02x", file_checksum[i]);
1022 av_log(c->fc, AV_LOG_INFO, "\n");
1023
1024 /* verify activation data */
1025 if (!activation_bytes) {
1026 av_log(c->fc, AV_LOG_WARNING, "[aax] activation_bytes option is missing!\n");
1027 ret = 0; /* allow ffprobe to continue working on .aax files */
1028 goto fail;
1029 }
1030 if (c->activation_bytes_size != 4) {
1031 av_log(c->fc, AV_LOG_FATAL, "[aax] activation_bytes value needs to be 4 bytes!\n");
1032 ret = AVERROR(EINVAL);
1033 goto fail;
1034 }
1035
1036 /* verify fixed key */
1037 if (c->audible_fixed_key_size != 16) {
1038 av_log(c->fc, AV_LOG_FATAL, "[aax] audible_fixed_key value needs to be 16 bytes!\n");
1039 ret = AVERROR(EINVAL);
1040 goto fail;
1041 }
1042
1043 /* AAX (and AAX+) key derivation */
1044 av_sha_init(sha, 160);
1045 av_sha_update(sha, fixed_key, 16);
1046 av_sha_update(sha, activation_bytes, 4);
1047 av_sha_final(sha, intermediate_key);
1048 av_sha_init(sha, 160);
1049 av_sha_update(sha, fixed_key, 16);
1050 av_sha_update(sha, intermediate_key, 20);
1051 av_sha_update(sha, activation_bytes, 4);
1052 av_sha_final(sha, intermediate_iv);
1053 av_sha_init(sha, 160);
1054 av_sha_update(sha, intermediate_key, 16);
1055 av_sha_update(sha, intermediate_iv, 16);
1056 av_sha_final(sha, calculated_checksum);
1057 if (memcmp(calculated_checksum, file_checksum, 20)) { // critical error
1058 av_log(c->fc, AV_LOG_ERROR, "[aax] mismatch in checksums!\n");
1059 ret = AVERROR_INVALIDDATA;
1060 goto fail;
1061 }
1062 av_aes_init(c->aes_decrypt, intermediate_key, 128, 1);
1063 av_aes_crypt(c->aes_decrypt, output, input, DRM_BLOB_SIZE >> 4, intermediate_iv, 1);
1064 for (i = 0; i < 4; i++) {
1065 // file data (in output) is stored in big-endian mode
1066 if (activation_bytes[i] != output[3 - i]) { // critical error
1067 av_log(c->fc, AV_LOG_ERROR, "[aax] error in drm blob decryption!\n");
1068 ret = AVERROR_INVALIDDATA;
1069 goto fail;
1070 }
1071 }
1072 memcpy(c->file_key, output + 8, 16);
1073 memcpy(input, output + 26, 16);
1074 av_sha_init(sha, 160);
1075 av_sha_update(sha, input, 16);
1076 av_sha_update(sha, c->file_key, 16);
1077 av_sha_update(sha, fixed_key, 16);
1078 av_sha_final(sha, c->file_iv);
1079
1080 fail:
1081 av_free(sha);
1082
1083 return ret;
1084 }
1085
1086 // Audible AAX (and AAX+) bytestream decryption
aax_filter(uint8_t * input,int size,MOVContext * c)1087 static int aax_filter(uint8_t *input, int size, MOVContext *c)
1088 {
1089 int blocks = 0;
1090 unsigned char iv[16];
1091
1092 memcpy(iv, c->file_iv, 16); // iv is overwritten
1093 blocks = size >> 4; // trailing bytes are not encrypted!
1094 av_aes_init(c->aes_decrypt, c->file_key, 128, 1);
1095 av_aes_crypt(c->aes_decrypt, input, input, blocks, iv, 1);
1096
1097 return 0;
1098 }
1099
1100 /* read major brand, minor version and compatible brands and store them as metadata */
mov_read_ftyp(MOVContext * c,AVIOContext * pb,MOVAtom atom)1101 static int mov_read_ftyp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1102 {
1103 uint32_t minor_ver;
1104 int comp_brand_size;
1105 char* comp_brands_str;
1106 uint8_t type[5] = {0};
1107 int ret = ffio_read_size(pb, type, 4);
1108 if (ret < 0)
1109 return ret;
1110
1111 if (strcmp(type, "qt "))
1112 c->isom = 1;
1113 av_log(c->fc, AV_LOG_DEBUG, "ISO: File Type Major Brand: %.4s\n",(char *)&type);
1114 av_dict_set(&c->fc->metadata, "major_brand", type, 0);
1115 minor_ver = avio_rb32(pb); /* minor version */
1116 av_dict_set_int(&c->fc->metadata, "minor_version", minor_ver, 0);
1117
1118 comp_brand_size = atom.size - 8;
1119 if (comp_brand_size < 0)
1120 return AVERROR_INVALIDDATA;
1121 comp_brands_str = av_malloc(comp_brand_size + 1); /* Add null terminator */
1122 if (!comp_brands_str)
1123 return AVERROR(ENOMEM);
1124
1125 ret = ffio_read_size(pb, comp_brands_str, comp_brand_size);
1126 if (ret < 0) {
1127 av_freep(&comp_brands_str);
1128 return ret;
1129 }
1130 comp_brands_str[comp_brand_size] = 0;
1131 av_dict_set(&c->fc->metadata, "compatible_brands", comp_brands_str, 0);
1132 av_freep(&comp_brands_str);
1133
1134 return 0;
1135 }
1136
1137 /* this atom should contain all header atoms */
mov_read_moov(MOVContext * c,AVIOContext * pb,MOVAtom atom)1138 static int mov_read_moov(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1139 {
1140 int ret;
1141
1142 if (c->found_moov) {
1143 av_log(c->fc, AV_LOG_WARNING, "Found duplicated MOOV Atom. Skipped it\n");
1144 avio_skip(pb, atom.size);
1145 return 0;
1146 }
1147
1148 if ((ret = mov_read_default(c, pb, atom)) < 0)
1149 return ret;
1150 /* we parsed the 'moov' atom, we can terminate the parsing as soon as we find the 'mdat' */
1151 /* so we don't parse the whole file if over a network */
1152 c->found_moov=1;
1153 return 0; /* now go for mdat */
1154 }
1155
get_frag_stream_info(MOVFragmentIndex * frag_index,int index,int id)1156 static MOVFragmentStreamInfo * get_frag_stream_info(
1157 MOVFragmentIndex *frag_index,
1158 int index,
1159 int id)
1160 {
1161 int i;
1162 MOVFragmentIndexItem * item;
1163
1164 if (index < 0 || index >= frag_index->nb_items)
1165 return NULL;
1166 item = &frag_index->item[index];
1167 for (i = 0; i < item->nb_stream_info; i++)
1168 if (item->stream_info[i].id == id)
1169 return &item->stream_info[i];
1170
1171 // This shouldn't happen
1172 return NULL;
1173 }
1174
set_frag_stream(MOVFragmentIndex * frag_index,int id)1175 static void set_frag_stream(MOVFragmentIndex *frag_index, int id)
1176 {
1177 int i;
1178 MOVFragmentIndexItem * item;
1179
1180 if (frag_index->current < 0 ||
1181 frag_index->current >= frag_index->nb_items)
1182 return;
1183
1184 item = &frag_index->item[frag_index->current];
1185 for (i = 0; i < item->nb_stream_info; i++)
1186 if (item->stream_info[i].id == id) {
1187 item->current = i;
1188 return;
1189 }
1190
1191 // id not found. This shouldn't happen.
1192 item->current = -1;
1193 }
1194
get_current_frag_stream_info(MOVFragmentIndex * frag_index)1195 static MOVFragmentStreamInfo * get_current_frag_stream_info(
1196 MOVFragmentIndex *frag_index)
1197 {
1198 MOVFragmentIndexItem *item;
1199 if (frag_index->current < 0 ||
1200 frag_index->current >= frag_index->nb_items)
1201 return NULL;
1202
1203 item = &frag_index->item[frag_index->current];
1204 if (item->current >= 0 && item->current < item->nb_stream_info)
1205 return &item->stream_info[item->current];
1206
1207 // This shouldn't happen
1208 return NULL;
1209 }
1210
search_frag_moof_offset(MOVFragmentIndex * frag_index,int64_t offset)1211 static int search_frag_moof_offset(MOVFragmentIndex *frag_index, int64_t offset)
1212 {
1213 int a, b, m;
1214 int64_t moof_offset;
1215
1216 // Optimize for appending new entries
1217 if (!frag_index->nb_items ||
1218 frag_index->item[frag_index->nb_items - 1].moof_offset < offset)
1219 return frag_index->nb_items;
1220
1221 a = -1;
1222 b = frag_index->nb_items;
1223
1224 while (b - a > 1) {
1225 m = (a + b) >> 1;
1226 moof_offset = frag_index->item[m].moof_offset;
1227 if (moof_offset >= offset)
1228 b = m;
1229 if (moof_offset <= offset)
1230 a = m;
1231 }
1232 return b;
1233 }
1234
get_stream_info_time(MOVFragmentStreamInfo * frag_stream_info)1235 static int64_t get_stream_info_time(MOVFragmentStreamInfo * frag_stream_info)
1236 {
1237
1238 if (frag_stream_info) {
1239 if (frag_stream_info->sidx_pts != AV_NOPTS_VALUE)
1240 return frag_stream_info->sidx_pts;
1241 if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE)
1242 return frag_stream_info->first_tfra_pts;
1243 if (frag_stream_info->tfdt_dts != AV_NOPTS_VALUE)
1244 return frag_stream_info->tfdt_dts;
1245 }
1246 return AV_NOPTS_VALUE;
1247 }
1248
get_frag_time(MOVFragmentIndex * frag_index,int index,int track_id)1249 static int64_t get_frag_time(MOVFragmentIndex *frag_index,
1250 int index, int track_id)
1251 {
1252 MOVFragmentStreamInfo * frag_stream_info;
1253 int64_t timestamp;
1254 int i;
1255
1256 if (track_id >= 0) {
1257 frag_stream_info = get_frag_stream_info(frag_index, index, track_id);
1258 return frag_stream_info->sidx_pts;
1259 }
1260
1261 for (i = 0; i < frag_index->item[index].nb_stream_info; i++) {
1262 frag_stream_info = &frag_index->item[index].stream_info[i];
1263 timestamp = get_stream_info_time(frag_stream_info);
1264 if (timestamp != AV_NOPTS_VALUE)
1265 return timestamp;
1266 }
1267 return AV_NOPTS_VALUE;
1268 }
1269
search_frag_timestamp(MOVFragmentIndex * frag_index,AVStream * st,int64_t timestamp)1270 static int search_frag_timestamp(MOVFragmentIndex *frag_index,
1271 AVStream *st, int64_t timestamp)
1272 {
1273 int a, b, m, m0;
1274 int64_t frag_time;
1275 int id = -1;
1276
1277 if (st) {
1278 // If the stream is referenced by any sidx, limit the search
1279 // to fragments that referenced this stream in the sidx
1280 MOVStreamContext *sc = st->priv_data;
1281 if (sc->has_sidx)
1282 id = st->id;
1283 }
1284
1285 a = -1;
1286 b = frag_index->nb_items;
1287
1288 while (b - a > 1) {
1289 m0 = m = (a + b) >> 1;
1290
1291 while (m < b &&
1292 (frag_time = get_frag_time(frag_index, m, id)) == AV_NOPTS_VALUE)
1293 m++;
1294
1295 if (m < b && frag_time <= timestamp)
1296 a = m;
1297 else
1298 b = m0;
1299 }
1300
1301 return a;
1302 }
1303
update_frag_index(MOVContext * c,int64_t offset)1304 static int update_frag_index(MOVContext *c, int64_t offset)
1305 {
1306 int index, i;
1307 MOVFragmentIndexItem * item;
1308 MOVFragmentStreamInfo * frag_stream_info;
1309
1310 // If moof_offset already exists in frag_index, return index to it
1311 index = search_frag_moof_offset(&c->frag_index, offset);
1312 if (index < c->frag_index.nb_items &&
1313 c->frag_index.item[index].moof_offset == offset)
1314 return index;
1315
1316 // offset is not yet in frag index.
1317 // Insert new item at index (sorted by moof offset)
1318 item = av_fast_realloc(c->frag_index.item,
1319 &c->frag_index.allocated_size,
1320 (c->frag_index.nb_items + 1) *
1321 sizeof(*c->frag_index.item));
1322 if(!item)
1323 return -1;
1324 c->frag_index.item = item;
1325
1326 frag_stream_info = av_realloc_array(NULL, c->fc->nb_streams,
1327 sizeof(*item->stream_info));
1328 if (!frag_stream_info)
1329 return -1;
1330
1331 for (i = 0; i < c->fc->nb_streams; i++) {
1332 // Avoid building frag index if streams lack track id.
1333 if (c->fc->streams[i]->id < 0)
1334 return AVERROR_INVALIDDATA;
1335
1336 frag_stream_info[i].id = c->fc->streams[i]->id;
1337 frag_stream_info[i].sidx_pts = AV_NOPTS_VALUE;
1338 frag_stream_info[i].tfdt_dts = AV_NOPTS_VALUE;
1339 frag_stream_info[i].first_tfra_pts = AV_NOPTS_VALUE;
1340 frag_stream_info[i].index_entry = -1;
1341 frag_stream_info[i].encryption_index = NULL;
1342 }
1343
1344 if (index < c->frag_index.nb_items)
1345 memmove(c->frag_index.item + index + 1, c->frag_index.item + index,
1346 (c->frag_index.nb_items - index) * sizeof(*c->frag_index.item));
1347
1348 item = &c->frag_index.item[index];
1349 item->headers_read = 0;
1350 item->current = 0;
1351 item->nb_stream_info = c->fc->nb_streams;
1352 item->moof_offset = offset;
1353 item->stream_info = frag_stream_info;
1354 c->frag_index.nb_items++;
1355
1356 return index;
1357 }
1358
fix_frag_index_entries(MOVFragmentIndex * frag_index,int index,int id,int entries)1359 static void fix_frag_index_entries(MOVFragmentIndex *frag_index, int index,
1360 int id, int entries)
1361 {
1362 int i;
1363 MOVFragmentStreamInfo * frag_stream_info;
1364
1365 if (index < 0)
1366 return;
1367 for (i = index; i < frag_index->nb_items; i++) {
1368 frag_stream_info = get_frag_stream_info(frag_index, i, id);
1369 if (frag_stream_info && frag_stream_info->index_entry >= 0)
1370 frag_stream_info->index_entry += entries;
1371 }
1372 }
1373
mov_read_moof(MOVContext * c,AVIOContext * pb,MOVAtom atom)1374 static int mov_read_moof(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1375 {
1376 // Set by mov_read_tfhd(). mov_read_trun() will reject files missing tfhd.
1377 c->fragment.found_tfhd = 0;
1378
1379 if (!c->has_looked_for_mfra && c->use_mfra_for > 0) {
1380 c->has_looked_for_mfra = 1;
1381 if (pb->seekable & AVIO_SEEKABLE_NORMAL) {
1382 int ret;
1383 av_log(c->fc, AV_LOG_VERBOSE, "stream has moof boxes, will look "
1384 "for a mfra\n");
1385 if ((ret = mov_read_mfra(c, pb)) < 0) {
1386 av_log(c->fc, AV_LOG_VERBOSE, "found a moof box but failed to "
1387 "read the mfra (may be a live ismv)\n");
1388 }
1389 } else {
1390 av_log(c->fc, AV_LOG_VERBOSE, "found a moof box but stream is not "
1391 "seekable, can not look for mfra\n");
1392 }
1393 }
1394 c->fragment.moof_offset = c->fragment.implicit_offset = avio_tell(pb) - 8;
1395 av_log(c->fc, AV_LOG_TRACE, "moof offset %"PRIx64"\n", c->fragment.moof_offset);
1396 c->frag_index.current = update_frag_index(c, c->fragment.moof_offset);
1397 return mov_read_default(c, pb, atom);
1398 }
1399
mov_metadata_creation_time(AVDictionary ** metadata,int64_t time)1400 static void mov_metadata_creation_time(AVDictionary **metadata, int64_t time)
1401 {
1402 if (time) {
1403 if(time >= 2082844800)
1404 time -= 2082844800; /* seconds between 1904-01-01 and Epoch */
1405
1406 if ((int64_t)(time * 1000000ULL) / 1000000 != time) {
1407 av_log(NULL, AV_LOG_DEBUG, "creation_time is not representable\n");
1408 return;
1409 }
1410
1411 avpriv_dict_set_timestamp(metadata, "creation_time", time * 1000000);
1412 }
1413 }
1414
mov_read_mdhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)1415 static int mov_read_mdhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1416 {
1417 AVStream *st;
1418 MOVStreamContext *sc;
1419 int version;
1420 char language[4] = {0};
1421 unsigned lang;
1422 int64_t creation_time;
1423
1424 if (c->fc->nb_streams < 1)
1425 return 0;
1426 st = c->fc->streams[c->fc->nb_streams-1];
1427 sc = st->priv_data;
1428
1429 if (sc->time_scale) {
1430 av_log(c->fc, AV_LOG_ERROR, "Multiple mdhd?\n");
1431 return AVERROR_INVALIDDATA;
1432 }
1433
1434 version = avio_r8(pb);
1435 if (version > 1) {
1436 avpriv_request_sample(c->fc, "Version %d", version);
1437 return AVERROR_PATCHWELCOME;
1438 }
1439 avio_rb24(pb); /* flags */
1440 if (version == 1) {
1441 creation_time = avio_rb64(pb);
1442 avio_rb64(pb);
1443 } else {
1444 creation_time = avio_rb32(pb);
1445 avio_rb32(pb); /* modification time */
1446 }
1447 mov_metadata_creation_time(&st->metadata, creation_time);
1448
1449 sc->time_scale = avio_rb32(pb);
1450 if (sc->time_scale <= 0) {
1451 av_log(c->fc, AV_LOG_ERROR, "Invalid mdhd time scale %d, defaulting to 1\n", sc->time_scale);
1452 sc->time_scale = 1;
1453 }
1454 st->duration = (version == 1) ? avio_rb64(pb) : avio_rb32(pb); /* duration */
1455
1456 lang = avio_rb16(pb); /* language */
1457 if (ff_mov_lang_to_iso639(lang, language))
1458 av_dict_set(&st->metadata, "language", language, 0);
1459 avio_rb16(pb); /* quality */
1460
1461 return 0;
1462 }
1463
mov_read_mvhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)1464 static int mov_read_mvhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1465 {
1466 int i;
1467 int64_t creation_time;
1468 int version = avio_r8(pb); /* version */
1469 avio_rb24(pb); /* flags */
1470
1471 if (version == 1) {
1472 creation_time = avio_rb64(pb);
1473 avio_rb64(pb);
1474 } else {
1475 creation_time = avio_rb32(pb);
1476 avio_rb32(pb); /* modification time */
1477 }
1478 mov_metadata_creation_time(&c->fc->metadata, creation_time);
1479 c->time_scale = avio_rb32(pb); /* time scale */
1480 if (c->time_scale <= 0) {
1481 av_log(c->fc, AV_LOG_ERROR, "Invalid mvhd time scale %d, defaulting to 1\n", c->time_scale);
1482 c->time_scale = 1;
1483 }
1484 av_log(c->fc, AV_LOG_TRACE, "time scale = %i\n", c->time_scale);
1485
1486 c->duration = (version == 1) ? avio_rb64(pb) : avio_rb32(pb); /* duration */
1487 // set the AVCodecContext duration because the duration of individual tracks
1488 // may be inaccurate
1489 if (c->time_scale > 0 && !c->trex_data)
1490 c->fc->duration = av_rescale(c->duration, AV_TIME_BASE, c->time_scale);
1491 avio_rb32(pb); /* preferred scale */
1492
1493 avio_rb16(pb); /* preferred volume */
1494
1495 avio_skip(pb, 10); /* reserved */
1496
1497 /* movie display matrix, store it in main context and use it later on */
1498 for (i = 0; i < 3; i++) {
1499 c->movie_display_matrix[i][0] = avio_rb32(pb); // 16.16 fixed point
1500 c->movie_display_matrix[i][1] = avio_rb32(pb); // 16.16 fixed point
1501 c->movie_display_matrix[i][2] = avio_rb32(pb); // 2.30 fixed point
1502 }
1503
1504 avio_rb32(pb); /* preview time */
1505 avio_rb32(pb); /* preview duration */
1506 avio_rb32(pb); /* poster time */
1507 avio_rb32(pb); /* selection time */
1508 avio_rb32(pb); /* selection duration */
1509 avio_rb32(pb); /* current time */
1510 avio_rb32(pb); /* next track ID */
1511
1512 return 0;
1513 }
1514
mov_read_enda(MOVContext * c,AVIOContext * pb,MOVAtom atom)1515 static int mov_read_enda(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1516 {
1517 AVStream *st;
1518 int little_endian;
1519
1520 if (c->fc->nb_streams < 1)
1521 return 0;
1522 st = c->fc->streams[c->fc->nb_streams-1];
1523
1524 little_endian = avio_rb16(pb) & 0xFF;
1525 av_log(c->fc, AV_LOG_TRACE, "enda %d\n", little_endian);
1526 if (little_endian == 1) {
1527 switch (st->codecpar->codec_id) {
1528 case AV_CODEC_ID_PCM_S24BE:
1529 st->codecpar->codec_id = AV_CODEC_ID_PCM_S24LE;
1530 break;
1531 case AV_CODEC_ID_PCM_S32BE:
1532 st->codecpar->codec_id = AV_CODEC_ID_PCM_S32LE;
1533 break;
1534 case AV_CODEC_ID_PCM_F32BE:
1535 st->codecpar->codec_id = AV_CODEC_ID_PCM_F32LE;
1536 break;
1537 case AV_CODEC_ID_PCM_F64BE:
1538 st->codecpar->codec_id = AV_CODEC_ID_PCM_F64LE;
1539 break;
1540 default:
1541 break;
1542 }
1543 }
1544 return 0;
1545 }
1546
mov_read_colr(MOVContext * c,AVIOContext * pb,MOVAtom atom)1547 static int mov_read_colr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1548 {
1549 AVStream *st;
1550 char color_parameter_type[5] = { 0 };
1551 uint16_t color_primaries, color_trc, color_matrix;
1552 int ret;
1553
1554 if (c->fc->nb_streams < 1)
1555 return 0;
1556 st = c->fc->streams[c->fc->nb_streams - 1];
1557
1558 ret = ffio_read_size(pb, color_parameter_type, 4);
1559 if (ret < 0)
1560 return ret;
1561 if (strncmp(color_parameter_type, "nclx", 4) &&
1562 strncmp(color_parameter_type, "nclc", 4)) {
1563 av_log(c->fc, AV_LOG_WARNING, "unsupported color_parameter_type %s\n",
1564 color_parameter_type);
1565 return 0;
1566 }
1567
1568 color_primaries = avio_rb16(pb);
1569 color_trc = avio_rb16(pb);
1570 color_matrix = avio_rb16(pb);
1571
1572 av_log(c->fc, AV_LOG_TRACE,
1573 "%s: pri %d trc %d matrix %d",
1574 color_parameter_type, color_primaries, color_trc, color_matrix);
1575
1576 if (!strncmp(color_parameter_type, "nclx", 4)) {
1577 uint8_t color_range = avio_r8(pb) >> 7;
1578 av_log(c->fc, AV_LOG_TRACE, " full %"PRIu8"", color_range);
1579 if (color_range)
1580 st->codecpar->color_range = AVCOL_RANGE_JPEG;
1581 else
1582 st->codecpar->color_range = AVCOL_RANGE_MPEG;
1583 }
1584
1585 if (!av_color_primaries_name(color_primaries))
1586 color_primaries = AVCOL_PRI_UNSPECIFIED;
1587 if (!av_color_transfer_name(color_trc))
1588 color_trc = AVCOL_TRC_UNSPECIFIED;
1589 if (!av_color_space_name(color_matrix))
1590 color_matrix = AVCOL_SPC_UNSPECIFIED;
1591
1592 st->codecpar->color_primaries = color_primaries;
1593 st->codecpar->color_trc = color_trc;
1594 st->codecpar->color_space = color_matrix;
1595 av_log(c->fc, AV_LOG_TRACE, "\n");
1596
1597 return 0;
1598 }
1599
mov_read_fiel(MOVContext * c,AVIOContext * pb,MOVAtom atom)1600 static int mov_read_fiel(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1601 {
1602 AVStream *st;
1603 unsigned mov_field_order;
1604 enum AVFieldOrder decoded_field_order = AV_FIELD_UNKNOWN;
1605
1606 if (c->fc->nb_streams < 1) // will happen with jp2 files
1607 return 0;
1608 st = c->fc->streams[c->fc->nb_streams-1];
1609 if (atom.size < 2)
1610 return AVERROR_INVALIDDATA;
1611 mov_field_order = avio_rb16(pb);
1612 if ((mov_field_order & 0xFF00) == 0x0100)
1613 decoded_field_order = AV_FIELD_PROGRESSIVE;
1614 else if ((mov_field_order & 0xFF00) == 0x0200) {
1615 switch (mov_field_order & 0xFF) {
1616 case 0x01: decoded_field_order = AV_FIELD_TT;
1617 break;
1618 case 0x06: decoded_field_order = AV_FIELD_BB;
1619 break;
1620 case 0x09: decoded_field_order = AV_FIELD_TB;
1621 break;
1622 case 0x0E: decoded_field_order = AV_FIELD_BT;
1623 break;
1624 }
1625 }
1626 if (decoded_field_order == AV_FIELD_UNKNOWN && mov_field_order) {
1627 av_log(NULL, AV_LOG_ERROR, "Unknown MOV field order 0x%04x\n", mov_field_order);
1628 }
1629 st->codecpar->field_order = decoded_field_order;
1630
1631 return 0;
1632 }
1633
mov_realloc_extradata(AVCodecParameters * par,MOVAtom atom)1634 static int mov_realloc_extradata(AVCodecParameters *par, MOVAtom atom)
1635 {
1636 int err = 0;
1637 uint64_t size = (uint64_t)par->extradata_size + atom.size + 8 + AV_INPUT_BUFFER_PADDING_SIZE;
1638 if (size > INT_MAX || (uint64_t)atom.size > INT_MAX)
1639 return AVERROR_INVALIDDATA;
1640 if ((err = av_reallocp(&par->extradata, size)) < 0) {
1641 par->extradata_size = 0;
1642 return err;
1643 }
1644 par->extradata_size = size - AV_INPUT_BUFFER_PADDING_SIZE;
1645 return 0;
1646 }
1647
1648 /* Read a whole atom into the extradata return the size of the atom read, possibly truncated if != atom.size */
mov_read_atom_into_extradata(MOVContext * c,AVIOContext * pb,MOVAtom atom,AVCodecParameters * par,uint8_t * buf)1649 static int64_t mov_read_atom_into_extradata(MOVContext *c, AVIOContext *pb, MOVAtom atom,
1650 AVCodecParameters *par, uint8_t *buf)
1651 {
1652 int64_t result = atom.size;
1653 int err;
1654
1655 AV_WB32(buf , atom.size + 8);
1656 AV_WL32(buf + 4, atom.type);
1657 err = ffio_read_size(pb, buf + 8, atom.size);
1658 if (err < 0) {
1659 par->extradata_size -= atom.size;
1660 return err;
1661 } else if (err < atom.size) {
1662 av_log(c->fc, AV_LOG_WARNING, "truncated extradata\n");
1663 par->extradata_size -= atom.size - err;
1664 result = err;
1665 }
1666 memset(buf + 8 + err, 0, AV_INPUT_BUFFER_PADDING_SIZE);
1667 return result;
1668 }
1669
1670 /* FIXME modify QDM2/SVQ3/H.264 decoders to take full atom as extradata */
mov_read_extradata(MOVContext * c,AVIOContext * pb,MOVAtom atom,enum AVCodecID codec_id)1671 static int mov_read_extradata(MOVContext *c, AVIOContext *pb, MOVAtom atom,
1672 enum AVCodecID codec_id)
1673 {
1674 AVStream *st;
1675 uint64_t original_size;
1676 int err;
1677
1678 if (c->fc->nb_streams < 1) // will happen with jp2 files
1679 return 0;
1680 st = c->fc->streams[c->fc->nb_streams-1];
1681
1682 if (st->codecpar->codec_id != codec_id)
1683 return 0; /* unexpected codec_id - don't mess with extradata */
1684
1685 original_size = st->codecpar->extradata_size;
1686 err = mov_realloc_extradata(st->codecpar, atom);
1687 if (err)
1688 return err;
1689
1690 err = mov_read_atom_into_extradata(c, pb, atom, st->codecpar, st->codecpar->extradata + original_size);
1691 if (err < 0)
1692 return err;
1693 return 0; // Note: this is the original behavior to ignore truncation.
1694 }
1695
1696 /* wrapper functions for reading ALAC/AVS/MJPEG/MJPEG2000 extradata atoms only for those codecs */
mov_read_alac(MOVContext * c,AVIOContext * pb,MOVAtom atom)1697 static int mov_read_alac(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1698 {
1699 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_ALAC);
1700 }
1701
mov_read_avss(MOVContext * c,AVIOContext * pb,MOVAtom atom)1702 static int mov_read_avss(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1703 {
1704 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_AVS);
1705 }
1706
mov_read_jp2h(MOVContext * c,AVIOContext * pb,MOVAtom atom)1707 static int mov_read_jp2h(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1708 {
1709 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_JPEG2000);
1710 }
1711
mov_read_dpxe(MOVContext * c,AVIOContext * pb,MOVAtom atom)1712 static int mov_read_dpxe(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1713 {
1714 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_R10K);
1715 }
1716
mov_read_avid(MOVContext * c,AVIOContext * pb,MOVAtom atom)1717 static int mov_read_avid(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1718 {
1719 int ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_AVUI);
1720 if(ret == 0)
1721 ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_DNXHD);
1722 return ret;
1723 }
1724
mov_read_targa_y216(MOVContext * c,AVIOContext * pb,MOVAtom atom)1725 static int mov_read_targa_y216(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1726 {
1727 int ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_TARGA_Y216);
1728
1729 if (!ret && c->fc->nb_streams >= 1) {
1730 AVCodecParameters *par = c->fc->streams[c->fc->nb_streams-1]->codecpar;
1731 if (par->extradata_size >= 40) {
1732 par->height = AV_RB16(&par->extradata[36]);
1733 par->width = AV_RB16(&par->extradata[38]);
1734 }
1735 }
1736 return ret;
1737 }
1738
mov_read_ares(MOVContext * c,AVIOContext * pb,MOVAtom atom)1739 static int mov_read_ares(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1740 {
1741 if (c->fc->nb_streams >= 1) {
1742 AVCodecParameters *par = c->fc->streams[c->fc->nb_streams-1]->codecpar;
1743 if (par->codec_tag == MKTAG('A', 'V', 'i', 'n') &&
1744 par->codec_id == AV_CODEC_ID_H264 &&
1745 atom.size > 11) {
1746 int cid;
1747 avio_skip(pb, 10);
1748 cid = avio_rb16(pb);
1749 /* For AVID AVCI50, force width of 1440 to be able to select the correct SPS and PPS */
1750 if (cid == 0xd4d || cid == 0xd4e)
1751 par->width = 1440;
1752 return 0;
1753 } else if ((par->codec_tag == MKTAG('A', 'V', 'd', '1') ||
1754 par->codec_tag == MKTAG('A', 'V', 'j', '2') ||
1755 par->codec_tag == MKTAG('A', 'V', 'd', 'n')) &&
1756 atom.size >= 24) {
1757 int num, den;
1758 avio_skip(pb, 12);
1759 num = avio_rb32(pb);
1760 den = avio_rb32(pb);
1761 if (num <= 0 || den <= 0)
1762 return 0;
1763 switch (avio_rb32(pb)) {
1764 case 2:
1765 if (den >= INT_MAX / 2)
1766 return 0;
1767 den *= 2;
1768 case 1:
1769 c->fc->streams[c->fc->nb_streams-1]->display_aspect_ratio.num = num;
1770 c->fc->streams[c->fc->nb_streams-1]->display_aspect_ratio.den = den;
1771 default:
1772 return 0;
1773 }
1774 }
1775 }
1776
1777 return mov_read_avid(c, pb, atom);
1778 }
1779
mov_read_aclr(MOVContext * c,AVIOContext * pb,MOVAtom atom)1780 static int mov_read_aclr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1781 {
1782 int ret = 0;
1783 int length = 0;
1784 uint64_t original_size;
1785 if (c->fc->nb_streams >= 1) {
1786 AVCodecParameters *par = c->fc->streams[c->fc->nb_streams-1]->codecpar;
1787 if (par->codec_id == AV_CODEC_ID_H264)
1788 return 0;
1789 if (atom.size == 16) {
1790 original_size = par->extradata_size;
1791 ret = mov_realloc_extradata(par, atom);
1792 if (!ret) {
1793 length = mov_read_atom_into_extradata(c, pb, atom, par, par->extradata + original_size);
1794 if (length == atom.size) {
1795 const uint8_t range_value = par->extradata[original_size + 19];
1796 switch (range_value) {
1797 case 1:
1798 par->color_range = AVCOL_RANGE_MPEG;
1799 break;
1800 case 2:
1801 par->color_range = AVCOL_RANGE_JPEG;
1802 break;
1803 default:
1804 av_log(c, AV_LOG_WARNING, "ignored unknown aclr value (%d)\n", range_value);
1805 break;
1806 }
1807 ff_dlog(c, "color_range: %d\n", par->color_range);
1808 } else {
1809 /* For some reason the whole atom was not added to the extradata */
1810 av_log(c, AV_LOG_ERROR, "aclr not decoded - incomplete atom\n");
1811 }
1812 } else {
1813 av_log(c, AV_LOG_ERROR, "aclr not decoded - unable to add atom to extradata\n");
1814 }
1815 } else {
1816 av_log(c, AV_LOG_WARNING, "aclr not decoded - unexpected size %"PRId64"\n", atom.size);
1817 }
1818 }
1819
1820 return ret;
1821 }
1822
mov_read_svq3(MOVContext * c,AVIOContext * pb,MOVAtom atom)1823 static int mov_read_svq3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1824 {
1825 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_SVQ3);
1826 }
1827
mov_read_wave(MOVContext * c,AVIOContext * pb,MOVAtom atom)1828 static int mov_read_wave(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1829 {
1830 AVStream *st;
1831 int ret;
1832
1833 if (c->fc->nb_streams < 1)
1834 return 0;
1835 st = c->fc->streams[c->fc->nb_streams-1];
1836
1837 if ((uint64_t)atom.size > (1<<30))
1838 return AVERROR_INVALIDDATA;
1839
1840 if (st->codecpar->codec_id == AV_CODEC_ID_QDM2 ||
1841 st->codecpar->codec_id == AV_CODEC_ID_QDMC ||
1842 st->codecpar->codec_id == AV_CODEC_ID_SPEEX) {
1843 // pass all frma atom to codec, needed at least for QDMC and QDM2
1844 av_freep(&st->codecpar->extradata);
1845 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size);
1846 if (ret < 0)
1847 return ret;
1848 } else if (atom.size > 8) { /* to read frma, esds atoms */
1849 if (st->codecpar->codec_id == AV_CODEC_ID_ALAC && atom.size >= 24) {
1850 uint64_t buffer;
1851 ret = ffio_ensure_seekback(pb, 8);
1852 if (ret < 0)
1853 return ret;
1854 buffer = avio_rb64(pb);
1855 atom.size -= 8;
1856 if ( (buffer & 0xFFFFFFFF) == MKBETAG('f','r','m','a')
1857 && buffer >> 32 <= atom.size
1858 && buffer >> 32 >= 8) {
1859 avio_skip(pb, -8);
1860 atom.size += 8;
1861 } else if (!st->codecpar->extradata_size) {
1862 #define ALAC_EXTRADATA_SIZE 36
1863 st->codecpar->extradata = av_mallocz(ALAC_EXTRADATA_SIZE + AV_INPUT_BUFFER_PADDING_SIZE);
1864 if (!st->codecpar->extradata)
1865 return AVERROR(ENOMEM);
1866 st->codecpar->extradata_size = ALAC_EXTRADATA_SIZE;
1867 AV_WB32(st->codecpar->extradata , ALAC_EXTRADATA_SIZE);
1868 AV_WB32(st->codecpar->extradata + 4, MKTAG('a','l','a','c'));
1869 AV_WB64(st->codecpar->extradata + 12, buffer);
1870 avio_read(pb, st->codecpar->extradata + 20, 16);
1871 avio_skip(pb, atom.size - 24);
1872 return 0;
1873 }
1874 }
1875 if ((ret = mov_read_default(c, pb, atom)) < 0)
1876 return ret;
1877 } else
1878 avio_skip(pb, atom.size);
1879 return 0;
1880 }
1881
1882 /**
1883 * This function reads atom content and puts data in extradata without tag
1884 * nor size unlike mov_read_extradata.
1885 */
mov_read_glbl(MOVContext * c,AVIOContext * pb,MOVAtom atom)1886 static int mov_read_glbl(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1887 {
1888 AVStream *st;
1889 int ret;
1890
1891 if (c->fc->nb_streams < 1)
1892 return 0;
1893 st = c->fc->streams[c->fc->nb_streams-1];
1894
1895 if ((uint64_t)atom.size > (1<<30))
1896 return AVERROR_INVALIDDATA;
1897
1898 if (atom.size >= 10) {
1899 // Broken files created by legacy versions of libavformat will
1900 // wrap a whole fiel atom inside of a glbl atom.
1901 unsigned size = avio_rb32(pb);
1902 unsigned type = avio_rl32(pb);
1903 avio_seek(pb, -8, SEEK_CUR);
1904 if (type == MKTAG('f','i','e','l') && size == atom.size)
1905 return mov_read_default(c, pb, atom);
1906 }
1907 if (st->codecpar->extradata_size > 1 && st->codecpar->extradata) {
1908 av_log(c, AV_LOG_WARNING, "ignoring multiple glbl\n");
1909 return 0;
1910 }
1911 av_freep(&st->codecpar->extradata);
1912 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size);
1913 if (ret < 0)
1914 return ret;
1915 if (atom.type == MKTAG('h','v','c','C') && st->codecpar->codec_tag == MKTAG('d','v','h','1'))
1916 st->codecpar->codec_id = AV_CODEC_ID_HEVC;
1917
1918 return 0;
1919 }
1920
mov_read_dvc1(MOVContext * c,AVIOContext * pb,MOVAtom atom)1921 static int mov_read_dvc1(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1922 {
1923 AVStream *st;
1924 uint8_t profile_level;
1925 int ret;
1926
1927 if (c->fc->nb_streams < 1)
1928 return 0;
1929 st = c->fc->streams[c->fc->nb_streams-1];
1930
1931 if (atom.size >= (1<<28) || atom.size < 7)
1932 return AVERROR_INVALIDDATA;
1933
1934 profile_level = avio_r8(pb);
1935 if ((profile_level & 0xf0) != 0xc0)
1936 return 0;
1937
1938 avio_seek(pb, 6, SEEK_CUR);
1939 av_freep(&st->codecpar->extradata);
1940 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size - 7);
1941 if (ret < 0)
1942 return ret;
1943
1944 return 0;
1945 }
1946
1947 /**
1948 * An strf atom is a BITMAPINFOHEADER struct. This struct is 40 bytes itself,
1949 * but can have extradata appended at the end after the 40 bytes belonging
1950 * to the struct.
1951 */
mov_read_strf(MOVContext * c,AVIOContext * pb,MOVAtom atom)1952 static int mov_read_strf(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1953 {
1954 AVStream *st;
1955 int ret;
1956
1957 if (c->fc->nb_streams < 1)
1958 return 0;
1959 if (atom.size <= 40)
1960 return 0;
1961 st = c->fc->streams[c->fc->nb_streams-1];
1962
1963 if ((uint64_t)atom.size > (1<<30))
1964 return AVERROR_INVALIDDATA;
1965
1966 avio_skip(pb, 40);
1967 av_freep(&st->codecpar->extradata);
1968 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size - 40);
1969 if (ret < 0)
1970 return ret;
1971
1972 return 0;
1973 }
1974
mov_read_stco(MOVContext * c,AVIOContext * pb,MOVAtom atom)1975 static int mov_read_stco(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1976 {
1977 AVStream *st;
1978 MOVStreamContext *sc;
1979 unsigned int i, entries;
1980
1981 if (c->fc->nb_streams < 1)
1982 return 0;
1983 st = c->fc->streams[c->fc->nb_streams-1];
1984 sc = st->priv_data;
1985
1986 avio_r8(pb); /* version */
1987 avio_rb24(pb); /* flags */
1988
1989 entries = avio_rb32(pb);
1990
1991 if (!entries)
1992 return 0;
1993
1994 if (sc->chunk_offsets)
1995 av_log(c->fc, AV_LOG_WARNING, "Duplicated STCO atom\n");
1996 av_free(sc->chunk_offsets);
1997 sc->chunk_count = 0;
1998 sc->chunk_offsets = av_malloc_array(entries, sizeof(*sc->chunk_offsets));
1999 if (!sc->chunk_offsets)
2000 return AVERROR(ENOMEM);
2001 sc->chunk_count = entries;
2002
2003 if (atom.type == MKTAG('s','t','c','o'))
2004 for (i = 0; i < entries && !pb->eof_reached; i++)
2005 sc->chunk_offsets[i] = avio_rb32(pb);
2006 else if (atom.type == MKTAG('c','o','6','4'))
2007 for (i = 0; i < entries && !pb->eof_reached; i++)
2008 sc->chunk_offsets[i] = avio_rb64(pb);
2009 else
2010 return AVERROR_INVALIDDATA;
2011
2012 sc->chunk_count = i;
2013
2014 if (pb->eof_reached) {
2015 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STCO atom\n");
2016 return AVERROR_EOF;
2017 }
2018
2019 return 0;
2020 }
2021
mov_codec_id(AVStream * st,uint32_t format)2022 static int mov_codec_id(AVStream *st, uint32_t format)
2023 {
2024 int id = ff_codec_get_id(ff_codec_movaudio_tags, format);
2025
2026 if (id <= 0 &&
2027 ((format & 0xFFFF) == 'm' + ('s' << 8) ||
2028 (format & 0xFFFF) == 'T' + ('S' << 8)))
2029 id = ff_codec_get_id(ff_codec_wav_tags, av_bswap32(format) & 0xFFFF);
2030
2031 if (st->codecpar->codec_type != AVMEDIA_TYPE_VIDEO && id > 0) {
2032 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
2033 } else if (st->codecpar->codec_type != AVMEDIA_TYPE_AUDIO &&
2034 /* skip old ASF MPEG-4 tag */
2035 format && format != MKTAG('m','p','4','s')) {
2036 id = ff_codec_get_id(ff_codec_movvideo_tags, format);
2037 if (id <= 0)
2038 id = ff_codec_get_id(ff_codec_bmp_tags, format);
2039 if (id > 0)
2040 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
2041 else if (st->codecpar->codec_type == AVMEDIA_TYPE_DATA ||
2042 (st->codecpar->codec_type == AVMEDIA_TYPE_SUBTITLE &&
2043 st->codecpar->codec_id == AV_CODEC_ID_NONE)) {
2044 id = ff_codec_get_id(ff_codec_movsubtitle_tags, format);
2045 if (id > 0)
2046 st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
2047 else
2048 id = ff_codec_get_id(ff_codec_movdata_tags, format);
2049 }
2050 }
2051
2052 st->codecpar->codec_tag = format;
2053
2054 return id;
2055 }
2056
mov_parse_stsd_video(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2057 static void mov_parse_stsd_video(MOVContext *c, AVIOContext *pb,
2058 AVStream *st, MOVStreamContext *sc)
2059 {
2060 uint8_t codec_name[32] = { 0 };
2061 int64_t stsd_start;
2062 unsigned int len;
2063
2064 /* The first 16 bytes of the video sample description are already
2065 * read in ff_mov_read_stsd_entries() */
2066 stsd_start = avio_tell(pb) - 16;
2067
2068 avio_rb16(pb); /* version */
2069 avio_rb16(pb); /* revision level */
2070 avio_rb32(pb); /* vendor */
2071 avio_rb32(pb); /* temporal quality */
2072 avio_rb32(pb); /* spatial quality */
2073
2074 st->codecpar->width = avio_rb16(pb); /* width */
2075 st->codecpar->height = avio_rb16(pb); /* height */
2076
2077 avio_rb32(pb); /* horiz resolution */
2078 avio_rb32(pb); /* vert resolution */
2079 avio_rb32(pb); /* data size, always 0 */
2080 avio_rb16(pb); /* frames per samples */
2081
2082 len = avio_r8(pb); /* codec name, pascal string */
2083 if (len > 31)
2084 len = 31;
2085 mov_read_mac_string(c, pb, len, codec_name, sizeof(codec_name));
2086 if (len < 31)
2087 avio_skip(pb, 31 - len);
2088
2089 if (codec_name[0])
2090 av_dict_set(&st->metadata, "encoder", codec_name, 0);
2091
2092 /* codec_tag YV12 triggers an UV swap in rawdec.c */
2093 if (!strncmp(codec_name, "Planar Y'CbCr 8-bit 4:2:0", 25)) {
2094 st->codecpar->codec_tag = MKTAG('I', '4', '2', '0');
2095 st->codecpar->width &= ~1;
2096 st->codecpar->height &= ~1;
2097 }
2098 /* Flash Media Server uses tag H.263 with Sorenson Spark */
2099 if (st->codecpar->codec_tag == MKTAG('H','2','6','3') &&
2100 !strncmp(codec_name, "Sorenson H263", 13))
2101 st->codecpar->codec_id = AV_CODEC_ID_FLV1;
2102
2103 st->codecpar->bits_per_coded_sample = avio_rb16(pb); /* depth */
2104
2105 avio_seek(pb, stsd_start, SEEK_SET);
2106
2107 if (ff_get_qtpalette(st->codecpar->codec_id, pb, sc->palette)) {
2108 st->codecpar->bits_per_coded_sample &= 0x1F;
2109 sc->has_palette = 1;
2110 }
2111 }
2112
mov_parse_stsd_audio(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2113 static void mov_parse_stsd_audio(MOVContext *c, AVIOContext *pb,
2114 AVStream *st, MOVStreamContext *sc)
2115 {
2116 int bits_per_sample, flags;
2117 uint16_t version = avio_rb16(pb);
2118 AVDictionaryEntry *compatible_brands = av_dict_get(c->fc->metadata, "compatible_brands", NULL, AV_DICT_MATCH_CASE);
2119
2120 avio_rb16(pb); /* revision level */
2121 avio_rb32(pb); /* vendor */
2122
2123 st->codecpar->channels = avio_rb16(pb); /* channel count */
2124 st->codecpar->bits_per_coded_sample = avio_rb16(pb); /* sample size */
2125 av_log(c->fc, AV_LOG_TRACE, "audio channels %d\n", st->codecpar->channels);
2126
2127 sc->audio_cid = avio_rb16(pb);
2128 avio_rb16(pb); /* packet size = 0 */
2129
2130 st->codecpar->sample_rate = ((avio_rb32(pb) >> 16));
2131
2132 // Read QT version 1 fields. In version 0 these do not exist.
2133 av_log(c->fc, AV_LOG_TRACE, "version =%d, isom =%d\n", version, c->isom);
2134 if (!c->isom ||
2135 (compatible_brands && strstr(compatible_brands->value, "qt ")) ||
2136 (sc->stsd_version == 0 && version > 0)) {
2137 if (version == 1) {
2138 sc->samples_per_frame = avio_rb32(pb);
2139 avio_rb32(pb); /* bytes per packet */
2140 sc->bytes_per_frame = avio_rb32(pb);
2141 avio_rb32(pb); /* bytes per sample */
2142 } else if (version == 2) {
2143 avio_rb32(pb); /* sizeof struct only */
2144 st->codecpar->sample_rate = av_int2double(avio_rb64(pb));
2145 st->codecpar->channels = avio_rb32(pb);
2146 avio_rb32(pb); /* always 0x7F000000 */
2147 st->codecpar->bits_per_coded_sample = avio_rb32(pb);
2148
2149 flags = avio_rb32(pb); /* lpcm format specific flag */
2150 sc->bytes_per_frame = avio_rb32(pb);
2151 sc->samples_per_frame = avio_rb32(pb);
2152 if (st->codecpar->codec_tag == MKTAG('l','p','c','m'))
2153 st->codecpar->codec_id =
2154 ff_mov_get_lpcm_codec_id(st->codecpar->bits_per_coded_sample,
2155 flags);
2156 }
2157 if (version == 0 || (version == 1 && sc->audio_cid != -2)) {
2158 /* can't correctly handle variable sized packet as audio unit */
2159 switch (st->codecpar->codec_id) {
2160 case AV_CODEC_ID_MP2:
2161 case AV_CODEC_ID_MP3:
2162 st->need_parsing = AVSTREAM_PARSE_FULL;
2163 break;
2164 }
2165 }
2166 }
2167
2168 if (sc->format == 0) {
2169 if (st->codecpar->bits_per_coded_sample == 8)
2170 st->codecpar->codec_id = mov_codec_id(st, MKTAG('r','a','w',' '));
2171 else if (st->codecpar->bits_per_coded_sample == 16)
2172 st->codecpar->codec_id = mov_codec_id(st, MKTAG('t','w','o','s'));
2173 }
2174
2175 switch (st->codecpar->codec_id) {
2176 case AV_CODEC_ID_PCM_S8:
2177 case AV_CODEC_ID_PCM_U8:
2178 if (st->codecpar->bits_per_coded_sample == 16)
2179 st->codecpar->codec_id = AV_CODEC_ID_PCM_S16BE;
2180 break;
2181 case AV_CODEC_ID_PCM_S16LE:
2182 case AV_CODEC_ID_PCM_S16BE:
2183 if (st->codecpar->bits_per_coded_sample == 8)
2184 st->codecpar->codec_id = AV_CODEC_ID_PCM_S8;
2185 else if (st->codecpar->bits_per_coded_sample == 24)
2186 st->codecpar->codec_id =
2187 st->codecpar->codec_id == AV_CODEC_ID_PCM_S16BE ?
2188 AV_CODEC_ID_PCM_S24BE : AV_CODEC_ID_PCM_S24LE;
2189 else if (st->codecpar->bits_per_coded_sample == 32)
2190 st->codecpar->codec_id =
2191 st->codecpar->codec_id == AV_CODEC_ID_PCM_S16BE ?
2192 AV_CODEC_ID_PCM_S32BE : AV_CODEC_ID_PCM_S32LE;
2193 break;
2194 /* set values for old format before stsd version 1 appeared */
2195 case AV_CODEC_ID_MACE3:
2196 sc->samples_per_frame = 6;
2197 sc->bytes_per_frame = 2 * st->codecpar->channels;
2198 break;
2199 case AV_CODEC_ID_MACE6:
2200 sc->samples_per_frame = 6;
2201 sc->bytes_per_frame = 1 * st->codecpar->channels;
2202 break;
2203 case AV_CODEC_ID_ADPCM_IMA_QT:
2204 sc->samples_per_frame = 64;
2205 sc->bytes_per_frame = 34 * st->codecpar->channels;
2206 break;
2207 case AV_CODEC_ID_GSM:
2208 sc->samples_per_frame = 160;
2209 sc->bytes_per_frame = 33;
2210 break;
2211 default:
2212 break;
2213 }
2214
2215 bits_per_sample = av_get_bits_per_sample(st->codecpar->codec_id);
2216 if (bits_per_sample) {
2217 st->codecpar->bits_per_coded_sample = bits_per_sample;
2218 sc->sample_size = (bits_per_sample >> 3) * st->codecpar->channels;
2219 }
2220 }
2221
mov_parse_stsd_subtitle(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc,int64_t size)2222 static void mov_parse_stsd_subtitle(MOVContext *c, AVIOContext *pb,
2223 AVStream *st, MOVStreamContext *sc,
2224 int64_t size)
2225 {
2226 // ttxt stsd contains display flags, justification, background
2227 // color, fonts, and default styles, so fake an atom to read it
2228 MOVAtom fake_atom = { .size = size };
2229 // mp4s contains a regular esds atom
2230 if (st->codecpar->codec_tag != AV_RL32("mp4s"))
2231 mov_read_glbl(c, pb, fake_atom);
2232 st->codecpar->width = sc->width;
2233 st->codecpar->height = sc->height;
2234 }
2235
yuv_to_rgba(uint32_t ycbcr)2236 static uint32_t yuv_to_rgba(uint32_t ycbcr)
2237 {
2238 uint8_t r, g, b;
2239 int y, cb, cr;
2240
2241 y = (ycbcr >> 16) & 0xFF;
2242 cr = (ycbcr >> 8) & 0xFF;
2243 cb = ycbcr & 0xFF;
2244
2245 b = av_clip_uint8((1164 * (y - 16) + 2018 * (cb - 128)) / 1000);
2246 g = av_clip_uint8((1164 * (y - 16) - 813 * (cr - 128) - 391 * (cb - 128)) / 1000);
2247 r = av_clip_uint8((1164 * (y - 16) + 1596 * (cr - 128) ) / 1000);
2248
2249 return (r << 16) | (g << 8) | b;
2250 }
2251
mov_rewrite_dvd_sub_extradata(AVStream * st)2252 static int mov_rewrite_dvd_sub_extradata(AVStream *st)
2253 {
2254 char buf[256] = {0};
2255 uint8_t *src = st->codecpar->extradata;
2256 int i;
2257
2258 if (st->codecpar->extradata_size != 64)
2259 return 0;
2260
2261 if (st->codecpar->width > 0 && st->codecpar->height > 0)
2262 snprintf(buf, sizeof(buf), "size: %dx%d\n",
2263 st->codecpar->width, st->codecpar->height);
2264 av_strlcat(buf, "palette: ", sizeof(buf));
2265
2266 for (i = 0; i < 16; i++) {
2267 uint32_t yuv = AV_RB32(src + i * 4);
2268 uint32_t rgba = yuv_to_rgba(yuv);
2269
2270 av_strlcatf(buf, sizeof(buf), "%06"PRIx32"%s", rgba, i != 15 ? ", " : "");
2271 }
2272
2273 if (av_strlcat(buf, "\n", sizeof(buf)) >= sizeof(buf))
2274 return 0;
2275
2276 av_freep(&st->codecpar->extradata);
2277 st->codecpar->extradata_size = 0;
2278 st->codecpar->extradata = av_mallocz(strlen(buf) + AV_INPUT_BUFFER_PADDING_SIZE);
2279 if (!st->codecpar->extradata)
2280 return AVERROR(ENOMEM);
2281 st->codecpar->extradata_size = strlen(buf);
2282 memcpy(st->codecpar->extradata, buf, st->codecpar->extradata_size);
2283
2284 return 0;
2285 }
2286
mov_parse_stsd_data(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc,int64_t size)2287 static int mov_parse_stsd_data(MOVContext *c, AVIOContext *pb,
2288 AVStream *st, MOVStreamContext *sc,
2289 int64_t size)
2290 {
2291 int ret;
2292
2293 if (st->codecpar->codec_tag == MKTAG('t','m','c','d')) {
2294 if ((int)size != size)
2295 return AVERROR(ENOMEM);
2296
2297 ret = ff_get_extradata(c->fc, st->codecpar, pb, size);
2298 if (ret < 0)
2299 return ret;
2300 if (size > 16) {
2301 MOVStreamContext *tmcd_ctx = st->priv_data;
2302 int val;
2303 val = AV_RB32(st->codecpar->extradata + 4);
2304 tmcd_ctx->tmcd_flags = val;
2305 st->avg_frame_rate.num = st->codecpar->extradata[16]; /* number of frame */
2306 st->avg_frame_rate.den = 1;
2307 #if FF_API_LAVF_AVCTX
2308 FF_DISABLE_DEPRECATION_WARNINGS
2309 st->codec->time_base = av_inv_q(st->avg_frame_rate);
2310 FF_ENABLE_DEPRECATION_WARNINGS
2311 #endif
2312 /* adjust for per frame dur in counter mode */
2313 if (tmcd_ctx->tmcd_flags & 0x0008) {
2314 int timescale = AV_RB32(st->codecpar->extradata + 8);
2315 int framedur = AV_RB32(st->codecpar->extradata + 12);
2316 st->avg_frame_rate.num *= timescale;
2317 st->avg_frame_rate.den *= framedur;
2318 #if FF_API_LAVF_AVCTX
2319 FF_DISABLE_DEPRECATION_WARNINGS
2320 st->codec->time_base.den *= timescale;
2321 st->codec->time_base.num *= framedur;
2322 FF_ENABLE_DEPRECATION_WARNINGS
2323 #endif
2324 }
2325 if (size > 30) {
2326 uint32_t len = AV_RB32(st->codecpar->extradata + 18); /* name atom length */
2327 uint32_t format = AV_RB32(st->codecpar->extradata + 22);
2328 if (format == AV_RB32("name") && (int64_t)size >= (int64_t)len + 18) {
2329 uint16_t str_size = AV_RB16(st->codecpar->extradata + 26); /* string length */
2330 if (str_size > 0 && size >= (int)str_size + 26) {
2331 char *reel_name = av_malloc(str_size + 1);
2332 if (!reel_name)
2333 return AVERROR(ENOMEM);
2334 memcpy(reel_name, st->codecpar->extradata + 30, str_size);
2335 reel_name[str_size] = 0; /* Add null terminator */
2336 /* don't add reel_name if emtpy string */
2337 if (*reel_name == 0) {
2338 av_free(reel_name);
2339 } else {
2340 av_dict_set(&st->metadata, "reel_name", reel_name, AV_DICT_DONT_STRDUP_VAL);
2341 }
2342 }
2343 }
2344 }
2345 }
2346 } else {
2347 /* other codec type, just skip (rtp, mp4s ...) */
2348 avio_skip(pb, size);
2349 }
2350 return 0;
2351 }
2352
mov_finalize_stsd_codec(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2353 static int mov_finalize_stsd_codec(MOVContext *c, AVIOContext *pb,
2354 AVStream *st, MOVStreamContext *sc)
2355 {
2356 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
2357 !st->codecpar->sample_rate && sc->time_scale > 1)
2358 st->codecpar->sample_rate = sc->time_scale;
2359
2360 /* special codec parameters handling */
2361 switch (st->codecpar->codec_id) {
2362 #if CONFIG_DV_DEMUXER
2363 case AV_CODEC_ID_DVAUDIO:
2364 c->dv_fctx = avformat_alloc_context();
2365 if (!c->dv_fctx) {
2366 av_log(c->fc, AV_LOG_ERROR, "dv demux context alloc error\n");
2367 return AVERROR(ENOMEM);
2368 }
2369 c->dv_demux = avpriv_dv_init_demux(c->dv_fctx);
2370 if (!c->dv_demux) {
2371 av_log(c->fc, AV_LOG_ERROR, "dv demux context init error\n");
2372 return AVERROR(ENOMEM);
2373 }
2374 sc->dv_audio_container = 1;
2375 st->codecpar->codec_id = AV_CODEC_ID_PCM_S16LE;
2376 break;
2377 #endif
2378 /* no ifdef since parameters are always those */
2379 case AV_CODEC_ID_QCELP:
2380 st->codecpar->channels = 1;
2381 // force sample rate for qcelp when not stored in mov
2382 if (st->codecpar->codec_tag != MKTAG('Q','c','l','p'))
2383 st->codecpar->sample_rate = 8000;
2384 // FIXME: Why is the following needed for some files?
2385 sc->samples_per_frame = 160;
2386 if (!sc->bytes_per_frame)
2387 sc->bytes_per_frame = 35;
2388 break;
2389 case AV_CODEC_ID_AMR_NB:
2390 st->codecpar->channels = 1;
2391 /* force sample rate for amr, stsd in 3gp does not store sample rate */
2392 st->codecpar->sample_rate = 8000;
2393 break;
2394 case AV_CODEC_ID_AMR_WB:
2395 st->codecpar->channels = 1;
2396 st->codecpar->sample_rate = 16000;
2397 break;
2398 case AV_CODEC_ID_MP2:
2399 case AV_CODEC_ID_MP3:
2400 /* force type after stsd for m1a hdlr */
2401 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
2402 break;
2403 case AV_CODEC_ID_GSM:
2404 case AV_CODEC_ID_ADPCM_MS:
2405 case AV_CODEC_ID_ADPCM_IMA_WAV:
2406 case AV_CODEC_ID_ILBC:
2407 case AV_CODEC_ID_MACE3:
2408 case AV_CODEC_ID_MACE6:
2409 case AV_CODEC_ID_QDM2:
2410 st->codecpar->block_align = sc->bytes_per_frame;
2411 break;
2412 case AV_CODEC_ID_ALAC:
2413 if (st->codecpar->extradata_size == 36) {
2414 st->codecpar->channels = AV_RB8 (st->codecpar->extradata + 21);
2415 st->codecpar->sample_rate = AV_RB32(st->codecpar->extradata + 32);
2416 }
2417 break;
2418 case AV_CODEC_ID_AC3:
2419 case AV_CODEC_ID_EAC3:
2420 case AV_CODEC_ID_MPEG1VIDEO:
2421 case AV_CODEC_ID_VC1:
2422 case AV_CODEC_ID_VP8:
2423 case AV_CODEC_ID_VP9:
2424 st->need_parsing = AVSTREAM_PARSE_FULL;
2425 break;
2426 default:
2427 break;
2428 }
2429 return 0;
2430 }
2431
mov_skip_multiple_stsd(MOVContext * c,AVIOContext * pb,int codec_tag,int format,int64_t size)2432 static int mov_skip_multiple_stsd(MOVContext *c, AVIOContext *pb,
2433 int codec_tag, int format,
2434 int64_t size)
2435 {
2436 int video_codec_id = ff_codec_get_id(ff_codec_movvideo_tags, format);
2437
2438 if (codec_tag &&
2439 (codec_tag != format &&
2440 // AVID 1:1 samples with differing data format and codec tag exist
2441 (codec_tag != AV_RL32("AV1x") || format != AV_RL32("AVup")) &&
2442 // prores is allowed to have differing data format and codec tag
2443 codec_tag != AV_RL32("apcn") && codec_tag != AV_RL32("apch") &&
2444 // so is dv (sigh)
2445 codec_tag != AV_RL32("dvpp") && codec_tag != AV_RL32("dvcp") &&
2446 (c->fc->video_codec_id ? video_codec_id != c->fc->video_codec_id
2447 : codec_tag != MKTAG('j','p','e','g')))) {
2448 /* Multiple fourcc, we skip JPEG. This is not correct, we should
2449 * export it as a separate AVStream but this needs a few changes
2450 * in the MOV demuxer, patch welcome. */
2451
2452 av_log(c->fc, AV_LOG_WARNING, "multiple fourcc not supported\n");
2453 avio_skip(pb, size);
2454 return 1;
2455 }
2456
2457 return 0;
2458 }
2459
ff_mov_read_stsd_entries(MOVContext * c,AVIOContext * pb,int entries)2460 int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
2461 {
2462 AVStream *st;
2463 MOVStreamContext *sc;
2464 int pseudo_stream_id;
2465
2466 av_assert0 (c->fc->nb_streams >= 1);
2467 st = c->fc->streams[c->fc->nb_streams-1];
2468 sc = st->priv_data;
2469
2470 for (pseudo_stream_id = 0;
2471 pseudo_stream_id < entries && !pb->eof_reached;
2472 pseudo_stream_id++) {
2473 //Parsing Sample description table
2474 enum AVCodecID id;
2475 int ret, dref_id = 1;
2476 MOVAtom a = { AV_RL32("stsd") };
2477 int64_t start_pos = avio_tell(pb);
2478 int64_t size = avio_rb32(pb); /* size */
2479 uint32_t format = avio_rl32(pb); /* data format */
2480
2481 if (size >= 16) {
2482 avio_rb32(pb); /* reserved */
2483 avio_rb16(pb); /* reserved */
2484 dref_id = avio_rb16(pb);
2485 } else if (size <= 7) {
2486 av_log(c->fc, AV_LOG_ERROR,
2487 "invalid size %"PRId64" in stsd\n", size);
2488 return AVERROR_INVALIDDATA;
2489 }
2490
2491 if (mov_skip_multiple_stsd(c, pb, st->codecpar->codec_tag, format,
2492 size - (avio_tell(pb) - start_pos))) {
2493 sc->stsd_count++;
2494 continue;
2495 }
2496
2497 sc->pseudo_stream_id = st->codecpar->codec_tag ? -1 : pseudo_stream_id;
2498 sc->dref_id= dref_id;
2499 sc->format = format;
2500
2501 id = mov_codec_id(st, format);
2502
2503 av_log(c->fc, AV_LOG_TRACE,
2504 "size=%"PRId64" 4CC=%s codec_type=%d\n", size,
2505 av_fourcc2str(format), st->codecpar->codec_type);
2506
2507 st->codecpar->codec_id = id;
2508 if (st->codecpar->codec_type==AVMEDIA_TYPE_VIDEO) {
2509 mov_parse_stsd_video(c, pb, st, sc);
2510 } else if (st->codecpar->codec_type==AVMEDIA_TYPE_AUDIO) {
2511 mov_parse_stsd_audio(c, pb, st, sc);
2512 if (st->codecpar->sample_rate < 0) {
2513 av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
2514 return AVERROR_INVALIDDATA;
2515 }
2516 } else if (st->codecpar->codec_type==AVMEDIA_TYPE_SUBTITLE){
2517 mov_parse_stsd_subtitle(c, pb, st, sc,
2518 size - (avio_tell(pb) - start_pos));
2519 } else {
2520 ret = mov_parse_stsd_data(c, pb, st, sc,
2521 size - (avio_tell(pb) - start_pos));
2522 if (ret < 0)
2523 return ret;
2524 }
2525 /* this will read extra atoms at the end (wave, alac, damr, avcC, hvcC, SMI ...) */
2526 a.size = size - (avio_tell(pb) - start_pos);
2527 if (a.size > 8) {
2528 if ((ret = mov_read_default(c, pb, a)) < 0)
2529 return ret;
2530 } else if (a.size > 0)
2531 avio_skip(pb, a.size);
2532
2533 if (sc->extradata && st->codecpar->extradata) {
2534 int extra_size = st->codecpar->extradata_size;
2535
2536 /* Move the current stream extradata to the stream context one. */
2537 sc->extradata_size[pseudo_stream_id] = extra_size;
2538 sc->extradata[pseudo_stream_id] = av_malloc(extra_size + AV_INPUT_BUFFER_PADDING_SIZE);
2539 if (!sc->extradata[pseudo_stream_id])
2540 return AVERROR(ENOMEM);
2541 memcpy(sc->extradata[pseudo_stream_id], st->codecpar->extradata, extra_size);
2542 av_freep(&st->codecpar->extradata);
2543 st->codecpar->extradata_size = 0;
2544 }
2545 sc->stsd_count++;
2546 }
2547
2548 if (pb->eof_reached) {
2549 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSD atom\n");
2550 return AVERROR_EOF;
2551 }
2552
2553 return 0;
2554 }
2555
mov_read_stsd(MOVContext * c,AVIOContext * pb,MOVAtom atom)2556 static int mov_read_stsd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2557 {
2558 AVStream *st;
2559 MOVStreamContext *sc;
2560 int ret, entries;
2561
2562 if (c->fc->nb_streams < 1)
2563 return 0;
2564 st = c->fc->streams[c->fc->nb_streams - 1];
2565 sc = st->priv_data;
2566
2567 sc->stsd_version = avio_r8(pb);
2568 avio_rb24(pb); /* flags */
2569 entries = avio_rb32(pb);
2570
2571 /* Each entry contains a size (4 bytes) and format (4 bytes). */
2572 if (entries <= 0 || entries > atom.size / 8) {
2573 av_log(c->fc, AV_LOG_ERROR, "invalid STSD entries %d\n", entries);
2574 return AVERROR_INVALIDDATA;
2575 }
2576
2577 if (sc->extradata) {
2578 av_log(c->fc, AV_LOG_ERROR,
2579 "Duplicate stsd found in this track.\n");
2580 return AVERROR_INVALIDDATA;
2581 }
2582
2583 /* Prepare space for hosting multiple extradata. */
2584 sc->extradata = av_mallocz_array(entries, sizeof(*sc->extradata));
2585 if (!sc->extradata)
2586 return AVERROR(ENOMEM);
2587
2588 sc->extradata_size = av_mallocz_array(entries, sizeof(*sc->extradata_size));
2589 if (!sc->extradata_size) {
2590 ret = AVERROR(ENOMEM);
2591 goto fail;
2592 }
2593
2594 ret = ff_mov_read_stsd_entries(c, pb, entries);
2595 if (ret < 0)
2596 goto fail;
2597
2598 /* Restore back the primary extradata. */
2599 av_freep(&st->codecpar->extradata);
2600 st->codecpar->extradata_size = sc->extradata_size[0];
2601 if (sc->extradata_size[0]) {
2602 st->codecpar->extradata = av_mallocz(sc->extradata_size[0] + AV_INPUT_BUFFER_PADDING_SIZE);
2603 if (!st->codecpar->extradata)
2604 return AVERROR(ENOMEM);
2605 memcpy(st->codecpar->extradata, sc->extradata[0], sc->extradata_size[0]);
2606 }
2607
2608 return mov_finalize_stsd_codec(c, pb, st, sc);
2609 fail:
2610 if (sc->extradata) {
2611 int j;
2612 for (j = 0; j < sc->stsd_count; j++)
2613 av_freep(&sc->extradata[j]);
2614 }
2615
2616 av_freep(&sc->extradata);
2617 av_freep(&sc->extradata_size);
2618 return ret;
2619 }
2620
mov_read_stsc(MOVContext * c,AVIOContext * pb,MOVAtom atom)2621 static int mov_read_stsc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2622 {
2623 AVStream *st;
2624 MOVStreamContext *sc;
2625 unsigned int i, entries;
2626
2627 if (c->fc->nb_streams < 1)
2628 return 0;
2629 st = c->fc->streams[c->fc->nb_streams-1];
2630 sc = st->priv_data;
2631
2632 avio_r8(pb); /* version */
2633 avio_rb24(pb); /* flags */
2634
2635 entries = avio_rb32(pb);
2636 if ((uint64_t)entries * 12 + 4 > atom.size)
2637 return AVERROR_INVALIDDATA;
2638
2639 av_log(c->fc, AV_LOG_TRACE, "track[%u].stsc.entries = %u\n", c->fc->nb_streams - 1, entries);
2640
2641 if (!entries)
2642 return 0;
2643 if (sc->stsc_data)
2644 av_log(c->fc, AV_LOG_WARNING, "Duplicated STSC atom\n");
2645 av_free(sc->stsc_data);
2646 sc->stsc_count = 0;
2647 sc->stsc_data = av_malloc_array(entries, sizeof(*sc->stsc_data));
2648 if (!sc->stsc_data)
2649 return AVERROR(ENOMEM);
2650
2651 for (i = 0; i < entries && !pb->eof_reached; i++) {
2652 sc->stsc_data[i].first = avio_rb32(pb);
2653 sc->stsc_data[i].count = avio_rb32(pb);
2654 sc->stsc_data[i].id = avio_rb32(pb);
2655 }
2656
2657 sc->stsc_count = i;
2658 for (i = sc->stsc_count - 1; i < UINT_MAX; i--) {
2659 int64_t first_min = i + 1;
2660 if ((i+1 < sc->stsc_count && sc->stsc_data[i].first >= sc->stsc_data[i+1].first) ||
2661 (i > 0 && sc->stsc_data[i].first <= sc->stsc_data[i-1].first) ||
2662 sc->stsc_data[i].first < first_min ||
2663 sc->stsc_data[i].count < 1 ||
2664 sc->stsc_data[i].id < 1) {
2665 av_log(c->fc, AV_LOG_WARNING, "STSC entry %d is invalid (first=%d count=%d id=%d)\n", i, sc->stsc_data[i].first, sc->stsc_data[i].count, sc->stsc_data[i].id);
2666 if (i+1 >= sc->stsc_count) {
2667 sc->stsc_data[i].first = FFMAX(sc->stsc_data[i].first, first_min);
2668 if (i > 0 && sc->stsc_data[i].first <= sc->stsc_data[i-1].first)
2669 sc->stsc_data[i].first = FFMIN(sc->stsc_data[i-1].first + 1LL, INT_MAX);
2670 sc->stsc_data[i].count = FFMAX(sc->stsc_data[i].count, 1);
2671 sc->stsc_data[i].id = FFMAX(sc->stsc_data[i].id, 1);
2672 continue;
2673 }
2674 av_assert0(sc->stsc_data[i+1].first >= 2);
2675 // We replace this entry by the next valid
2676 sc->stsc_data[i].first = sc->stsc_data[i+1].first - 1;
2677 sc->stsc_data[i].count = sc->stsc_data[i+1].count;
2678 sc->stsc_data[i].id = sc->stsc_data[i+1].id;
2679 }
2680 }
2681
2682 if (pb->eof_reached) {
2683 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSC atom\n");
2684 return AVERROR_EOF;
2685 }
2686
2687 return 0;
2688 }
2689
mov_stsc_index_valid(unsigned int index,unsigned int count)2690 static inline int mov_stsc_index_valid(unsigned int index, unsigned int count)
2691 {
2692 return index < count - 1;
2693 }
2694
2695 /* Compute the samples value for the stsc entry at the given index. */
mov_get_stsc_samples(MOVStreamContext * sc,unsigned int index)2696 static inline int64_t mov_get_stsc_samples(MOVStreamContext *sc, unsigned int index)
2697 {
2698 int chunk_count;
2699
2700 if (mov_stsc_index_valid(index, sc->stsc_count))
2701 chunk_count = sc->stsc_data[index + 1].first - sc->stsc_data[index].first;
2702 else {
2703 // Validation for stsc / stco happens earlier in mov_read_stsc + mov_read_trak.
2704 av_assert0(sc->stsc_data[index].first <= sc->chunk_count);
2705 chunk_count = sc->chunk_count - (sc->stsc_data[index].first - 1);
2706 }
2707
2708 return sc->stsc_data[index].count * (int64_t)chunk_count;
2709 }
2710
mov_read_stps(MOVContext * c,AVIOContext * pb,MOVAtom atom)2711 static int mov_read_stps(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2712 {
2713 AVStream *st;
2714 MOVStreamContext *sc;
2715 unsigned i, entries;
2716
2717 if (c->fc->nb_streams < 1)
2718 return 0;
2719 st = c->fc->streams[c->fc->nb_streams-1];
2720 sc = st->priv_data;
2721
2722 avio_rb32(pb); // version + flags
2723
2724 entries = avio_rb32(pb);
2725 if (sc->stps_data)
2726 av_log(c->fc, AV_LOG_WARNING, "Duplicated STPS atom\n");
2727 av_free(sc->stps_data);
2728 sc->stps_count = 0;
2729 sc->stps_data = av_malloc_array(entries, sizeof(*sc->stps_data));
2730 if (!sc->stps_data)
2731 return AVERROR(ENOMEM);
2732
2733 for (i = 0; i < entries && !pb->eof_reached; i++) {
2734 sc->stps_data[i] = avio_rb32(pb);
2735 }
2736
2737 sc->stps_count = i;
2738
2739 if (pb->eof_reached) {
2740 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STPS atom\n");
2741 return AVERROR_EOF;
2742 }
2743
2744 return 0;
2745 }
2746
mov_read_stss(MOVContext * c,AVIOContext * pb,MOVAtom atom)2747 static int mov_read_stss(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2748 {
2749 AVStream *st;
2750 MOVStreamContext *sc;
2751 unsigned int i, entries;
2752
2753 if (c->fc->nb_streams < 1)
2754 return 0;
2755 st = c->fc->streams[c->fc->nb_streams-1];
2756 sc = st->priv_data;
2757
2758 avio_r8(pb); /* version */
2759 avio_rb24(pb); /* flags */
2760
2761 entries = avio_rb32(pb);
2762
2763 av_log(c->fc, AV_LOG_TRACE, "keyframe_count = %u\n", entries);
2764
2765 if (!entries)
2766 {
2767 sc->keyframe_absent = 1;
2768 if (!st->need_parsing && st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO)
2769 st->need_parsing = AVSTREAM_PARSE_HEADERS;
2770 return 0;
2771 }
2772 if (sc->keyframes)
2773 av_log(c->fc, AV_LOG_WARNING, "Duplicated STSS atom\n");
2774 if (entries >= UINT_MAX / sizeof(int))
2775 return AVERROR_INVALIDDATA;
2776 av_freep(&sc->keyframes);
2777 sc->keyframe_count = 0;
2778 sc->keyframes = av_malloc_array(entries, sizeof(*sc->keyframes));
2779 if (!sc->keyframes)
2780 return AVERROR(ENOMEM);
2781
2782 for (i = 0; i < entries && !pb->eof_reached; i++) {
2783 sc->keyframes[i] = avio_rb32(pb);
2784 }
2785
2786 sc->keyframe_count = i;
2787
2788 if (pb->eof_reached) {
2789 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSS atom\n");
2790 return AVERROR_EOF;
2791 }
2792
2793 return 0;
2794 }
2795
mov_read_stsz(MOVContext * c,AVIOContext * pb,MOVAtom atom)2796 static int mov_read_stsz(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2797 {
2798 AVStream *st;
2799 MOVStreamContext *sc;
2800 unsigned int i, entries, sample_size, field_size, num_bytes;
2801 GetBitContext gb;
2802 unsigned char* buf;
2803 int ret;
2804
2805 if (c->fc->nb_streams < 1)
2806 return 0;
2807 st = c->fc->streams[c->fc->nb_streams-1];
2808 sc = st->priv_data;
2809
2810 avio_r8(pb); /* version */
2811 avio_rb24(pb); /* flags */
2812
2813 if (atom.type == MKTAG('s','t','s','z')) {
2814 sample_size = avio_rb32(pb);
2815 if (!sc->sample_size) /* do not overwrite value computed in stsd */
2816 sc->sample_size = sample_size;
2817 sc->stsz_sample_size = sample_size;
2818 field_size = 32;
2819 } else {
2820 sample_size = 0;
2821 avio_rb24(pb); /* reserved */
2822 field_size = avio_r8(pb);
2823 }
2824 entries = avio_rb32(pb);
2825
2826 av_log(c->fc, AV_LOG_TRACE, "sample_size = %u sample_count = %u\n", sc->sample_size, entries);
2827
2828 sc->sample_count = entries;
2829 if (sample_size)
2830 return 0;
2831
2832 if (field_size != 4 && field_size != 8 && field_size != 16 && field_size != 32) {
2833 av_log(c->fc, AV_LOG_ERROR, "Invalid sample field size %u\n", field_size);
2834 return AVERROR_INVALIDDATA;
2835 }
2836
2837 if (!entries)
2838 return 0;
2839 if (entries >= (UINT_MAX - 4) / field_size)
2840 return AVERROR_INVALIDDATA;
2841 if (sc->sample_sizes)
2842 av_log(c->fc, AV_LOG_WARNING, "Duplicated STSZ atom\n");
2843 av_free(sc->sample_sizes);
2844 sc->sample_count = 0;
2845 sc->sample_sizes = av_malloc_array(entries, sizeof(*sc->sample_sizes));
2846 if (!sc->sample_sizes)
2847 return AVERROR(ENOMEM);
2848
2849 num_bytes = (entries*field_size+4)>>3;
2850
2851 buf = av_malloc(num_bytes+AV_INPUT_BUFFER_PADDING_SIZE);
2852 if (!buf) {
2853 av_freep(&sc->sample_sizes);
2854 return AVERROR(ENOMEM);
2855 }
2856
2857 ret = ffio_read_size(pb, buf, num_bytes);
2858 if (ret < 0) {
2859 av_freep(&sc->sample_sizes);
2860 av_free(buf);
2861 av_log(c->fc, AV_LOG_WARNING, "STSZ atom truncated\n");
2862 return 0;
2863 }
2864
2865 init_get_bits(&gb, buf, 8*num_bytes);
2866
2867 for (i = 0; i < entries && !pb->eof_reached; i++) {
2868 sc->sample_sizes[i] = get_bits_long(&gb, field_size);
2869 sc->data_size += sc->sample_sizes[i];
2870 }
2871
2872 sc->sample_count = i;
2873
2874 av_free(buf);
2875
2876 if (pb->eof_reached) {
2877 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSZ atom\n");
2878 return AVERROR_EOF;
2879 }
2880
2881 return 0;
2882 }
2883
mov_read_stts(MOVContext * c,AVIOContext * pb,MOVAtom atom)2884 static int mov_read_stts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2885 {
2886 AVStream *st;
2887 MOVStreamContext *sc;
2888 unsigned int i, entries, alloc_size = 0;
2889 int64_t duration=0;
2890 int64_t total_sample_count=0;
2891
2892 if (c->fc->nb_streams < 1)
2893 return 0;
2894 st = c->fc->streams[c->fc->nb_streams-1];
2895 sc = st->priv_data;
2896
2897 avio_r8(pb); /* version */
2898 avio_rb24(pb); /* flags */
2899 entries = avio_rb32(pb);
2900
2901 av_log(c->fc, AV_LOG_TRACE, "track[%u].stts.entries = %u\n",
2902 c->fc->nb_streams-1, entries);
2903
2904 if (sc->stts_data)
2905 av_log(c->fc, AV_LOG_WARNING, "Duplicated STTS atom\n");
2906 av_freep(&sc->stts_data);
2907 sc->stts_count = 0;
2908 if (entries >= INT_MAX / sizeof(*sc->stts_data))
2909 return AVERROR(ENOMEM);
2910
2911 for (i = 0; i < entries && !pb->eof_reached; i++) {
2912 int sample_duration;
2913 unsigned int sample_count;
2914 unsigned int min_entries = FFMIN(FFMAX(i + 1, 1024 * 1024), entries);
2915 MOVStts *stts_data = av_fast_realloc(sc->stts_data, &alloc_size,
2916 min_entries * sizeof(*sc->stts_data));
2917 if (!stts_data) {
2918 av_freep(&sc->stts_data);
2919 sc->stts_count = 0;
2920 return AVERROR(ENOMEM);
2921 }
2922 sc->stts_count = min_entries;
2923 sc->stts_data = stts_data;
2924
2925 sample_count=avio_rb32(pb);
2926 sample_duration = avio_rb32(pb);
2927
2928 sc->stts_data[i].count= sample_count;
2929 sc->stts_data[i].duration= sample_duration;
2930
2931 av_log(c->fc, AV_LOG_TRACE, "sample_count=%d, sample_duration=%d\n",
2932 sample_count, sample_duration);
2933
2934 if ( i+1 == entries
2935 && i
2936 && sample_count == 1
2937 && total_sample_count > 100
2938 && sample_duration/10 > duration / total_sample_count)
2939 sample_duration = duration / total_sample_count;
2940 duration+=(int64_t)sample_duration*(uint64_t)sample_count;
2941 total_sample_count+=sample_count;
2942 }
2943
2944 sc->stts_count = i;
2945
2946 if (duration > 0 &&
2947 duration <= INT64_MAX - sc->duration_for_fps &&
2948 total_sample_count <= INT64_MAX - sc->nb_frames_for_fps
2949 ) {
2950 sc->duration_for_fps += duration;
2951 sc->nb_frames_for_fps += total_sample_count;
2952 }
2953
2954 if (pb->eof_reached) {
2955 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STTS atom\n");
2956 return AVERROR_EOF;
2957 }
2958
2959 st->nb_frames= total_sample_count;
2960 if (duration)
2961 st->duration= FFMIN(st->duration, duration);
2962 sc->track_end = duration;
2963 return 0;
2964 }
2965
mov_update_dts_shift(MOVStreamContext * sc,int duration)2966 static void mov_update_dts_shift(MOVStreamContext *sc, int duration)
2967 {
2968 if (duration < 0) {
2969 if (duration == INT_MIN) {
2970 av_log(NULL, AV_LOG_WARNING, "mov_update_dts_shift(): dts_shift set to %d\n", INT_MAX);
2971 duration++;
2972 }
2973 sc->dts_shift = FFMAX(sc->dts_shift, -duration);
2974 }
2975 }
2976
mov_read_ctts(MOVContext * c,AVIOContext * pb,MOVAtom atom)2977 static int mov_read_ctts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2978 {
2979 AVStream *st;
2980 MOVStreamContext *sc;
2981 unsigned int i, entries, ctts_count = 0;
2982
2983 if (c->fc->nb_streams < 1)
2984 return 0;
2985 st = c->fc->streams[c->fc->nb_streams-1];
2986 sc = st->priv_data;
2987
2988 avio_r8(pb); /* version */
2989 avio_rb24(pb); /* flags */
2990 entries = avio_rb32(pb);
2991
2992 av_log(c->fc, AV_LOG_TRACE, "track[%u].ctts.entries = %u\n", c->fc->nb_streams - 1, entries);
2993
2994 if (!entries)
2995 return 0;
2996 if (entries >= UINT_MAX / sizeof(*sc->ctts_data))
2997 return AVERROR_INVALIDDATA;
2998 av_freep(&sc->ctts_data);
2999 sc->ctts_data = av_fast_realloc(NULL, &sc->ctts_allocated_size, entries * sizeof(*sc->ctts_data));
3000 if (!sc->ctts_data)
3001 return AVERROR(ENOMEM);
3002
3003 for (i = 0; i < entries && !pb->eof_reached; i++) {
3004 int count =avio_rb32(pb);
3005 int duration =avio_rb32(pb);
3006
3007 if (count <= 0) {
3008 av_log(c->fc, AV_LOG_TRACE,
3009 "ignoring CTTS entry with count=%d duration=%d\n",
3010 count, duration);
3011 continue;
3012 }
3013
3014 add_ctts_entry(&sc->ctts_data, &ctts_count, &sc->ctts_allocated_size,
3015 count, duration);
3016
3017 av_log(c->fc, AV_LOG_TRACE, "count=%d, duration=%d\n",
3018 count, duration);
3019
3020 if (FFNABS(duration) < -(1<<28) && i+2<entries) {
3021 av_log(c->fc, AV_LOG_WARNING, "CTTS invalid\n");
3022 av_freep(&sc->ctts_data);
3023 sc->ctts_count = 0;
3024 return 0;
3025 }
3026
3027 if (i+2<entries)
3028 mov_update_dts_shift(sc, duration);
3029 }
3030
3031 sc->ctts_count = ctts_count;
3032
3033 if (pb->eof_reached) {
3034 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted CTTS atom\n");
3035 return AVERROR_EOF;
3036 }
3037
3038 av_log(c->fc, AV_LOG_TRACE, "dts shift %d\n", sc->dts_shift);
3039
3040 return 0;
3041 }
3042
mov_read_sbgp(MOVContext * c,AVIOContext * pb,MOVAtom atom)3043 static int mov_read_sbgp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3044 {
3045 AVStream *st;
3046 MOVStreamContext *sc;
3047 unsigned int i, entries;
3048 uint8_t version;
3049 uint32_t grouping_type;
3050
3051 if (c->fc->nb_streams < 1)
3052 return 0;
3053 st = c->fc->streams[c->fc->nb_streams-1];
3054 sc = st->priv_data;
3055
3056 version = avio_r8(pb); /* version */
3057 avio_rb24(pb); /* flags */
3058 grouping_type = avio_rl32(pb);
3059 if (grouping_type != MKTAG( 'r','a','p',' '))
3060 return 0; /* only support 'rap ' grouping */
3061 if (version == 1)
3062 avio_rb32(pb); /* grouping_type_parameter */
3063
3064 entries = avio_rb32(pb);
3065 if (!entries)
3066 return 0;
3067 if (sc->rap_group)
3068 av_log(c->fc, AV_LOG_WARNING, "Duplicated SBGP atom\n");
3069 av_free(sc->rap_group);
3070 sc->rap_group_count = 0;
3071 sc->rap_group = av_malloc_array(entries, sizeof(*sc->rap_group));
3072 if (!sc->rap_group)
3073 return AVERROR(ENOMEM);
3074
3075 for (i = 0; i < entries && !pb->eof_reached; i++) {
3076 sc->rap_group[i].count = avio_rb32(pb); /* sample_count */
3077 sc->rap_group[i].index = avio_rb32(pb); /* group_description_index */
3078 }
3079
3080 sc->rap_group_count = i;
3081
3082 if (pb->eof_reached) {
3083 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted SBGP atom\n");
3084 return AVERROR_EOF;
3085 }
3086
3087 return 0;
3088 }
3089
3090 /**
3091 * Get ith edit list entry (media time, duration).
3092 */
get_edit_list_entry(MOVContext * mov,const MOVStreamContext * msc,unsigned int edit_list_index,int64_t * edit_list_media_time,int64_t * edit_list_duration,int64_t global_timescale)3093 static int get_edit_list_entry(MOVContext *mov,
3094 const MOVStreamContext *msc,
3095 unsigned int edit_list_index,
3096 int64_t *edit_list_media_time,
3097 int64_t *edit_list_duration,
3098 int64_t global_timescale)
3099 {
3100 if (edit_list_index == msc->elst_count) {
3101 return 0;
3102 }
3103 *edit_list_media_time = msc->elst_data[edit_list_index].time;
3104 *edit_list_duration = msc->elst_data[edit_list_index].duration;
3105
3106 /* duration is in global timescale units;convert to msc timescale */
3107 if (global_timescale == 0) {
3108 avpriv_request_sample(mov->fc, "Support for mvhd.timescale = 0 with editlists");
3109 return 0;
3110 }
3111 *edit_list_duration = av_rescale(*edit_list_duration, msc->time_scale,
3112 global_timescale);
3113 return 1;
3114 }
3115
3116 /**
3117 * Find the closest previous frame to the timestamp_pts, in e_old index
3118 * entries. Searching for just any frame / just key frames can be controlled by
3119 * last argument 'flag'.
3120 * Note that if ctts_data is not NULL, we will always search for a key frame
3121 * irrespective of the value of 'flag'. If we don't find any keyframe, we will
3122 * return the first frame of the video.
3123 *
3124 * Here the timestamp_pts is considered to be a presentation timestamp and
3125 * the timestamp of index entries are considered to be decoding timestamps.
3126 *
3127 * Returns 0 if successful in finding a frame, else returns -1.
3128 * Places the found index corresponding output arg.
3129 *
3130 * If ctts_old is not NULL, then refines the searched entry by searching
3131 * backwards from the found timestamp, to find the frame with correct PTS.
3132 *
3133 * Places the found ctts_index and ctts_sample in corresponding output args.
3134 */
find_prev_closest_index(AVStream * st,AVIndexEntry * e_old,int nb_old,MOVStts * ctts_data,int64_t ctts_count,int64_t timestamp_pts,int flag,int64_t * index,int64_t * ctts_index,int64_t * ctts_sample)3135 static int find_prev_closest_index(AVStream *st,
3136 AVIndexEntry *e_old,
3137 int nb_old,
3138 MOVStts* ctts_data,
3139 int64_t ctts_count,
3140 int64_t timestamp_pts,
3141 int flag,
3142 int64_t* index,
3143 int64_t* ctts_index,
3144 int64_t* ctts_sample)
3145 {
3146 MOVStreamContext *msc = st->priv_data;
3147 AVIndexEntry *e_keep = st->index_entries;
3148 int nb_keep = st->nb_index_entries;
3149 int64_t i = 0;
3150 int64_t index_ctts_count;
3151
3152 av_assert0(index);
3153
3154 // If dts_shift > 0, then all the index timestamps will have to be offset by
3155 // at least dts_shift amount to obtain PTS.
3156 // Hence we decrement the searched timestamp_pts by dts_shift to find the closest index element.
3157 if (msc->dts_shift > 0) {
3158 timestamp_pts -= msc->dts_shift;
3159 }
3160
3161 st->index_entries = e_old;
3162 st->nb_index_entries = nb_old;
3163 *index = av_index_search_timestamp(st, timestamp_pts, flag | AVSEEK_FLAG_BACKWARD);
3164
3165 // Keep going backwards in the index entries until the timestamp is the same.
3166 if (*index >= 0) {
3167 for (i = *index; i > 0 && e_old[i].timestamp == e_old[i - 1].timestamp;
3168 i--) {
3169 if ((flag & AVSEEK_FLAG_ANY) ||
3170 (e_old[i - 1].flags & AVINDEX_KEYFRAME)) {
3171 *index = i - 1;
3172 }
3173 }
3174 }
3175
3176 // If we have CTTS then refine the search, by searching backwards over PTS
3177 // computed by adding corresponding CTTS durations to index timestamps.
3178 if (ctts_data && *index >= 0) {
3179 av_assert0(ctts_index);
3180 av_assert0(ctts_sample);
3181 // Find out the ctts_index for the found frame.
3182 *ctts_index = 0;
3183 *ctts_sample = 0;
3184 for (index_ctts_count = 0; index_ctts_count < *index; index_ctts_count++) {
3185 if (*ctts_index < ctts_count) {
3186 (*ctts_sample)++;
3187 if (ctts_data[*ctts_index].count == *ctts_sample) {
3188 (*ctts_index)++;
3189 *ctts_sample = 0;
3190 }
3191 }
3192 }
3193
3194 while (*index >= 0 && (*ctts_index) >= 0 && (*ctts_index) < ctts_count) {
3195 // Find a "key frame" with PTS <= timestamp_pts (So that we can decode B-frames correctly).
3196 // No need to add dts_shift to the timestamp here becase timestamp_pts has already been
3197 // compensated by dts_shift above.
3198 if ((e_old[*index].timestamp + ctts_data[*ctts_index].duration) <= timestamp_pts &&
3199 (e_old[*index].flags & AVINDEX_KEYFRAME)) {
3200 break;
3201 }
3202
3203 (*index)--;
3204 if (*ctts_sample == 0) {
3205 (*ctts_index)--;
3206 if (*ctts_index >= 0)
3207 *ctts_sample = ctts_data[*ctts_index].count - 1;
3208 } else {
3209 (*ctts_sample)--;
3210 }
3211 }
3212 }
3213
3214 /* restore AVStream state*/
3215 st->index_entries = e_keep;
3216 st->nb_index_entries = nb_keep;
3217 return *index >= 0 ? 0 : -1;
3218 }
3219
3220 /**
3221 * Add index entry with the given values, to the end of st->index_entries.
3222 * Returns the new size st->index_entries if successful, else returns -1.
3223 *
3224 * This function is similar to ff_add_index_entry in libavformat/utils.c
3225 * except that here we are always unconditionally adding an index entry to
3226 * the end, instead of searching the entries list and skipping the add if
3227 * there is an existing entry with the same timestamp.
3228 * This is needed because the mov_fix_index calls this func with the same
3229 * unincremented timestamp for successive discarded frames.
3230 */
add_index_entry(AVStream * st,int64_t pos,int64_t timestamp,int size,int distance,int flags)3231 static int64_t add_index_entry(AVStream *st, int64_t pos, int64_t timestamp,
3232 int size, int distance, int flags)
3233 {
3234 AVIndexEntry *entries, *ie;
3235 int64_t index = -1;
3236 const size_t min_size_needed = (st->nb_index_entries + 1) * sizeof(AVIndexEntry);
3237
3238 // Double the allocation each time, to lower memory fragmentation.
3239 // Another difference from ff_add_index_entry function.
3240 const size_t requested_size =
3241 min_size_needed > st->index_entries_allocated_size ?
3242 FFMAX(min_size_needed, 2 * st->index_entries_allocated_size) :
3243 min_size_needed;
3244
3245 if((unsigned)st->nb_index_entries + 1 >= UINT_MAX / sizeof(AVIndexEntry))
3246 return -1;
3247
3248 entries = av_fast_realloc(st->index_entries,
3249 &st->index_entries_allocated_size,
3250 requested_size);
3251 if(!entries)
3252 return -1;
3253
3254 st->index_entries= entries;
3255
3256 index= st->nb_index_entries++;
3257 ie= &entries[index];
3258
3259 ie->pos = pos;
3260 ie->timestamp = timestamp;
3261 ie->min_distance= distance;
3262 ie->size= size;
3263 ie->flags = flags;
3264 return index;
3265 }
3266
3267 /**
3268 * Rewrite timestamps of index entries in the range [end_index - frame_duration_buffer_size, end_index)
3269 * by subtracting end_ts successively by the amounts given in frame_duration_buffer.
3270 */
fix_index_entry_timestamps(AVStream * st,int end_index,int64_t end_ts,int64_t * frame_duration_buffer,int frame_duration_buffer_size)3271 static void fix_index_entry_timestamps(AVStream* st, int end_index, int64_t end_ts,
3272 int64_t* frame_duration_buffer,
3273 int frame_duration_buffer_size) {
3274 int i = 0;
3275 av_assert0(end_index >= 0 && end_index <= st->nb_index_entries);
3276 for (i = 0; i < frame_duration_buffer_size; i++) {
3277 end_ts -= frame_duration_buffer[frame_duration_buffer_size - 1 - i];
3278 st->index_entries[end_index - 1 - i].timestamp = end_ts;
3279 }
3280 }
3281
3282 /**
3283 * Append a new ctts entry to ctts_data.
3284 * Returns the new ctts_count if successful, else returns -1.
3285 */
add_ctts_entry(MOVStts ** ctts_data,unsigned int * ctts_count,unsigned int * allocated_size,int count,int duration)3286 static int64_t add_ctts_entry(MOVStts** ctts_data, unsigned int* ctts_count, unsigned int* allocated_size,
3287 int count, int duration)
3288 {
3289 MOVStts *ctts_buf_new;
3290 const size_t min_size_needed = (*ctts_count + 1) * sizeof(MOVStts);
3291 const size_t requested_size =
3292 min_size_needed > *allocated_size ?
3293 FFMAX(min_size_needed, 2 * (*allocated_size)) :
3294 min_size_needed;
3295
3296 if((unsigned)(*ctts_count) >= UINT_MAX / sizeof(MOVStts) - 1)
3297 return -1;
3298
3299 ctts_buf_new = av_fast_realloc(*ctts_data, allocated_size, requested_size);
3300
3301 if(!ctts_buf_new)
3302 return -1;
3303
3304 *ctts_data = ctts_buf_new;
3305
3306 ctts_buf_new[*ctts_count].count = count;
3307 ctts_buf_new[*ctts_count].duration = duration;
3308
3309 *ctts_count = (*ctts_count) + 1;
3310 return *ctts_count;
3311 }
3312
3313 #define MAX_REORDER_DELAY 16
mov_estimate_video_delay(MOVContext * c,AVStream * st)3314 static void mov_estimate_video_delay(MOVContext *c, AVStream* st) {
3315 MOVStreamContext *msc = st->priv_data;
3316 int ind;
3317 int ctts_ind = 0;
3318 int ctts_sample = 0;
3319 int64_t pts_buf[MAX_REORDER_DELAY + 1]; // Circular buffer to sort pts.
3320 int buf_start = 0;
3321 int j, r, num_swaps;
3322
3323 for (j = 0; j < MAX_REORDER_DELAY + 1; j++)
3324 pts_buf[j] = INT64_MIN;
3325
3326 if (st->codecpar->video_delay <= 0 && msc->ctts_data &&
3327 st->codecpar->codec_id == AV_CODEC_ID_H264) {
3328 st->codecpar->video_delay = 0;
3329 for(ind = 0; ind < st->nb_index_entries && ctts_ind < msc->ctts_count; ++ind) {
3330 // Point j to the last elem of the buffer and insert the current pts there.
3331 j = buf_start;
3332 buf_start = (buf_start + 1);
3333 if (buf_start == MAX_REORDER_DELAY + 1)
3334 buf_start = 0;
3335
3336 pts_buf[j] = st->index_entries[ind].timestamp + msc->ctts_data[ctts_ind].duration;
3337
3338 // The timestamps that are already in the sorted buffer, and are greater than the
3339 // current pts, are exactly the timestamps that need to be buffered to output PTS
3340 // in correct sorted order.
3341 // Hence the video delay (which is the buffer size used to sort DTS and output PTS),
3342 // can be computed as the maximum no. of swaps any particular timestamp needs to
3343 // go through, to keep this buffer in sorted order.
3344 num_swaps = 0;
3345 while (j != buf_start) {
3346 r = j - 1;
3347 if (r < 0) r = MAX_REORDER_DELAY;
3348 if (pts_buf[j] < pts_buf[r]) {
3349 FFSWAP(int64_t, pts_buf[j], pts_buf[r]);
3350 ++num_swaps;
3351 } else {
3352 break;
3353 }
3354 j = r;
3355 }
3356 st->codecpar->video_delay = FFMAX(st->codecpar->video_delay, num_swaps);
3357
3358 ctts_sample++;
3359 if (ctts_sample == msc->ctts_data[ctts_ind].count) {
3360 ctts_ind++;
3361 ctts_sample = 0;
3362 }
3363 }
3364 av_log(c->fc, AV_LOG_DEBUG, "Setting codecpar->delay to %d for stream st: %d\n",
3365 st->codecpar->video_delay, st->index);
3366 }
3367 }
3368
mov_current_sample_inc(MOVStreamContext * sc)3369 static void mov_current_sample_inc(MOVStreamContext *sc)
3370 {
3371 sc->current_sample++;
3372 sc->current_index++;
3373 if (sc->index_ranges &&
3374 sc->current_index >= sc->current_index_range->end &&
3375 sc->current_index_range->end) {
3376 sc->current_index_range++;
3377 sc->current_index = sc->current_index_range->start;
3378 }
3379 }
3380
mov_current_sample_dec(MOVStreamContext * sc)3381 static void mov_current_sample_dec(MOVStreamContext *sc)
3382 {
3383 sc->current_sample--;
3384 sc->current_index--;
3385 if (sc->index_ranges &&
3386 sc->current_index < sc->current_index_range->start &&
3387 sc->current_index_range > sc->index_ranges) {
3388 sc->current_index_range--;
3389 sc->current_index = sc->current_index_range->end - 1;
3390 }
3391 }
3392
mov_current_sample_set(MOVStreamContext * sc,int current_sample)3393 static void mov_current_sample_set(MOVStreamContext *sc, int current_sample)
3394 {
3395 int64_t range_size;
3396
3397 sc->current_sample = current_sample;
3398 sc->current_index = current_sample;
3399 if (!sc->index_ranges) {
3400 return;
3401 }
3402
3403 for (sc->current_index_range = sc->index_ranges;
3404 sc->current_index_range->end;
3405 sc->current_index_range++) {
3406 range_size = sc->current_index_range->end - sc->current_index_range->start;
3407 if (range_size > current_sample) {
3408 sc->current_index = sc->current_index_range->start + current_sample;
3409 break;
3410 }
3411 current_sample -= range_size;
3412 }
3413 }
3414
3415 /**
3416 * Fix st->index_entries, so that it contains only the entries (and the entries
3417 * which are needed to decode them) that fall in the edit list time ranges.
3418 * Also fixes the timestamps of the index entries to match the timeline
3419 * specified the edit lists.
3420 */
mov_fix_index(MOVContext * mov,AVStream * st)3421 static void mov_fix_index(MOVContext *mov, AVStream *st)
3422 {
3423 MOVStreamContext *msc = st->priv_data;
3424 AVIndexEntry *e_old = st->index_entries;
3425 int nb_old = st->nb_index_entries;
3426 const AVIndexEntry *e_old_end = e_old + nb_old;
3427 const AVIndexEntry *current = NULL;
3428 MOVStts *ctts_data_old = msc->ctts_data;
3429 int64_t ctts_index_old = 0;
3430 int64_t ctts_sample_old = 0;
3431 int64_t ctts_count_old = msc->ctts_count;
3432 int64_t edit_list_media_time = 0;
3433 int64_t edit_list_duration = 0;
3434 int64_t frame_duration = 0;
3435 int64_t edit_list_dts_counter = 0;
3436 int64_t edit_list_dts_entry_end = 0;
3437 int64_t edit_list_start_ctts_sample = 0;
3438 int64_t curr_cts;
3439 int64_t curr_ctts = 0;
3440 int64_t empty_edits_sum_duration = 0;
3441 int64_t edit_list_index = 0;
3442 int64_t index;
3443 int flags;
3444 int64_t start_dts = 0;
3445 int64_t edit_list_start_encountered = 0;
3446 int64_t search_timestamp = 0;
3447 int64_t* frame_duration_buffer = NULL;
3448 int num_discarded_begin = 0;
3449 int first_non_zero_audio_edit = -1;
3450 int packet_skip_samples = 0;
3451 MOVIndexRange *current_index_range;
3452 int i;
3453 int found_keyframe_after_edit = 0;
3454
3455 if (!msc->elst_data || msc->elst_count <= 0 || nb_old <= 0) {
3456 return;
3457 }
3458
3459 // allocate the index ranges array
3460 msc->index_ranges = av_malloc((msc->elst_count + 1) * sizeof(msc->index_ranges[0]));
3461 if (!msc->index_ranges) {
3462 av_log(mov->fc, AV_LOG_ERROR, "Cannot allocate index ranges buffer\n");
3463 return;
3464 }
3465 msc->current_index_range = msc->index_ranges;
3466 current_index_range = msc->index_ranges - 1;
3467
3468 // Clean AVStream from traces of old index
3469 st->index_entries = NULL;
3470 st->index_entries_allocated_size = 0;
3471 st->nb_index_entries = 0;
3472
3473 // Clean ctts fields of MOVStreamContext
3474 msc->ctts_data = NULL;
3475 msc->ctts_count = 0;
3476 msc->ctts_index = 0;
3477 msc->ctts_sample = 0;
3478 msc->ctts_allocated_size = 0;
3479
3480 // Reinitialize min_corrected_pts so that it can be computed again.
3481 msc->min_corrected_pts = -1;
3482
3483 // If the dts_shift is positive (in case of negative ctts values in mov),
3484 // then negate the DTS by dts_shift
3485 if (msc->dts_shift > 0) {
3486 edit_list_dts_entry_end -= msc->dts_shift;
3487 av_log(mov->fc, AV_LOG_DEBUG, "Shifting DTS by %d because of negative CTTS.\n", msc->dts_shift);
3488 }
3489
3490 start_dts = edit_list_dts_entry_end;
3491
3492 while (get_edit_list_entry(mov, msc, edit_list_index, &edit_list_media_time,
3493 &edit_list_duration, mov->time_scale)) {
3494 av_log(mov->fc, AV_LOG_DEBUG, "Processing st: %d, edit list %"PRId64" - media time: %"PRId64", duration: %"PRId64"\n",
3495 st->index, edit_list_index, edit_list_media_time, edit_list_duration);
3496 edit_list_index++;
3497 edit_list_dts_counter = edit_list_dts_entry_end;
3498 edit_list_dts_entry_end += edit_list_duration;
3499 num_discarded_begin = 0;
3500 if (edit_list_media_time == -1) {
3501 empty_edits_sum_duration += edit_list_duration;
3502 continue;
3503 }
3504
3505 // If we encounter a non-negative edit list reset the skip_samples/start_pad fields and set them
3506 // according to the edit list below.
3507 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
3508 if (first_non_zero_audio_edit < 0) {
3509 first_non_zero_audio_edit = 1;
3510 } else {
3511 first_non_zero_audio_edit = 0;
3512 }
3513
3514 if (first_non_zero_audio_edit > 0)
3515 st->skip_samples = msc->start_pad = 0;
3516 }
3517
3518 // While reordering frame index according to edit list we must handle properly
3519 // the scenario when edit list entry starts from none key frame.
3520 // We find closest previous key frame and preserve it and consequent frames in index.
3521 // All frames which are outside edit list entry time boundaries will be dropped after decoding.
3522 search_timestamp = edit_list_media_time;
3523 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
3524 // Audio decoders like AAC need need a decoder delay samples previous to the current sample,
3525 // to correctly decode this frame. Hence for audio we seek to a frame 1 sec. before the
3526 // edit_list_media_time to cover the decoder delay.
3527 search_timestamp = FFMAX(search_timestamp - msc->time_scale, e_old[0].timestamp);
3528 }
3529
3530 if (find_prev_closest_index(st, e_old, nb_old, ctts_data_old, ctts_count_old, search_timestamp, 0,
3531 &index, &ctts_index_old, &ctts_sample_old) < 0) {
3532 av_log(mov->fc, AV_LOG_WARNING,
3533 "st: %d edit list: %"PRId64" Missing key frame while searching for timestamp: %"PRId64"\n",
3534 st->index, edit_list_index, search_timestamp);
3535 if (find_prev_closest_index(st, e_old, nb_old, ctts_data_old, ctts_count_old, search_timestamp, AVSEEK_FLAG_ANY,
3536 &index, &ctts_index_old, &ctts_sample_old) < 0) {
3537 av_log(mov->fc, AV_LOG_WARNING,
3538 "st: %d edit list %"PRId64" Cannot find an index entry before timestamp: %"PRId64".\n",
3539 st->index, edit_list_index, search_timestamp);
3540 index = 0;
3541 ctts_index_old = 0;
3542 ctts_sample_old = 0;
3543 }
3544 }
3545 current = e_old + index;
3546 edit_list_start_ctts_sample = ctts_sample_old;
3547
3548 // Iterate over index and arrange it according to edit list
3549 edit_list_start_encountered = 0;
3550 found_keyframe_after_edit = 0;
3551 for (; current < e_old_end; current++, index++) {
3552 // check if frame outside edit list mark it for discard
3553 frame_duration = (current + 1 < e_old_end) ?
3554 ((current + 1)->timestamp - current->timestamp) : edit_list_duration;
3555
3556 flags = current->flags;
3557
3558 // frames (pts) before or after edit list
3559 curr_cts = current->timestamp + msc->dts_shift;
3560 curr_ctts = 0;
3561
3562 if (ctts_data_old && ctts_index_old < ctts_count_old) {
3563 curr_ctts = ctts_data_old[ctts_index_old].duration;
3564 av_log(mov->fc, AV_LOG_DEBUG, "stts: %"PRId64" ctts: %"PRId64", ctts_index: %"PRId64", ctts_count: %"PRId64"\n",
3565 curr_cts, curr_ctts, ctts_index_old, ctts_count_old);
3566 curr_cts += curr_ctts;
3567 ctts_sample_old++;
3568 if (ctts_sample_old == ctts_data_old[ctts_index_old].count) {
3569 if (add_ctts_entry(&msc->ctts_data, &msc->ctts_count,
3570 &msc->ctts_allocated_size,
3571 ctts_data_old[ctts_index_old].count - edit_list_start_ctts_sample,
3572 ctts_data_old[ctts_index_old].duration) == -1) {
3573 av_log(mov->fc, AV_LOG_ERROR, "Cannot add CTTS entry %"PRId64" - {%"PRId64", %d}\n",
3574 ctts_index_old,
3575 ctts_data_old[ctts_index_old].count - edit_list_start_ctts_sample,
3576 ctts_data_old[ctts_index_old].duration);
3577 break;
3578 }
3579 ctts_index_old++;
3580 ctts_sample_old = 0;
3581 edit_list_start_ctts_sample = 0;
3582 }
3583 }
3584
3585 if (curr_cts < edit_list_media_time || curr_cts >= (edit_list_duration + edit_list_media_time)) {
3586 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO && st->codecpar->codec_id != AV_CODEC_ID_VORBIS &&
3587 curr_cts < edit_list_media_time && curr_cts + frame_duration > edit_list_media_time &&
3588 first_non_zero_audio_edit > 0) {
3589 packet_skip_samples = edit_list_media_time - curr_cts;
3590 st->skip_samples += packet_skip_samples;
3591
3592 // Shift the index entry timestamp by packet_skip_samples to be correct.
3593 edit_list_dts_counter -= packet_skip_samples;
3594 if (edit_list_start_encountered == 0) {
3595 edit_list_start_encountered = 1;
3596 // Make timestamps strictly monotonically increasing for audio, by rewriting timestamps for
3597 // discarded packets.
3598 if (frame_duration_buffer) {
3599 fix_index_entry_timestamps(st, st->nb_index_entries, edit_list_dts_counter,
3600 frame_duration_buffer, num_discarded_begin);
3601 av_freep(&frame_duration_buffer);
3602 }
3603 }
3604
3605 av_log(mov->fc, AV_LOG_DEBUG, "skip %d audio samples from curr_cts: %"PRId64"\n", packet_skip_samples, curr_cts);
3606 } else {
3607 flags |= AVINDEX_DISCARD_FRAME;
3608 av_log(mov->fc, AV_LOG_DEBUG, "drop a frame at curr_cts: %"PRId64" @ %"PRId64"\n", curr_cts, index);
3609
3610 if (edit_list_start_encountered == 0) {
3611 num_discarded_begin++;
3612 frame_duration_buffer = av_realloc(frame_duration_buffer,
3613 num_discarded_begin * sizeof(int64_t));
3614 if (!frame_duration_buffer) {
3615 av_log(mov->fc, AV_LOG_ERROR, "Cannot reallocate frame duration buffer\n");
3616 break;
3617 }
3618 frame_duration_buffer[num_discarded_begin - 1] = frame_duration;
3619
3620 // Increment skip_samples for the first non-zero audio edit list
3621 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
3622 first_non_zero_audio_edit > 0 && st->codecpar->codec_id != AV_CODEC_ID_VORBIS) {
3623 st->skip_samples += frame_duration;
3624 }
3625 }
3626 }
3627 } else {
3628 if (msc->min_corrected_pts < 0) {
3629 msc->min_corrected_pts = edit_list_dts_counter + curr_ctts + msc->dts_shift;
3630 } else {
3631 msc->min_corrected_pts = FFMIN(msc->min_corrected_pts, edit_list_dts_counter + curr_ctts + msc->dts_shift);
3632 }
3633 if (edit_list_start_encountered == 0) {
3634 edit_list_start_encountered = 1;
3635 // Make timestamps strictly monotonically increasing by rewriting timestamps for
3636 // discarded packets.
3637 if (frame_duration_buffer) {
3638 fix_index_entry_timestamps(st, st->nb_index_entries, edit_list_dts_counter,
3639 frame_duration_buffer, num_discarded_begin);
3640 av_freep(&frame_duration_buffer);
3641 }
3642 }
3643 }
3644
3645 if (add_index_entry(st, current->pos, edit_list_dts_counter, current->size,
3646 current->min_distance, flags) == -1) {
3647 av_log(mov->fc, AV_LOG_ERROR, "Cannot add index entry\n");
3648 break;
3649 }
3650
3651 // Update the index ranges array
3652 if (current_index_range < msc->index_ranges || index != current_index_range->end) {
3653 current_index_range++;
3654 current_index_range->start = index;
3655 }
3656 current_index_range->end = index + 1;
3657
3658 // Only start incrementing DTS in frame_duration amounts, when we encounter a frame in edit list.
3659 if (edit_list_start_encountered > 0) {
3660 edit_list_dts_counter = edit_list_dts_counter + frame_duration;
3661 }
3662
3663 // Break when found first key frame after edit entry completion
3664 if ((curr_cts + frame_duration >= (edit_list_duration + edit_list_media_time)) &&
3665 ((flags & AVINDEX_KEYFRAME) || ((st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO)))) {
3666 if (ctts_data_old) {
3667 // If we have CTTS and this is the first keyframe after edit elist,
3668 // wait for one more, because there might be trailing B-frames after this I-frame
3669 // that do belong to the edit.
3670 if (st->codecpar->codec_type != AVMEDIA_TYPE_AUDIO && found_keyframe_after_edit == 0) {
3671 found_keyframe_after_edit = 1;
3672 continue;
3673 }
3674 if (ctts_sample_old != 0) {
3675 if (add_ctts_entry(&msc->ctts_data, &msc->ctts_count,
3676 &msc->ctts_allocated_size,
3677 ctts_sample_old - edit_list_start_ctts_sample,
3678 ctts_data_old[ctts_index_old].duration) == -1) {
3679 av_log(mov->fc, AV_LOG_ERROR, "Cannot add CTTS entry %"PRId64" - {%"PRId64", %d}\n",
3680 ctts_index_old, ctts_sample_old - edit_list_start_ctts_sample,
3681 ctts_data_old[ctts_index_old].duration);
3682 break;
3683 }
3684 }
3685 }
3686 break;
3687 }
3688 }
3689 }
3690 // If there are empty edits, then msc->min_corrected_pts might be positive
3691 // intentionally. So we subtract the sum duration of emtpy edits here.
3692 msc->min_corrected_pts -= empty_edits_sum_duration;
3693
3694 // If the minimum pts turns out to be greater than zero after fixing the index, then we subtract the
3695 // dts by that amount to make the first pts zero.
3696 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
3697 if (msc->min_corrected_pts > 0) {
3698 av_log(mov->fc, AV_LOG_DEBUG, "Offset DTS by %"PRId64" to make first pts zero.\n", msc->min_corrected_pts);
3699 for (i = 0; i < st->nb_index_entries; ++i) {
3700 st->index_entries[i].timestamp -= msc->min_corrected_pts;
3701 }
3702 }
3703 }
3704 // Start time should be equal to zero or the duration of any empty edits.
3705 st->start_time = empty_edits_sum_duration;
3706
3707 // Update av stream length, if it ends up shorter than the track's media duration
3708 st->duration = FFMIN(st->duration, edit_list_dts_entry_end - start_dts);
3709 msc->start_pad = st->skip_samples;
3710
3711 // Free the old index and the old CTTS structures
3712 av_free(e_old);
3713 av_free(ctts_data_old);
3714 av_freep(&frame_duration_buffer);
3715
3716 // Null terminate the index ranges array
3717 current_index_range++;
3718 current_index_range->start = 0;
3719 current_index_range->end = 0;
3720 msc->current_index = msc->index_ranges[0].start;
3721 }
3722
mov_build_index(MOVContext * mov,AVStream * st)3723 static void mov_build_index(MOVContext *mov, AVStream *st)
3724 {
3725 MOVStreamContext *sc = st->priv_data;
3726 int64_t current_offset;
3727 int64_t current_dts = 0;
3728 unsigned int stts_index = 0;
3729 unsigned int stsc_index = 0;
3730 unsigned int stss_index = 0;
3731 unsigned int stps_index = 0;
3732 unsigned int i, j;
3733 uint64_t stream_size = 0;
3734 MOVStts *ctts_data_old = sc->ctts_data;
3735 unsigned int ctts_count_old = sc->ctts_count;
3736
3737 if (sc->elst_count) {
3738 int i, edit_start_index = 0, multiple_edits = 0;
3739 int64_t empty_duration = 0; // empty duration of the first edit list entry
3740 int64_t start_time = 0; // start time of the media
3741
3742 for (i = 0; i < sc->elst_count; i++) {
3743 const MOVElst *e = &sc->elst_data[i];
3744 if (i == 0 && e->time == -1) {
3745 /* if empty, the first entry is the start time of the stream
3746 * relative to the presentation itself */
3747 empty_duration = e->duration;
3748 edit_start_index = 1;
3749 } else if (i == edit_start_index && e->time >= 0) {
3750 start_time = e->time;
3751 } else {
3752 multiple_edits = 1;
3753 }
3754 }
3755
3756 if (multiple_edits && !mov->advanced_editlist)
3757 av_log(mov->fc, AV_LOG_WARNING, "multiple edit list entries, "
3758 "Use -advanced_editlist to correctly decode otherwise "
3759 "a/v desync might occur\n");
3760
3761 /* adjust first dts according to edit list */
3762 if ((empty_duration || start_time) && mov->time_scale > 0) {
3763 if (empty_duration)
3764 empty_duration = av_rescale(empty_duration, sc->time_scale, mov->time_scale);
3765 sc->time_offset = start_time - empty_duration;
3766 sc->min_corrected_pts = start_time;
3767 if (!mov->advanced_editlist)
3768 current_dts = -sc->time_offset;
3769 }
3770
3771 if (!multiple_edits && !mov->advanced_editlist &&
3772 st->codecpar->codec_id == AV_CODEC_ID_AAC && start_time > 0)
3773 sc->start_pad = start_time;
3774 }
3775
3776 /* only use old uncompressed audio chunk demuxing when stts specifies it */
3777 if (!(st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
3778 sc->stts_count == 1 && sc->stts_data[0].duration == 1)) {
3779 unsigned int current_sample = 0;
3780 unsigned int stts_sample = 0;
3781 unsigned int sample_size;
3782 unsigned int distance = 0;
3783 unsigned int rap_group_index = 0;
3784 unsigned int rap_group_sample = 0;
3785 int64_t last_dts = 0;
3786 int64_t dts_correction = 0;
3787 int rap_group_present = sc->rap_group_count && sc->rap_group;
3788 int key_off = (sc->keyframe_count && sc->keyframes[0] > 0) || (sc->stps_count && sc->stps_data[0] > 0);
3789
3790 current_dts -= sc->dts_shift;
3791 last_dts = current_dts;
3792
3793 if (!sc->sample_count || st->nb_index_entries)
3794 return;
3795 if (sc->sample_count >= UINT_MAX / sizeof(*st->index_entries) - st->nb_index_entries)
3796 return;
3797 if (av_reallocp_array(&st->index_entries,
3798 st->nb_index_entries + sc->sample_count,
3799 sizeof(*st->index_entries)) < 0) {
3800 st->nb_index_entries = 0;
3801 return;
3802 }
3803 st->index_entries_allocated_size = (st->nb_index_entries + sc->sample_count) * sizeof(*st->index_entries);
3804
3805 if (ctts_data_old) {
3806 // Expand ctts entries such that we have a 1-1 mapping with samples
3807 if (sc->sample_count >= UINT_MAX / sizeof(*sc->ctts_data))
3808 return;
3809 sc->ctts_count = 0;
3810 sc->ctts_allocated_size = 0;
3811 sc->ctts_data = av_fast_realloc(NULL, &sc->ctts_allocated_size,
3812 sc->sample_count * sizeof(*sc->ctts_data));
3813 if (!sc->ctts_data) {
3814 av_free(ctts_data_old);
3815 return;
3816 }
3817
3818 memset((uint8_t*)(sc->ctts_data), 0, sc->ctts_allocated_size);
3819
3820 for (i = 0; i < ctts_count_old &&
3821 sc->ctts_count < sc->sample_count; i++)
3822 for (j = 0; j < ctts_data_old[i].count &&
3823 sc->ctts_count < sc->sample_count; j++)
3824 add_ctts_entry(&sc->ctts_data, &sc->ctts_count,
3825 &sc->ctts_allocated_size, 1,
3826 ctts_data_old[i].duration);
3827 av_free(ctts_data_old);
3828 }
3829
3830 for (i = 0; i < sc->chunk_count; i++) {
3831 int64_t next_offset = i+1 < sc->chunk_count ? sc->chunk_offsets[i+1] : INT64_MAX;
3832 current_offset = sc->chunk_offsets[i];
3833 while (mov_stsc_index_valid(stsc_index, sc->stsc_count) &&
3834 i + 1 == sc->stsc_data[stsc_index + 1].first)
3835 stsc_index++;
3836
3837 if (next_offset > current_offset && sc->sample_size>0 && sc->sample_size < sc->stsz_sample_size &&
3838 sc->stsc_data[stsc_index].count * (int64_t)sc->stsz_sample_size > next_offset - current_offset) {
3839 av_log(mov->fc, AV_LOG_WARNING, "STSZ sample size %d invalid (too large), ignoring\n", sc->stsz_sample_size);
3840 sc->stsz_sample_size = sc->sample_size;
3841 }
3842 if (sc->stsz_sample_size>0 && sc->stsz_sample_size < sc->sample_size) {
3843 av_log(mov->fc, AV_LOG_WARNING, "STSZ sample size %d invalid (too small), ignoring\n", sc->stsz_sample_size);
3844 sc->stsz_sample_size = sc->sample_size;
3845 }
3846
3847 for (j = 0; j < sc->stsc_data[stsc_index].count; j++) {
3848 int keyframe = 0;
3849 if (current_sample >= sc->sample_count) {
3850 av_log(mov->fc, AV_LOG_ERROR, "wrong sample count\n");
3851 return;
3852 }
3853
3854 if (!sc->keyframe_absent && (!sc->keyframe_count || current_sample+key_off == sc->keyframes[stss_index])) {
3855 keyframe = 1;
3856 if (stss_index + 1 < sc->keyframe_count)
3857 stss_index++;
3858 } else if (sc->stps_count && current_sample+key_off == sc->stps_data[stps_index]) {
3859 keyframe = 1;
3860 if (stps_index + 1 < sc->stps_count)
3861 stps_index++;
3862 }
3863 if (rap_group_present && rap_group_index < sc->rap_group_count) {
3864 if (sc->rap_group[rap_group_index].index > 0)
3865 keyframe = 1;
3866 if (++rap_group_sample == sc->rap_group[rap_group_index].count) {
3867 rap_group_sample = 0;
3868 rap_group_index++;
3869 }
3870 }
3871 if (sc->keyframe_absent
3872 && !sc->stps_count
3873 && !rap_group_present
3874 && (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO || (i==0 && j==0)))
3875 keyframe = 1;
3876 if (keyframe)
3877 distance = 0;
3878 sample_size = sc->stsz_sample_size > 0 ? sc->stsz_sample_size : sc->sample_sizes[current_sample];
3879 if (sc->pseudo_stream_id == -1 ||
3880 sc->stsc_data[stsc_index].id - 1 == sc->pseudo_stream_id) {
3881 AVIndexEntry *e;
3882 if (sample_size > 0x3FFFFFFF) {
3883 av_log(mov->fc, AV_LOG_ERROR, "Sample size %u is too large\n", sample_size);
3884 return;
3885 }
3886 e = &st->index_entries[st->nb_index_entries++];
3887 e->pos = current_offset;
3888 e->timestamp = current_dts;
3889 e->size = sample_size;
3890 e->min_distance = distance;
3891 e->flags = keyframe ? AVINDEX_KEYFRAME : 0;
3892 av_log(mov->fc, AV_LOG_TRACE, "AVIndex stream %d, sample %u, offset %"PRIx64", dts %"PRId64", "
3893 "size %u, distance %u, keyframe %d\n", st->index, current_sample,
3894 current_offset, current_dts, sample_size, distance, keyframe);
3895 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && st->nb_index_entries < 100)
3896 ff_rfps_add_frame(mov->fc, st, current_dts);
3897 }
3898
3899 current_offset += sample_size;
3900 stream_size += sample_size;
3901
3902 /* A negative sample duration is invalid based on the spec,
3903 * but some samples need it to correct the DTS. */
3904 if (sc->stts_data[stts_index].duration < 0) {
3905 av_log(mov->fc, AV_LOG_WARNING,
3906 "Invalid SampleDelta %d in STTS, at %d st:%d\n",
3907 sc->stts_data[stts_index].duration, stts_index,
3908 st->index);
3909 dts_correction += sc->stts_data[stts_index].duration - 1;
3910 sc->stts_data[stts_index].duration = 1;
3911 }
3912 current_dts += sc->stts_data[stts_index].duration;
3913 if (!dts_correction || current_dts + dts_correction > last_dts) {
3914 current_dts += dts_correction;
3915 dts_correction = 0;
3916 } else {
3917 /* Avoid creating non-monotonous DTS */
3918 dts_correction += current_dts - last_dts - 1;
3919 current_dts = last_dts + 1;
3920 }
3921 last_dts = current_dts;
3922 distance++;
3923 stts_sample++;
3924 current_sample++;
3925 if (stts_index + 1 < sc->stts_count && stts_sample == sc->stts_data[stts_index].count) {
3926 stts_sample = 0;
3927 stts_index++;
3928 }
3929 }
3930 }
3931 if (st->duration > 0)
3932 st->codecpar->bit_rate = stream_size*8*sc->time_scale/st->duration;
3933 } else {
3934 unsigned chunk_samples, total = 0;
3935
3936 if (!sc->chunk_count)
3937 return;
3938
3939 // compute total chunk count
3940 for (i = 0; i < sc->stsc_count; i++) {
3941 unsigned count, chunk_count;
3942
3943 chunk_samples = sc->stsc_data[i].count;
3944 if (i != sc->stsc_count - 1 &&
3945 sc->samples_per_frame && chunk_samples % sc->samples_per_frame) {
3946 av_log(mov->fc, AV_LOG_ERROR, "error unaligned chunk\n");
3947 return;
3948 }
3949
3950 if (sc->samples_per_frame >= 160) { // gsm
3951 count = chunk_samples / sc->samples_per_frame;
3952 } else if (sc->samples_per_frame > 1) {
3953 unsigned samples = (1024/sc->samples_per_frame)*sc->samples_per_frame;
3954 count = (chunk_samples+samples-1) / samples;
3955 } else {
3956 count = (chunk_samples+1023) / 1024;
3957 }
3958
3959 if (mov_stsc_index_valid(i, sc->stsc_count))
3960 chunk_count = sc->stsc_data[i+1].first - sc->stsc_data[i].first;
3961 else
3962 chunk_count = sc->chunk_count - (sc->stsc_data[i].first - 1);
3963 total += chunk_count * count;
3964 }
3965
3966 av_log(mov->fc, AV_LOG_TRACE, "chunk count %u\n", total);
3967 if (total >= UINT_MAX / sizeof(*st->index_entries) - st->nb_index_entries)
3968 return;
3969 if (av_reallocp_array(&st->index_entries,
3970 st->nb_index_entries + total,
3971 sizeof(*st->index_entries)) < 0) {
3972 st->nb_index_entries = 0;
3973 return;
3974 }
3975 st->index_entries_allocated_size = (st->nb_index_entries + total) * sizeof(*st->index_entries);
3976
3977 // populate index
3978 for (i = 0; i < sc->chunk_count; i++) {
3979 current_offset = sc->chunk_offsets[i];
3980 if (mov_stsc_index_valid(stsc_index, sc->stsc_count) &&
3981 i + 1 == sc->stsc_data[stsc_index + 1].first)
3982 stsc_index++;
3983 chunk_samples = sc->stsc_data[stsc_index].count;
3984
3985 while (chunk_samples > 0) {
3986 AVIndexEntry *e;
3987 unsigned size, samples;
3988
3989 if (sc->samples_per_frame > 1 && !sc->bytes_per_frame) {
3990 avpriv_request_sample(mov->fc,
3991 "Zero bytes per frame, but %d samples per frame",
3992 sc->samples_per_frame);
3993 return;
3994 }
3995
3996 if (sc->samples_per_frame >= 160) { // gsm
3997 samples = sc->samples_per_frame;
3998 size = sc->bytes_per_frame;
3999 } else {
4000 if (sc->samples_per_frame > 1) {
4001 samples = FFMIN((1024 / sc->samples_per_frame)*
4002 sc->samples_per_frame, chunk_samples);
4003 size = (samples / sc->samples_per_frame) * sc->bytes_per_frame;
4004 } else {
4005 samples = FFMIN(1024, chunk_samples);
4006 size = samples * sc->sample_size;
4007 }
4008 }
4009
4010 if (st->nb_index_entries >= total) {
4011 av_log(mov->fc, AV_LOG_ERROR, "wrong chunk count %u\n", total);
4012 return;
4013 }
4014 if (size > 0x3FFFFFFF) {
4015 av_log(mov->fc, AV_LOG_ERROR, "Sample size %u is too large\n", size);
4016 return;
4017 }
4018 e = &st->index_entries[st->nb_index_entries++];
4019 e->pos = current_offset;
4020 e->timestamp = current_dts;
4021 e->size = size;
4022 e->min_distance = 0;
4023 e->flags = AVINDEX_KEYFRAME;
4024 av_log(mov->fc, AV_LOG_TRACE, "AVIndex stream %d, chunk %u, offset %"PRIx64", dts %"PRId64", "
4025 "size %u, duration %u\n", st->index, i, current_offset, current_dts,
4026 size, samples);
4027
4028 current_offset += size;
4029 current_dts += samples;
4030 chunk_samples -= samples;
4031 }
4032 }
4033 }
4034
4035 if (!mov->ignore_editlist && mov->advanced_editlist) {
4036 // Fix index according to edit lists.
4037 mov_fix_index(mov, st);
4038 }
4039
4040 // Update start time of the stream.
4041 if (st->start_time == AV_NOPTS_VALUE && st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && st->nb_index_entries > 0) {
4042 st->start_time = st->index_entries[0].timestamp + sc->dts_shift;
4043 if (sc->ctts_data) {
4044 st->start_time += sc->ctts_data[0].duration;
4045 }
4046 }
4047
4048 mov_estimate_video_delay(mov, st);
4049 }
4050
test_same_origin(const char * src,const char * ref)4051 static int test_same_origin(const char *src, const char *ref) {
4052 char src_proto[64];
4053 char ref_proto[64];
4054 char src_auth[256];
4055 char ref_auth[256];
4056 char src_host[256];
4057 char ref_host[256];
4058 int src_port=-1;
4059 int ref_port=-1;
4060
4061 av_url_split(src_proto, sizeof(src_proto), src_auth, sizeof(src_auth), src_host, sizeof(src_host), &src_port, NULL, 0, src);
4062 av_url_split(ref_proto, sizeof(ref_proto), ref_auth, sizeof(ref_auth), ref_host, sizeof(ref_host), &ref_port, NULL, 0, ref);
4063
4064 if (strlen(src) == 0) {
4065 return -1;
4066 } else if (strlen(src_auth) + 1 >= sizeof(src_auth) ||
4067 strlen(ref_auth) + 1 >= sizeof(ref_auth) ||
4068 strlen(src_host) + 1 >= sizeof(src_host) ||
4069 strlen(ref_host) + 1 >= sizeof(ref_host)) {
4070 return 0;
4071 } else if (strcmp(src_proto, ref_proto) ||
4072 strcmp(src_auth, ref_auth) ||
4073 strcmp(src_host, ref_host) ||
4074 src_port != ref_port) {
4075 return 0;
4076 } else
4077 return 1;
4078 }
4079
mov_open_dref(MOVContext * c,AVIOContext ** pb,const char * src,MOVDref * ref)4080 static int mov_open_dref(MOVContext *c, AVIOContext **pb, const char *src, MOVDref *ref)
4081 {
4082 /* try relative path, we do not try the absolute because it can leak information about our
4083 system to an attacker */
4084 if (ref->nlvl_to > 0 && ref->nlvl_from > 0) {
4085 char filename[1025];
4086 const char *src_path;
4087 int i, l;
4088
4089 /* find a source dir */
4090 src_path = strrchr(src, '/');
4091 if (src_path)
4092 src_path++;
4093 else
4094 src_path = src;
4095
4096 /* find a next level down to target */
4097 for (i = 0, l = strlen(ref->path) - 1; l >= 0; l--)
4098 if (ref->path[l] == '/') {
4099 if (i == ref->nlvl_to - 1)
4100 break;
4101 else
4102 i++;
4103 }
4104
4105 /* compose filename if next level down to target was found */
4106 if (i == ref->nlvl_to - 1 && src_path - src < sizeof(filename)) {
4107 memcpy(filename, src, src_path - src);
4108 filename[src_path - src] = 0;
4109
4110 for (i = 1; i < ref->nlvl_from; i++)
4111 av_strlcat(filename, "../", sizeof(filename));
4112
4113 av_strlcat(filename, ref->path + l + 1, sizeof(filename));
4114 if (!c->use_absolute_path) {
4115 int same_origin = test_same_origin(src, filename);
4116
4117 if (!same_origin) {
4118 av_log(c->fc, AV_LOG_ERROR,
4119 "Reference with mismatching origin, %s not tried for security reasons, "
4120 "set demuxer option use_absolute_path to allow it anyway\n",
4121 ref->path);
4122 return AVERROR(ENOENT);
4123 }
4124
4125 if(strstr(ref->path + l + 1, "..") ||
4126 strstr(ref->path + l + 1, ":") ||
4127 (ref->nlvl_from > 1 && same_origin < 0) ||
4128 (filename[0] == '/' && src_path == src))
4129 return AVERROR(ENOENT);
4130 }
4131
4132 if (strlen(filename) + 1 == sizeof(filename))
4133 return AVERROR(ENOENT);
4134 if (!c->fc->io_open(c->fc, pb, filename, AVIO_FLAG_READ, NULL))
4135 return 0;
4136 }
4137 } else if (c->use_absolute_path) {
4138 av_log(c->fc, AV_LOG_WARNING, "Using absolute path on user request, "
4139 "this is a possible security issue\n");
4140 if (!c->fc->io_open(c->fc, pb, ref->path, AVIO_FLAG_READ, NULL))
4141 return 0;
4142 } else {
4143 av_log(c->fc, AV_LOG_ERROR,
4144 "Absolute path %s not tried for security reasons, "
4145 "set demuxer option use_absolute_path to allow absolute paths\n",
4146 ref->path);
4147 }
4148
4149 return AVERROR(ENOENT);
4150 }
4151
fix_timescale(MOVContext * c,MOVStreamContext * sc)4152 static void fix_timescale(MOVContext *c, MOVStreamContext *sc)
4153 {
4154 if (sc->time_scale <= 0) {
4155 av_log(c->fc, AV_LOG_WARNING, "stream %d, timescale not set\n", sc->ffindex);
4156 sc->time_scale = c->time_scale;
4157 if (sc->time_scale <= 0)
4158 sc->time_scale = 1;
4159 }
4160 }
4161
mov_read_trak(MOVContext * c,AVIOContext * pb,MOVAtom atom)4162 static int mov_read_trak(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4163 {
4164 AVStream *st;
4165 MOVStreamContext *sc;
4166 int ret;
4167
4168 st = avformat_new_stream(c->fc, NULL);
4169 if (!st) return AVERROR(ENOMEM);
4170 st->id = -1;
4171 sc = av_mallocz(sizeof(MOVStreamContext));
4172 if (!sc) return AVERROR(ENOMEM);
4173
4174 st->priv_data = sc;
4175 st->codecpar->codec_type = AVMEDIA_TYPE_DATA;
4176 sc->ffindex = st->index;
4177 c->trak_index = st->index;
4178
4179 if ((ret = mov_read_default(c, pb, atom)) < 0)
4180 return ret;
4181
4182 c->trak_index = -1;
4183
4184 // Here stsc refers to a chunk not described in stco. This is technically invalid,
4185 // but we can overlook it (clearing stsc) whenever stts_count == 0 (indicating no samples).
4186 if (!sc->chunk_count && !sc->stts_count && sc->stsc_count) {
4187 sc->stsc_count = 0;
4188 av_freep(&sc->stsc_data);
4189 }
4190
4191 /* sanity checks */
4192 if ((sc->chunk_count && (!sc->stts_count || !sc->stsc_count ||
4193 (!sc->sample_size && !sc->sample_count))) ||
4194 (!sc->chunk_count && sc->sample_count)) {
4195 av_log(c->fc, AV_LOG_ERROR, "stream %d, missing mandatory atoms, broken header\n",
4196 st->index);
4197 return 0;
4198 }
4199 if (sc->stsc_count && sc->stsc_data[ sc->stsc_count - 1 ].first > sc->chunk_count) {
4200 av_log(c->fc, AV_LOG_ERROR, "stream %d, contradictionary STSC and STCO\n",
4201 st->index);
4202 return AVERROR_INVALIDDATA;
4203 }
4204
4205 fix_timescale(c, sc);
4206
4207 avpriv_set_pts_info(st, 64, 1, sc->time_scale);
4208
4209 mov_build_index(c, st);
4210
4211 if (sc->dref_id-1 < sc->drefs_count && sc->drefs[sc->dref_id-1].path) {
4212 MOVDref *dref = &sc->drefs[sc->dref_id - 1];
4213 if (c->enable_drefs) {
4214 if (mov_open_dref(c, &sc->pb, c->fc->url, dref) < 0)
4215 av_log(c->fc, AV_LOG_ERROR,
4216 "stream %d, error opening alias: path='%s', dir='%s', "
4217 "filename='%s', volume='%s', nlvl_from=%d, nlvl_to=%d\n",
4218 st->index, dref->path, dref->dir, dref->filename,
4219 dref->volume, dref->nlvl_from, dref->nlvl_to);
4220 } else {
4221 av_log(c->fc, AV_LOG_WARNING,
4222 "Skipped opening external track: "
4223 "stream %d, alias: path='%s', dir='%s', "
4224 "filename='%s', volume='%s', nlvl_from=%d, nlvl_to=%d."
4225 "Set enable_drefs to allow this.\n",
4226 st->index, dref->path, dref->dir, dref->filename,
4227 dref->volume, dref->nlvl_from, dref->nlvl_to);
4228 }
4229 } else {
4230 sc->pb = c->fc->pb;
4231 sc->pb_is_copied = 1;
4232 }
4233
4234 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
4235 if (!st->sample_aspect_ratio.num && st->codecpar->width && st->codecpar->height &&
4236 sc->height && sc->width &&
4237 (st->codecpar->width != sc->width || st->codecpar->height != sc->height)) {
4238 st->sample_aspect_ratio = av_d2q(((double)st->codecpar->height * sc->width) /
4239 ((double)st->codecpar->width * sc->height), INT_MAX);
4240 }
4241
4242 #if FF_API_R_FRAME_RATE
4243 if (sc->stts_count == 1 || (sc->stts_count == 2 && sc->stts_data[1].count == 1))
4244 av_reduce(&st->r_frame_rate.num, &st->r_frame_rate.den,
4245 sc->time_scale, sc->stts_data[0].duration, INT_MAX);
4246 #endif
4247 }
4248
4249 // done for ai5q, ai52, ai55, ai1q, ai12 and ai15.
4250 if (!st->codecpar->extradata_size && st->codecpar->codec_id == AV_CODEC_ID_H264 &&
4251 TAG_IS_AVCI(st->codecpar->codec_tag)) {
4252 ret = ff_generate_avci_extradata(st);
4253 if (ret < 0)
4254 return ret;
4255 }
4256
4257 switch (st->codecpar->codec_id) {
4258 #if CONFIG_H261_DECODER
4259 case AV_CODEC_ID_H261:
4260 #endif
4261 #if CONFIG_H263_DECODER
4262 case AV_CODEC_ID_H263:
4263 #endif
4264 #if CONFIG_MPEG4_DECODER
4265 case AV_CODEC_ID_MPEG4:
4266 #endif
4267 st->codecpar->width = 0; /* let decoder init width/height */
4268 st->codecpar->height= 0;
4269 break;
4270 }
4271
4272 // If the duration of the mp3 packets is not constant, then they could need a parser
4273 if (st->codecpar->codec_id == AV_CODEC_ID_MP3
4274 && sc->stts_count > 3
4275 && sc->stts_count*10 > st->nb_frames
4276 && sc->time_scale == st->codecpar->sample_rate) {
4277 st->need_parsing = AVSTREAM_PARSE_FULL;
4278 }
4279 /* Do not need those anymore. */
4280 av_freep(&sc->chunk_offsets);
4281 av_freep(&sc->sample_sizes);
4282 av_freep(&sc->keyframes);
4283 av_freep(&sc->stts_data);
4284 av_freep(&sc->stps_data);
4285 av_freep(&sc->elst_data);
4286 av_freep(&sc->rap_group);
4287
4288 return 0;
4289 }
4290
mov_read_ilst(MOVContext * c,AVIOContext * pb,MOVAtom atom)4291 static int mov_read_ilst(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4292 {
4293 int ret;
4294 c->itunes_metadata = 1;
4295 ret = mov_read_default(c, pb, atom);
4296 c->itunes_metadata = 0;
4297 return ret;
4298 }
4299
mov_read_keys(MOVContext * c,AVIOContext * pb,MOVAtom atom)4300 static int mov_read_keys(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4301 {
4302 uint32_t count;
4303 uint32_t i;
4304
4305 if (atom.size < 8)
4306 return 0;
4307
4308 avio_skip(pb, 4);
4309 count = avio_rb32(pb);
4310 if (count > UINT_MAX / sizeof(*c->meta_keys) - 1) {
4311 av_log(c->fc, AV_LOG_ERROR,
4312 "The 'keys' atom with the invalid key count: %"PRIu32"\n", count);
4313 return AVERROR_INVALIDDATA;
4314 }
4315
4316 c->meta_keys_count = count + 1;
4317 c->meta_keys = av_mallocz(c->meta_keys_count * sizeof(*c->meta_keys));
4318 if (!c->meta_keys)
4319 return AVERROR(ENOMEM);
4320
4321 for (i = 1; i <= count; ++i) {
4322 uint32_t key_size = avio_rb32(pb);
4323 uint32_t type = avio_rl32(pb);
4324 if (key_size < 8) {
4325 av_log(c->fc, AV_LOG_ERROR,
4326 "The key# %"PRIu32" in meta has invalid size:"
4327 "%"PRIu32"\n", i, key_size);
4328 return AVERROR_INVALIDDATA;
4329 }
4330 key_size -= 8;
4331 if (type != MKTAG('m','d','t','a')) {
4332 avio_skip(pb, key_size);
4333 }
4334 c->meta_keys[i] = av_mallocz(key_size + 1);
4335 if (!c->meta_keys[i])
4336 return AVERROR(ENOMEM);
4337 avio_read(pb, c->meta_keys[i], key_size);
4338 }
4339
4340 return 0;
4341 }
4342
mov_read_custom(MOVContext * c,AVIOContext * pb,MOVAtom atom)4343 static int mov_read_custom(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4344 {
4345 int64_t end = avio_tell(pb) + atom.size;
4346 uint8_t *key = NULL, *val = NULL, *mean = NULL;
4347 int i;
4348 int ret = 0;
4349 AVStream *st;
4350 MOVStreamContext *sc;
4351
4352 if (c->fc->nb_streams < 1)
4353 return 0;
4354 st = c->fc->streams[c->fc->nb_streams-1];
4355 sc = st->priv_data;
4356
4357 for (i = 0; i < 3; i++) {
4358 uint8_t **p;
4359 uint32_t len, tag;
4360
4361 if (end - avio_tell(pb) <= 12)
4362 break;
4363
4364 len = avio_rb32(pb);
4365 tag = avio_rl32(pb);
4366 avio_skip(pb, 4); // flags
4367
4368 if (len < 12 || len - 12 > end - avio_tell(pb))
4369 break;
4370 len -= 12;
4371
4372 if (tag == MKTAG('m', 'e', 'a', 'n'))
4373 p = &mean;
4374 else if (tag == MKTAG('n', 'a', 'm', 'e'))
4375 p = &key;
4376 else if (tag == MKTAG('d', 'a', 't', 'a') && len > 4) {
4377 avio_skip(pb, 4);
4378 len -= 4;
4379 p = &val;
4380 } else
4381 break;
4382
4383 *p = av_malloc(len + 1);
4384 if (!*p) {
4385 ret = AVERROR(ENOMEM);
4386 break;
4387 }
4388 ret = ffio_read_size(pb, *p, len);
4389 if (ret < 0) {
4390 av_freep(p);
4391 break;
4392 }
4393 (*p)[len] = 0;
4394 }
4395
4396 if (mean && key && val) {
4397 if (strcmp(key, "iTunSMPB") == 0) {
4398 int priming, remainder, samples;
4399 if(sscanf(val, "%*X %X %X %X", &priming, &remainder, &samples) == 3){
4400 if(priming>0 && priming<16384)
4401 sc->start_pad = priming;
4402 }
4403 }
4404 if (strcmp(key, "cdec") != 0) {
4405 av_dict_set(&c->fc->metadata, key, val,
4406 AV_DICT_DONT_STRDUP_KEY | AV_DICT_DONT_STRDUP_VAL);
4407 key = val = NULL;
4408 }
4409 } else {
4410 av_log(c->fc, AV_LOG_VERBOSE,
4411 "Unhandled or malformed custom metadata of size %"PRId64"\n", atom.size);
4412 }
4413
4414 avio_seek(pb, end, SEEK_SET);
4415 av_freep(&key);
4416 av_freep(&val);
4417 av_freep(&mean);
4418 return ret;
4419 }
4420
mov_read_meta(MOVContext * c,AVIOContext * pb,MOVAtom atom)4421 static int mov_read_meta(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4422 {
4423 while (atom.size > 8) {
4424 uint32_t tag = avio_rl32(pb);
4425 atom.size -= 4;
4426 if (tag == MKTAG('h','d','l','r')) {
4427 avio_seek(pb, -8, SEEK_CUR);
4428 atom.size += 8;
4429 return mov_read_default(c, pb, atom);
4430 }
4431 }
4432 return 0;
4433 }
4434
4435 // return 1 when matrix is identity, 0 otherwise
4436 #define IS_MATRIX_IDENT(matrix) \
4437 ( (matrix)[0][0] == (1 << 16) && \
4438 (matrix)[1][1] == (1 << 16) && \
4439 (matrix)[2][2] == (1 << 30) && \
4440 !(matrix)[0][1] && !(matrix)[0][2] && \
4441 !(matrix)[1][0] && !(matrix)[1][2] && \
4442 !(matrix)[2][0] && !(matrix)[2][1])
4443
mov_read_tkhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)4444 static int mov_read_tkhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4445 {
4446 int i, j, e;
4447 int width;
4448 int height;
4449 int display_matrix[3][3];
4450 int res_display_matrix[3][3] = { { 0 } };
4451 AVStream *st;
4452 MOVStreamContext *sc;
4453 int version;
4454 int flags;
4455
4456 if (c->fc->nb_streams < 1)
4457 return 0;
4458 st = c->fc->streams[c->fc->nb_streams-1];
4459 sc = st->priv_data;
4460
4461 // Each stream (trak) should have exactly 1 tkhd. This catches bad files and
4462 // avoids corrupting AVStreams mapped to an earlier tkhd.
4463 if (st->id != -1)
4464 return AVERROR_INVALIDDATA;
4465
4466 version = avio_r8(pb);
4467 flags = avio_rb24(pb);
4468 st->disposition |= (flags & MOV_TKHD_FLAG_ENABLED) ? AV_DISPOSITION_DEFAULT : 0;
4469
4470 if (version == 1) {
4471 avio_rb64(pb);
4472 avio_rb64(pb);
4473 } else {
4474 avio_rb32(pb); /* creation time */
4475 avio_rb32(pb); /* modification time */
4476 }
4477 st->id = (int)avio_rb32(pb); /* track id (NOT 0 !)*/
4478 avio_rb32(pb); /* reserved */
4479
4480 /* highlevel (considering edits) duration in movie timebase */
4481 (version == 1) ? avio_rb64(pb) : avio_rb32(pb);
4482 avio_rb32(pb); /* reserved */
4483 avio_rb32(pb); /* reserved */
4484
4485 avio_rb16(pb); /* layer */
4486 avio_rb16(pb); /* alternate group */
4487 avio_rb16(pb); /* volume */
4488 avio_rb16(pb); /* reserved */
4489
4490 //read in the display matrix (outlined in ISO 14496-12, Section 6.2.2)
4491 // they're kept in fixed point format through all calculations
4492 // save u,v,z to store the whole matrix in the AV_PKT_DATA_DISPLAYMATRIX
4493 // side data, but the scale factor is not needed to calculate aspect ratio
4494 for (i = 0; i < 3; i++) {
4495 display_matrix[i][0] = avio_rb32(pb); // 16.16 fixed point
4496 display_matrix[i][1] = avio_rb32(pb); // 16.16 fixed point
4497 display_matrix[i][2] = avio_rb32(pb); // 2.30 fixed point
4498 }
4499
4500 width = avio_rb32(pb); // 16.16 fixed point track width
4501 height = avio_rb32(pb); // 16.16 fixed point track height
4502 sc->width = width >> 16;
4503 sc->height = height >> 16;
4504
4505 // apply the moov display matrix (after the tkhd one)
4506 for (i = 0; i < 3; i++) {
4507 const int sh[3] = { 16, 16, 30 };
4508 for (j = 0; j < 3; j++) {
4509 for (e = 0; e < 3; e++) {
4510 res_display_matrix[i][j] +=
4511 ((int64_t) display_matrix[i][e] *
4512 c->movie_display_matrix[e][j]) >> sh[e];
4513 }
4514 }
4515 }
4516
4517 // save the matrix when it is not the default identity
4518 if (!IS_MATRIX_IDENT(res_display_matrix)) {
4519 double rotate;
4520
4521 av_freep(&sc->display_matrix);
4522 sc->display_matrix = av_malloc(sizeof(int32_t) * 9);
4523 if (!sc->display_matrix)
4524 return AVERROR(ENOMEM);
4525
4526 for (i = 0; i < 3; i++)
4527 for (j = 0; j < 3; j++)
4528 sc->display_matrix[i * 3 + j] = res_display_matrix[i][j];
4529
4530 #if FF_API_OLD_ROTATE_API
4531 rotate = av_display_rotation_get(sc->display_matrix);
4532 if (!isnan(rotate)) {
4533 char rotate_buf[64];
4534 rotate = -rotate;
4535 if (rotate < 0) // for backward compatibility
4536 rotate += 360;
4537 snprintf(rotate_buf, sizeof(rotate_buf), "%g", rotate);
4538 av_dict_set(&st->metadata, "rotate", rotate_buf, 0);
4539 }
4540 #endif
4541 }
4542
4543 // transform the display width/height according to the matrix
4544 // to keep the same scale, use [width height 1<<16]
4545 if (width && height && sc->display_matrix) {
4546 double disp_transform[2];
4547
4548 for (i = 0; i < 2; i++)
4549 disp_transform[i] = hypot(sc->display_matrix[0 + i],
4550 sc->display_matrix[3 + i]);
4551
4552 if (disp_transform[0] > 0 && disp_transform[1] > 0 &&
4553 disp_transform[0] < (1<<24) && disp_transform[1] < (1<<24) &&
4554 fabs((disp_transform[0] / disp_transform[1]) - 1.0) > 0.01)
4555 st->sample_aspect_ratio = av_d2q(
4556 disp_transform[0] / disp_transform[1],
4557 INT_MAX);
4558 }
4559 return 0;
4560 }
4561
mov_read_tfhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)4562 static int mov_read_tfhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4563 {
4564 MOVFragment *frag = &c->fragment;
4565 MOVTrackExt *trex = NULL;
4566 int flags, track_id, i;
4567
4568 c->fragment.found_tfhd = 1;
4569
4570 avio_r8(pb); /* version */
4571 flags = avio_rb24(pb);
4572
4573 track_id = avio_rb32(pb);
4574 if (!track_id)
4575 return AVERROR_INVALIDDATA;
4576 frag->track_id = track_id;
4577 set_frag_stream(&c->frag_index, track_id);
4578 for (i = 0; i < c->trex_count; i++)
4579 if (c->trex_data[i].track_id == frag->track_id) {
4580 trex = &c->trex_data[i];
4581 break;
4582 }
4583 if (!trex) {
4584 av_log(c->fc, AV_LOG_ERROR, "could not find corresponding trex\n");
4585 return AVERROR_INVALIDDATA;
4586 }
4587
4588 frag->base_data_offset = flags & MOV_TFHD_BASE_DATA_OFFSET ?
4589 avio_rb64(pb) : flags & MOV_TFHD_DEFAULT_BASE_IS_MOOF ?
4590 frag->moof_offset : frag->implicit_offset;
4591 frag->stsd_id = flags & MOV_TFHD_STSD_ID ? avio_rb32(pb) : trex->stsd_id;
4592
4593 frag->duration = flags & MOV_TFHD_DEFAULT_DURATION ?
4594 avio_rb32(pb) : trex->duration;
4595 frag->size = flags & MOV_TFHD_DEFAULT_SIZE ?
4596 avio_rb32(pb) : trex->size;
4597 frag->flags = flags & MOV_TFHD_DEFAULT_FLAGS ?
4598 avio_rb32(pb) : trex->flags;
4599 av_log(c->fc, AV_LOG_TRACE, "frag flags 0x%x\n", frag->flags);
4600
4601 return 0;
4602 }
4603
mov_read_chap(MOVContext * c,AVIOContext * pb,MOVAtom atom)4604 static int mov_read_chap(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4605 {
4606 unsigned i, num;
4607 void *new_tracks;
4608
4609 num = atom.size / 4;
4610 if (!(new_tracks = av_malloc_array(num, sizeof(int))))
4611 return AVERROR(ENOMEM);
4612
4613 av_free(c->chapter_tracks);
4614 c->chapter_tracks = new_tracks;
4615 c->nb_chapter_tracks = num;
4616
4617 for (i = 0; i < num && !pb->eof_reached; i++)
4618 c->chapter_tracks[i] = avio_rb32(pb);
4619
4620 return 0;
4621 }
4622
mov_read_trex(MOVContext * c,AVIOContext * pb,MOVAtom atom)4623 static int mov_read_trex(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4624 {
4625 MOVTrackExt *trex;
4626 int err;
4627
4628 if ((uint64_t)c->trex_count+1 >= UINT_MAX / sizeof(*c->trex_data))
4629 return AVERROR_INVALIDDATA;
4630 if ((err = av_reallocp_array(&c->trex_data, c->trex_count + 1,
4631 sizeof(*c->trex_data))) < 0) {
4632 c->trex_count = 0;
4633 return err;
4634 }
4635
4636 c->fc->duration = AV_NOPTS_VALUE; // the duration from mvhd is not representing the whole file when fragments are used.
4637
4638 trex = &c->trex_data[c->trex_count++];
4639 avio_r8(pb); /* version */
4640 avio_rb24(pb); /* flags */
4641 trex->track_id = avio_rb32(pb);
4642 trex->stsd_id = avio_rb32(pb);
4643 trex->duration = avio_rb32(pb);
4644 trex->size = avio_rb32(pb);
4645 trex->flags = avio_rb32(pb);
4646 return 0;
4647 }
4648
mov_read_tfdt(MOVContext * c,AVIOContext * pb,MOVAtom atom)4649 static int mov_read_tfdt(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4650 {
4651 MOVFragment *frag = &c->fragment;
4652 AVStream *st = NULL;
4653 MOVStreamContext *sc;
4654 int version, i;
4655 MOVFragmentStreamInfo * frag_stream_info;
4656 int64_t base_media_decode_time;
4657
4658 for (i = 0; i < c->fc->nb_streams; i++) {
4659 if (c->fc->streams[i]->id == frag->track_id) {
4660 st = c->fc->streams[i];
4661 break;
4662 }
4663 }
4664 if (!st) {
4665 av_log(c->fc, AV_LOG_ERROR, "could not find corresponding track id %u\n", frag->track_id);
4666 return AVERROR_INVALIDDATA;
4667 }
4668 sc = st->priv_data;
4669 if (sc->pseudo_stream_id + 1 != frag->stsd_id && sc->pseudo_stream_id != -1)
4670 return 0;
4671 version = avio_r8(pb);
4672 avio_rb24(pb); /* flags */
4673 if (version) {
4674 base_media_decode_time = avio_rb64(pb);
4675 } else {
4676 base_media_decode_time = avio_rb32(pb);
4677 }
4678
4679 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
4680 if (frag_stream_info)
4681 frag_stream_info->tfdt_dts = base_media_decode_time;
4682 sc->track_end = base_media_decode_time;
4683
4684 return 0;
4685 }
4686
mov_read_trun(MOVContext * c,AVIOContext * pb,MOVAtom atom)4687 static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4688 {
4689 MOVFragment *frag = &c->fragment;
4690 AVStream *st = NULL;
4691 MOVStreamContext *sc;
4692 MOVStts *ctts_data;
4693 uint64_t offset;
4694 int64_t dts, pts = AV_NOPTS_VALUE;
4695 int data_offset = 0;
4696 unsigned entries, first_sample_flags = frag->flags;
4697 int flags, distance, i;
4698 int64_t prev_dts = AV_NOPTS_VALUE;
4699 int next_frag_index = -1, index_entry_pos;
4700 size_t requested_size;
4701 size_t old_ctts_allocated_size;
4702 AVIndexEntry *new_entries;
4703 MOVFragmentStreamInfo * frag_stream_info;
4704
4705 if (!frag->found_tfhd) {
4706 av_log(c->fc, AV_LOG_ERROR, "trun track id unknown, no tfhd was found\n");
4707 return AVERROR_INVALIDDATA;
4708 }
4709
4710 for (i = 0; i < c->fc->nb_streams; i++) {
4711 if (c->fc->streams[i]->id == frag->track_id) {
4712 st = c->fc->streams[i];
4713 break;
4714 }
4715 }
4716 if (!st) {
4717 av_log(c->fc, AV_LOG_ERROR, "could not find corresponding track id %u\n", frag->track_id);
4718 return AVERROR_INVALIDDATA;
4719 }
4720 sc = st->priv_data;
4721 if (sc->pseudo_stream_id+1 != frag->stsd_id && sc->pseudo_stream_id != -1)
4722 return 0;
4723
4724 // Find the next frag_index index that has a valid index_entry for
4725 // the current track_id.
4726 //
4727 // A valid index_entry means the trun for the fragment was read
4728 // and it's samples are in index_entries at the given position.
4729 // New index entries will be inserted before the index_entry found.
4730 index_entry_pos = st->nb_index_entries;
4731 for (i = c->frag_index.current + 1; i < c->frag_index.nb_items; i++) {
4732 frag_stream_info = get_frag_stream_info(&c->frag_index, i, frag->track_id);
4733 if (frag_stream_info && frag_stream_info->index_entry >= 0) {
4734 next_frag_index = i;
4735 index_entry_pos = frag_stream_info->index_entry;
4736 break;
4737 }
4738 }
4739 av_assert0(index_entry_pos <= st->nb_index_entries);
4740
4741 avio_r8(pb); /* version */
4742 flags = avio_rb24(pb);
4743 entries = avio_rb32(pb);
4744 av_log(c->fc, AV_LOG_TRACE, "flags 0x%x entries %u\n", flags, entries);
4745
4746 if ((uint64_t)entries+sc->ctts_count >= UINT_MAX/sizeof(*sc->ctts_data))
4747 return AVERROR_INVALIDDATA;
4748 if (flags & MOV_TRUN_DATA_OFFSET) data_offset = avio_rb32(pb);
4749 if (flags & MOV_TRUN_FIRST_SAMPLE_FLAGS) first_sample_flags = avio_rb32(pb);
4750
4751 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
4752 if (frag_stream_info)
4753 {
4754 if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE &&
4755 c->use_mfra_for == FF_MOV_FLAG_MFRA_PTS) {
4756 pts = frag_stream_info->first_tfra_pts;
4757 av_log(c->fc, AV_LOG_DEBUG, "found mfra time %"PRId64
4758 ", using it for pts\n", pts);
4759 } else if (frag_stream_info->sidx_pts != AV_NOPTS_VALUE) {
4760 // FIXME: sidx earliest_presentation_time is *PTS*, s.b.
4761 // pts = frag_stream_info->sidx_pts;
4762 dts = frag_stream_info->sidx_pts - sc->time_offset;
4763 av_log(c->fc, AV_LOG_DEBUG, "found sidx time %"PRId64
4764 ", using it for pts\n", pts);
4765 } else if (frag_stream_info->tfdt_dts != AV_NOPTS_VALUE) {
4766 dts = frag_stream_info->tfdt_dts - sc->time_offset;
4767 av_log(c->fc, AV_LOG_DEBUG, "found tfdt time %"PRId64
4768 ", using it for dts\n", dts);
4769 } else {
4770 dts = sc->track_end - sc->time_offset;
4771 av_log(c->fc, AV_LOG_DEBUG, "found track end time %"PRId64
4772 ", using it for dts\n", dts);
4773 }
4774 } else {
4775 dts = sc->track_end - sc->time_offset;
4776 av_log(c->fc, AV_LOG_DEBUG, "found track end time %"PRId64
4777 ", using it for dts\n", dts);
4778 }
4779 offset = frag->base_data_offset + data_offset;
4780 distance = 0;
4781 av_log(c->fc, AV_LOG_TRACE, "first sample flags 0x%x\n", first_sample_flags);
4782
4783 // realloc space for new index entries
4784 if((uint64_t)st->nb_index_entries + entries >= UINT_MAX / sizeof(AVIndexEntry)) {
4785 entries = UINT_MAX / sizeof(AVIndexEntry) - st->nb_index_entries;
4786 av_log(c->fc, AV_LOG_ERROR, "Failed to add index entry\n");
4787 }
4788 if (entries <= 0)
4789 return -1;
4790
4791 requested_size = (st->nb_index_entries + entries) * sizeof(AVIndexEntry);
4792 new_entries = av_fast_realloc(st->index_entries,
4793 &st->index_entries_allocated_size,
4794 requested_size);
4795 if(!new_entries)
4796 return AVERROR(ENOMEM);
4797 st->index_entries= new_entries;
4798
4799 requested_size = (st->nb_index_entries + entries) * sizeof(*sc->ctts_data);
4800 old_ctts_allocated_size = sc->ctts_allocated_size;
4801 ctts_data = av_fast_realloc(sc->ctts_data, &sc->ctts_allocated_size,
4802 requested_size);
4803 if (!ctts_data)
4804 return AVERROR(ENOMEM);
4805 sc->ctts_data = ctts_data;
4806
4807 // In case there were samples without ctts entries, ensure they get
4808 // zero valued entries. This ensures clips which mix boxes with and
4809 // without ctts entries don't pickup uninitialized data.
4810 memset((uint8_t*)(sc->ctts_data) + old_ctts_allocated_size, 0,
4811 sc->ctts_allocated_size - old_ctts_allocated_size);
4812
4813 if (index_entry_pos < st->nb_index_entries) {
4814 // Make hole in index_entries and ctts_data for new samples
4815 memmove(st->index_entries + index_entry_pos + entries,
4816 st->index_entries + index_entry_pos,
4817 sizeof(*st->index_entries) *
4818 (st->nb_index_entries - index_entry_pos));
4819 memmove(sc->ctts_data + index_entry_pos + entries,
4820 sc->ctts_data + index_entry_pos,
4821 sizeof(*sc->ctts_data) * (sc->ctts_count - index_entry_pos));
4822 if (index_entry_pos < sc->current_sample) {
4823 sc->current_sample += entries;
4824 }
4825 }
4826
4827 st->nb_index_entries += entries;
4828 sc->ctts_count = st->nb_index_entries;
4829
4830 // Record the index_entry position in frag_index of this fragment
4831 if (frag_stream_info)
4832 frag_stream_info->index_entry = index_entry_pos;
4833
4834 if (index_entry_pos > 0)
4835 prev_dts = st->index_entries[index_entry_pos-1].timestamp;
4836
4837 for (i = 0; i < entries && !pb->eof_reached; i++) {
4838 unsigned sample_size = frag->size;
4839 int sample_flags = i ? frag->flags : first_sample_flags;
4840 unsigned sample_duration = frag->duration;
4841 unsigned ctts_duration = 0;
4842 int keyframe = 0;
4843 int index_entry_flags = 0;
4844
4845 if (flags & MOV_TRUN_SAMPLE_DURATION) sample_duration = avio_rb32(pb);
4846 if (flags & MOV_TRUN_SAMPLE_SIZE) sample_size = avio_rb32(pb);
4847 if (flags & MOV_TRUN_SAMPLE_FLAGS) sample_flags = avio_rb32(pb);
4848 if (flags & MOV_TRUN_SAMPLE_CTS) ctts_duration = avio_rb32(pb);
4849
4850 mov_update_dts_shift(sc, ctts_duration);
4851 if (pts != AV_NOPTS_VALUE) {
4852 dts = pts - sc->dts_shift;
4853 if (flags & MOV_TRUN_SAMPLE_CTS) {
4854 dts -= ctts_duration;
4855 } else {
4856 dts -= sc->time_offset;
4857 }
4858 av_log(c->fc, AV_LOG_DEBUG,
4859 "pts %"PRId64" calculated dts %"PRId64
4860 " sc->dts_shift %d ctts.duration %d"
4861 " sc->time_offset %"PRId64
4862 " flags & MOV_TRUN_SAMPLE_CTS %d\n",
4863 pts, dts,
4864 sc->dts_shift, ctts_duration,
4865 sc->time_offset, flags & MOV_TRUN_SAMPLE_CTS);
4866 pts = AV_NOPTS_VALUE;
4867 }
4868
4869 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO)
4870 keyframe = 1;
4871 else
4872 keyframe =
4873 !(sample_flags & (MOV_FRAG_SAMPLE_FLAG_IS_NON_SYNC |
4874 MOV_FRAG_SAMPLE_FLAG_DEPENDS_YES));
4875 if (keyframe) {
4876 distance = 0;
4877 index_entry_flags |= AVINDEX_KEYFRAME;
4878 }
4879 // Fragments can overlap in time. Discard overlapping frames after
4880 // decoding.
4881 if (prev_dts >= dts)
4882 index_entry_flags |= AVINDEX_DISCARD_FRAME;
4883
4884 st->index_entries[index_entry_pos].pos = offset;
4885 st->index_entries[index_entry_pos].timestamp = dts;
4886 st->index_entries[index_entry_pos].size= sample_size;
4887 st->index_entries[index_entry_pos].min_distance= distance;
4888 st->index_entries[index_entry_pos].flags = index_entry_flags;
4889
4890 sc->ctts_data[index_entry_pos].count = 1;
4891 sc->ctts_data[index_entry_pos].duration = ctts_duration;
4892 index_entry_pos++;
4893
4894 av_log(c->fc, AV_LOG_TRACE, "AVIndex stream %d, sample %d, offset %"PRIx64", dts %"PRId64", "
4895 "size %u, distance %d, keyframe %d\n", st->index,
4896 index_entry_pos, offset, dts, sample_size, distance, keyframe);
4897 distance++;
4898 dts += sample_duration;
4899 offset += sample_size;
4900 sc->data_size += sample_size;
4901
4902 if (sample_duration <= INT64_MAX - sc->duration_for_fps &&
4903 1 <= INT64_MAX - sc->nb_frames_for_fps
4904 ) {
4905 sc->duration_for_fps += sample_duration;
4906 sc->nb_frames_for_fps ++;
4907 }
4908 }
4909 if (i < entries) {
4910 // EOF found before reading all entries. Fix the hole this would
4911 // leave in index_entries and ctts_data
4912 int gap = entries - i;
4913 memmove(st->index_entries + index_entry_pos,
4914 st->index_entries + index_entry_pos + gap,
4915 sizeof(*st->index_entries) *
4916 (st->nb_index_entries - (index_entry_pos + gap)));
4917 memmove(sc->ctts_data + index_entry_pos,
4918 sc->ctts_data + index_entry_pos + gap,
4919 sizeof(*sc->ctts_data) *
4920 (sc->ctts_count - (index_entry_pos + gap)));
4921
4922 st->nb_index_entries -= gap;
4923 sc->ctts_count -= gap;
4924 if (index_entry_pos < sc->current_sample) {
4925 sc->current_sample -= gap;
4926 }
4927 entries = i;
4928 }
4929
4930 // The end of this new fragment may overlap in time with the start
4931 // of the next fragment in index_entries. Mark the samples in the next
4932 // fragment that overlap with AVINDEX_DISCARD_FRAME
4933 prev_dts = AV_NOPTS_VALUE;
4934 if (index_entry_pos > 0)
4935 prev_dts = st->index_entries[index_entry_pos-1].timestamp;
4936 for (i = index_entry_pos; i < st->nb_index_entries; i++) {
4937 if (prev_dts < st->index_entries[i].timestamp)
4938 break;
4939 st->index_entries[i].flags |= AVINDEX_DISCARD_FRAME;
4940 }
4941
4942 // If a hole was created to insert the new index_entries into,
4943 // the index_entry recorded for all subsequent moof must
4944 // be incremented by the number of entries inserted.
4945 fix_frag_index_entries(&c->frag_index, next_frag_index,
4946 frag->track_id, entries);
4947
4948 if (pb->eof_reached) {
4949 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted TRUN atom\n");
4950 return AVERROR_EOF;
4951 }
4952
4953 frag->implicit_offset = offset;
4954
4955 sc->track_end = dts + sc->time_offset;
4956 if (st->duration < sc->track_end)
4957 st->duration = sc->track_end;
4958
4959 return 0;
4960 }
4961
mov_read_sidx(MOVContext * c,AVIOContext * pb,MOVAtom atom)4962 static int mov_read_sidx(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4963 {
4964 int64_t offset = avio_tell(pb) + atom.size, pts, timestamp;
4965 uint8_t version;
4966 unsigned i, j, track_id, item_count;
4967 AVStream *st = NULL;
4968 AVStream *ref_st = NULL;
4969 MOVStreamContext *sc, *ref_sc = NULL;
4970 AVRational timescale;
4971
4972 version = avio_r8(pb);
4973 if (version > 1) {
4974 avpriv_request_sample(c->fc, "sidx version %u", version);
4975 return 0;
4976 }
4977
4978 avio_rb24(pb); // flags
4979
4980 track_id = avio_rb32(pb); // Reference ID
4981 for (i = 0; i < c->fc->nb_streams; i++) {
4982 if (c->fc->streams[i]->id == track_id) {
4983 st = c->fc->streams[i];
4984 break;
4985 }
4986 }
4987 if (!st) {
4988 av_log(c->fc, AV_LOG_WARNING, "could not find corresponding track id %d\n", track_id);
4989 return 0;
4990 }
4991
4992 sc = st->priv_data;
4993
4994 timescale = av_make_q(1, avio_rb32(pb));
4995
4996 if (timescale.den <= 0) {
4997 av_log(c->fc, AV_LOG_ERROR, "Invalid sidx timescale 1/%d\n", timescale.den);
4998 return AVERROR_INVALIDDATA;
4999 }
5000
5001 if (version == 0) {
5002 pts = avio_rb32(pb);
5003 offset += avio_rb32(pb);
5004 } else {
5005 pts = avio_rb64(pb);
5006 offset += avio_rb64(pb);
5007 }
5008
5009 avio_rb16(pb); // reserved
5010
5011 item_count = avio_rb16(pb);
5012
5013 for (i = 0; i < item_count; i++) {
5014 int index;
5015 MOVFragmentStreamInfo * frag_stream_info;
5016 uint32_t size = avio_rb32(pb);
5017 uint32_t duration = avio_rb32(pb);
5018 if (size & 0x80000000) {
5019 avpriv_request_sample(c->fc, "sidx reference_type 1");
5020 return AVERROR_PATCHWELCOME;
5021 }
5022 avio_rb32(pb); // sap_flags
5023 timestamp = av_rescale_q(pts, st->time_base, timescale);
5024
5025 index = update_frag_index(c, offset);
5026 frag_stream_info = get_frag_stream_info(&c->frag_index, index, track_id);
5027 if (frag_stream_info)
5028 frag_stream_info->sidx_pts = timestamp;
5029
5030 offset += size;
5031 pts += duration;
5032 }
5033
5034 st->duration = sc->track_end = pts;
5035
5036 sc->has_sidx = 1;
5037
5038 if (offset == avio_size(pb)) {
5039 // Find first entry in fragment index that came from an sidx.
5040 // This will pretty much always be the first entry.
5041 for (i = 0; i < c->frag_index.nb_items; i++) {
5042 MOVFragmentIndexItem * item = &c->frag_index.item[i];
5043 for (j = 0; ref_st == NULL && j < item->nb_stream_info; j++) {
5044 MOVFragmentStreamInfo * si;
5045 si = &item->stream_info[j];
5046 if (si->sidx_pts != AV_NOPTS_VALUE) {
5047 ref_st = c->fc->streams[j];
5048 ref_sc = ref_st->priv_data;
5049 break;
5050 }
5051 }
5052 }
5053 if (ref_st) for (i = 0; i < c->fc->nb_streams; i++) {
5054 st = c->fc->streams[i];
5055 sc = st->priv_data;
5056 if (!sc->has_sidx) {
5057 st->duration = sc->track_end = av_rescale(ref_st->duration, sc->time_scale, ref_sc->time_scale);
5058 }
5059 }
5060
5061 c->frag_index.complete = 1;
5062 }
5063
5064 return 0;
5065 }
5066
5067 /* this atom should be null (from specs), but some buggy files put the 'moov' atom inside it... */
5068 /* like the files created with Adobe Premiere 5.0, for samples see */
5069 /* http://graphics.tudelft.nl/~wouter/publications/soundtests/ */
mov_read_wide(MOVContext * c,AVIOContext * pb,MOVAtom atom)5070 static int mov_read_wide(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5071 {
5072 int err;
5073
5074 if (atom.size < 8)
5075 return 0; /* continue */
5076 if (avio_rb32(pb) != 0) { /* 0 sized mdat atom... use the 'wide' atom size */
5077 avio_skip(pb, atom.size - 4);
5078 return 0;
5079 }
5080 atom.type = avio_rl32(pb);
5081 atom.size -= 8;
5082 if (atom.type != MKTAG('m','d','a','t')) {
5083 avio_skip(pb, atom.size);
5084 return 0;
5085 }
5086 err = mov_read_mdat(c, pb, atom);
5087 return err;
5088 }
5089
mov_read_cmov(MOVContext * c,AVIOContext * pb,MOVAtom atom)5090 static int mov_read_cmov(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5091 {
5092 #if CONFIG_ZLIB
5093 AVIOContext ctx;
5094 uint8_t *cmov_data;
5095 uint8_t *moov_data; /* uncompressed data */
5096 long cmov_len, moov_len;
5097 int ret = -1;
5098
5099 avio_rb32(pb); /* dcom atom */
5100 if (avio_rl32(pb) != MKTAG('d','c','o','m'))
5101 return AVERROR_INVALIDDATA;
5102 if (avio_rl32(pb) != MKTAG('z','l','i','b')) {
5103 av_log(c->fc, AV_LOG_ERROR, "unknown compression for cmov atom !\n");
5104 return AVERROR_INVALIDDATA;
5105 }
5106 avio_rb32(pb); /* cmvd atom */
5107 if (avio_rl32(pb) != MKTAG('c','m','v','d'))
5108 return AVERROR_INVALIDDATA;
5109 moov_len = avio_rb32(pb); /* uncompressed size */
5110 cmov_len = atom.size - 6 * 4;
5111
5112 cmov_data = av_malloc(cmov_len);
5113 if (!cmov_data)
5114 return AVERROR(ENOMEM);
5115 moov_data = av_malloc(moov_len);
5116 if (!moov_data) {
5117 av_free(cmov_data);
5118 return AVERROR(ENOMEM);
5119 }
5120 ret = ffio_read_size(pb, cmov_data, cmov_len);
5121 if (ret < 0)
5122 goto free_and_return;
5123
5124 ret = AVERROR_INVALIDDATA;
5125 if (uncompress (moov_data, (uLongf *) &moov_len, (const Bytef *)cmov_data, cmov_len) != Z_OK)
5126 goto free_and_return;
5127 if (ffio_init_context(&ctx, moov_data, moov_len, 0, NULL, NULL, NULL, NULL) != 0)
5128 goto free_and_return;
5129 ctx.seekable = AVIO_SEEKABLE_NORMAL;
5130 atom.type = MKTAG('m','o','o','v');
5131 atom.size = moov_len;
5132 ret = mov_read_default(c, &ctx, atom);
5133 free_and_return:
5134 av_free(moov_data);
5135 av_free(cmov_data);
5136 return ret;
5137 #else
5138 av_log(c->fc, AV_LOG_ERROR, "this file requires zlib support compiled in\n");
5139 return AVERROR(ENOSYS);
5140 #endif
5141 }
5142
5143 /* edit list atom */
mov_read_elst(MOVContext * c,AVIOContext * pb,MOVAtom atom)5144 static int mov_read_elst(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5145 {
5146 MOVStreamContext *sc;
5147 int i, edit_count, version;
5148 int64_t elst_entry_size;
5149
5150 if (c->fc->nb_streams < 1 || c->ignore_editlist)
5151 return 0;
5152 sc = c->fc->streams[c->fc->nb_streams-1]->priv_data;
5153
5154 version = avio_r8(pb); /* version */
5155 avio_rb24(pb); /* flags */
5156 edit_count = avio_rb32(pb); /* entries */
5157 atom.size -= 8;
5158
5159 elst_entry_size = version == 1 ? 20 : 12;
5160 if (atom.size != edit_count * elst_entry_size) {
5161 if (c->fc->strict_std_compliance >= FF_COMPLIANCE_STRICT) {
5162 av_log(c->fc, AV_LOG_ERROR, "Invalid edit list entry_count: %d for elst atom of size: %"PRId64" bytes.\n",
5163 edit_count, atom.size + 8);
5164 return AVERROR_INVALIDDATA;
5165 } else {
5166 edit_count = atom.size / elst_entry_size;
5167 if (edit_count * elst_entry_size != atom.size) {
5168 av_log(c->fc, AV_LOG_WARNING, "ELST atom of %"PRId64" bytes, bigger than %d entries.", atom.size, edit_count);
5169 }
5170 }
5171 }
5172
5173 if (!edit_count)
5174 return 0;
5175 if (sc->elst_data)
5176 av_log(c->fc, AV_LOG_WARNING, "Duplicated ELST atom\n");
5177 av_free(sc->elst_data);
5178 sc->elst_count = 0;
5179 sc->elst_data = av_malloc_array(edit_count, sizeof(*sc->elst_data));
5180 if (!sc->elst_data)
5181 return AVERROR(ENOMEM);
5182
5183 av_log(c->fc, AV_LOG_TRACE, "track[%u].edit_count = %i\n", c->fc->nb_streams - 1, edit_count);
5184 for (i = 0; i < edit_count && atom.size > 0 && !pb->eof_reached; i++) {
5185 MOVElst *e = &sc->elst_data[i];
5186
5187 if (version == 1) {
5188 e->duration = avio_rb64(pb);
5189 e->time = avio_rb64(pb);
5190 atom.size -= 16;
5191 } else {
5192 e->duration = avio_rb32(pb); /* segment duration */
5193 e->time = (int32_t)avio_rb32(pb); /* media time */
5194 atom.size -= 8;
5195 }
5196 e->rate = avio_rb32(pb) / 65536.0;
5197 atom.size -= 4;
5198 av_log(c->fc, AV_LOG_TRACE, "duration=%"PRId64" time=%"PRId64" rate=%f\n",
5199 e->duration, e->time, e->rate);
5200
5201 if (e->time < 0 && e->time != -1 &&
5202 c->fc->strict_std_compliance >= FF_COMPLIANCE_STRICT) {
5203 av_log(c->fc, AV_LOG_ERROR, "Track %d, edit %d: Invalid edit list media time=%"PRId64"\n",
5204 c->fc->nb_streams-1, i, e->time);
5205 return AVERROR_INVALIDDATA;
5206 }
5207 }
5208 sc->elst_count = i;
5209
5210 return 0;
5211 }
5212
mov_read_tmcd(MOVContext * c,AVIOContext * pb,MOVAtom atom)5213 static int mov_read_tmcd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5214 {
5215 MOVStreamContext *sc;
5216
5217 if (c->fc->nb_streams < 1)
5218 return AVERROR_INVALIDDATA;
5219 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5220 sc->timecode_track = avio_rb32(pb);
5221 return 0;
5222 }
5223
mov_read_av1c(MOVContext * c,AVIOContext * pb,MOVAtom atom)5224 static int mov_read_av1c(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5225 {
5226 AVStream *st;
5227 int ret;
5228
5229 if (c->fc->nb_streams < 1)
5230 return 0;
5231 st = c->fc->streams[c->fc->nb_streams - 1];
5232
5233 if (atom.size < 4) {
5234 av_log(c->fc, AV_LOG_ERROR, "Empty AV1 Codec Configuration Box\n");
5235 return AVERROR_INVALIDDATA;
5236 }
5237
5238 /* For now, propagate only the OBUs, if any. Once libavcodec is
5239 updated to handle isobmff style extradata this can be removed. */
5240 avio_skip(pb, 4);
5241
5242 if (atom.size == 4)
5243 return 0;
5244
5245 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size - 4);
5246 if (ret < 0)
5247 return ret;
5248
5249 return 0;
5250 }
5251
mov_read_vpcc(MOVContext * c,AVIOContext * pb,MOVAtom atom)5252 static int mov_read_vpcc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5253 {
5254 AVStream *st;
5255 int version, color_range, color_primaries, color_trc, color_space;
5256
5257 if (c->fc->nb_streams < 1)
5258 return 0;
5259 st = c->fc->streams[c->fc->nb_streams - 1];
5260
5261 if (atom.size < 5) {
5262 av_log(c->fc, AV_LOG_ERROR, "Empty VP Codec Configuration box\n");
5263 return AVERROR_INVALIDDATA;
5264 }
5265
5266 version = avio_r8(pb);
5267 if (version != 1) {
5268 av_log(c->fc, AV_LOG_WARNING, "Unsupported VP Codec Configuration box version %d\n", version);
5269 return 0;
5270 }
5271 avio_skip(pb, 3); /* flags */
5272
5273 avio_skip(pb, 2); /* profile + level */
5274 color_range = avio_r8(pb); /* bitDepth, chromaSubsampling, videoFullRangeFlag */
5275 color_primaries = avio_r8(pb);
5276 color_trc = avio_r8(pb);
5277 color_space = avio_r8(pb);
5278 if (avio_rb16(pb)) /* codecIntializationDataSize */
5279 return AVERROR_INVALIDDATA;
5280
5281 if (!av_color_primaries_name(color_primaries))
5282 color_primaries = AVCOL_PRI_UNSPECIFIED;
5283 if (!av_color_transfer_name(color_trc))
5284 color_trc = AVCOL_TRC_UNSPECIFIED;
5285 if (!av_color_space_name(color_space))
5286 color_space = AVCOL_SPC_UNSPECIFIED;
5287
5288 st->codecpar->color_range = (color_range & 1) ? AVCOL_RANGE_JPEG : AVCOL_RANGE_MPEG;
5289 st->codecpar->color_primaries = color_primaries;
5290 st->codecpar->color_trc = color_trc;
5291 st->codecpar->color_space = color_space;
5292
5293 return 0;
5294 }
5295
mov_read_smdm(MOVContext * c,AVIOContext * pb,MOVAtom atom)5296 static int mov_read_smdm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5297 {
5298 MOVStreamContext *sc;
5299 const int chroma_den = 50000;
5300 const int luma_den = 10000;
5301 int i, j, version;
5302
5303 if (c->fc->nb_streams < 1)
5304 return AVERROR_INVALIDDATA;
5305
5306 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5307
5308 if (atom.size < 5) {
5309 av_log(c->fc, AV_LOG_ERROR, "Empty Mastering Display Metadata box\n");
5310 return AVERROR_INVALIDDATA;
5311 }
5312
5313 version = avio_r8(pb);
5314 if (version) {
5315 av_log(c->fc, AV_LOG_WARNING, "Unsupported Mastering Display Metadata box version %d\n", version);
5316 return 0;
5317 }
5318 avio_skip(pb, 3); /* flags */
5319
5320 sc->mastering = av_mastering_display_metadata_alloc();
5321 if (!sc->mastering)
5322 return AVERROR(ENOMEM);
5323
5324 for (i = 0; i < 3; i++)
5325 for (j = 0; j < 2; j++)
5326 sc->mastering->display_primaries[i][j] =
5327 av_make_q(lrint(((double)avio_rb16(pb) / (1 << 16)) * chroma_den), chroma_den);
5328 for (i = 0; i < 2; i++)
5329 sc->mastering->white_point[i] =
5330 av_make_q(lrint(((double)avio_rb16(pb) / (1 << 16)) * chroma_den), chroma_den);
5331 sc->mastering->max_luminance =
5332 av_make_q(lrint(((double)avio_rb32(pb) / (1 << 8)) * luma_den), luma_den);
5333 sc->mastering->min_luminance =
5334 av_make_q(lrint(((double)avio_rb32(pb) / (1 << 14)) * luma_den), luma_den);
5335
5336 sc->mastering->has_primaries = 1;
5337 sc->mastering->has_luminance = 1;
5338
5339 return 0;
5340 }
5341
mov_read_mdcv(MOVContext * c,AVIOContext * pb,MOVAtom atom)5342 static int mov_read_mdcv(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5343 {
5344 MOVStreamContext *sc;
5345 const int mapping[3] = {1, 2, 0};
5346 const int chroma_den = 50000;
5347 const int luma_den = 10000;
5348 int i;
5349
5350 if (c->fc->nb_streams < 1)
5351 return AVERROR_INVALIDDATA;
5352
5353 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5354
5355 if (atom.size < 24) {
5356 av_log(c->fc, AV_LOG_ERROR, "Invalid Mastering Display Color Volume box\n");
5357 return AVERROR_INVALIDDATA;
5358 }
5359
5360 sc->mastering = av_mastering_display_metadata_alloc();
5361 if (!sc->mastering)
5362 return AVERROR(ENOMEM);
5363
5364 for (i = 0; i < 3; i++) {
5365 const int j = mapping[i];
5366 sc->mastering->display_primaries[j][0] = av_make_q(avio_rb16(pb), chroma_den);
5367 sc->mastering->display_primaries[j][1] = av_make_q(avio_rb16(pb), chroma_den);
5368 }
5369 sc->mastering->white_point[0] = av_make_q(avio_rb16(pb), chroma_den);
5370 sc->mastering->white_point[1] = av_make_q(avio_rb16(pb), chroma_den);
5371
5372 sc->mastering->max_luminance = av_make_q(avio_rb32(pb), luma_den);
5373 sc->mastering->min_luminance = av_make_q(avio_rb32(pb), luma_den);
5374
5375 sc->mastering->has_luminance = 1;
5376 sc->mastering->has_primaries = 1;
5377
5378 return 0;
5379 }
5380
mov_read_coll(MOVContext * c,AVIOContext * pb,MOVAtom atom)5381 static int mov_read_coll(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5382 {
5383 MOVStreamContext *sc;
5384 int version;
5385
5386 if (c->fc->nb_streams < 1)
5387 return AVERROR_INVALIDDATA;
5388
5389 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5390
5391 if (atom.size < 5) {
5392 av_log(c->fc, AV_LOG_ERROR, "Empty Content Light Level box\n");
5393 return AVERROR_INVALIDDATA;
5394 }
5395
5396 version = avio_r8(pb);
5397 if (version) {
5398 av_log(c->fc, AV_LOG_WARNING, "Unsupported Content Light Level box version %d\n", version);
5399 return 0;
5400 }
5401 avio_skip(pb, 3); /* flags */
5402
5403 sc->coll = av_content_light_metadata_alloc(&sc->coll_size);
5404 if (!sc->coll)
5405 return AVERROR(ENOMEM);
5406
5407 sc->coll->MaxCLL = avio_rb16(pb);
5408 sc->coll->MaxFALL = avio_rb16(pb);
5409
5410 return 0;
5411 }
5412
mov_read_clli(MOVContext * c,AVIOContext * pb,MOVAtom atom)5413 static int mov_read_clli(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5414 {
5415 MOVStreamContext *sc;
5416
5417 if (c->fc->nb_streams < 1)
5418 return AVERROR_INVALIDDATA;
5419
5420 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5421
5422 if (atom.size < 4) {
5423 av_log(c->fc, AV_LOG_ERROR, "Empty Content Light Level Info box\n");
5424 return AVERROR_INVALIDDATA;
5425 }
5426
5427 sc->coll = av_content_light_metadata_alloc(&sc->coll_size);
5428 if (!sc->coll)
5429 return AVERROR(ENOMEM);
5430
5431 sc->coll->MaxCLL = avio_rb16(pb);
5432 sc->coll->MaxFALL = avio_rb16(pb);
5433
5434 return 0;
5435 }
5436
mov_read_st3d(MOVContext * c,AVIOContext * pb,MOVAtom atom)5437 static int mov_read_st3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5438 {
5439 AVStream *st;
5440 MOVStreamContext *sc;
5441 enum AVStereo3DType type;
5442 int mode;
5443
5444 if (c->fc->nb_streams < 1)
5445 return 0;
5446
5447 st = c->fc->streams[c->fc->nb_streams - 1];
5448 sc = st->priv_data;
5449
5450 if (atom.size < 5) {
5451 av_log(c->fc, AV_LOG_ERROR, "Empty stereoscopic video box\n");
5452 return AVERROR_INVALIDDATA;
5453 }
5454 avio_skip(pb, 4); /* version + flags */
5455
5456 mode = avio_r8(pb);
5457 switch (mode) {
5458 case 0:
5459 type = AV_STEREO3D_2D;
5460 break;
5461 case 1:
5462 type = AV_STEREO3D_TOPBOTTOM;
5463 break;
5464 case 2:
5465 type = AV_STEREO3D_SIDEBYSIDE;
5466 break;
5467 default:
5468 av_log(c->fc, AV_LOG_WARNING, "Unknown st3d mode value %d\n", mode);
5469 return 0;
5470 }
5471
5472 sc->stereo3d = av_stereo3d_alloc();
5473 if (!sc->stereo3d)
5474 return AVERROR(ENOMEM);
5475
5476 sc->stereo3d->type = type;
5477 return 0;
5478 }
5479
mov_read_sv3d(MOVContext * c,AVIOContext * pb,MOVAtom atom)5480 static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5481 {
5482 AVStream *st;
5483 MOVStreamContext *sc;
5484 int size, version, layout;
5485 int32_t yaw, pitch, roll;
5486 uint32_t l = 0, t = 0, r = 0, b = 0;
5487 uint32_t tag, padding = 0;
5488 enum AVSphericalProjection projection;
5489
5490 if (c->fc->nb_streams < 1)
5491 return 0;
5492
5493 st = c->fc->streams[c->fc->nb_streams - 1];
5494 sc = st->priv_data;
5495
5496 if (atom.size < 8) {
5497 av_log(c->fc, AV_LOG_ERROR, "Empty spherical video box\n");
5498 return AVERROR_INVALIDDATA;
5499 }
5500
5501 size = avio_rb32(pb);
5502 if (size <= 12 || size > atom.size)
5503 return AVERROR_INVALIDDATA;
5504
5505 tag = avio_rl32(pb);
5506 if (tag != MKTAG('s','v','h','d')) {
5507 av_log(c->fc, AV_LOG_ERROR, "Missing spherical video header\n");
5508 return 0;
5509 }
5510 version = avio_r8(pb);
5511 if (version != 0) {
5512 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
5513 version);
5514 return 0;
5515 }
5516 avio_skip(pb, 3); /* flags */
5517 avio_skip(pb, size - 12); /* metadata_source */
5518
5519 size = avio_rb32(pb);
5520 if (size > atom.size)
5521 return AVERROR_INVALIDDATA;
5522
5523 tag = avio_rl32(pb);
5524 if (tag != MKTAG('p','r','o','j')) {
5525 av_log(c->fc, AV_LOG_ERROR, "Missing projection box\n");
5526 return 0;
5527 }
5528
5529 size = avio_rb32(pb);
5530 if (size > atom.size)
5531 return AVERROR_INVALIDDATA;
5532
5533 tag = avio_rl32(pb);
5534 if (tag != MKTAG('p','r','h','d')) {
5535 av_log(c->fc, AV_LOG_ERROR, "Missing projection header box\n");
5536 return 0;
5537 }
5538 version = avio_r8(pb);
5539 if (version != 0) {
5540 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
5541 version);
5542 return 0;
5543 }
5544 avio_skip(pb, 3); /* flags */
5545
5546 /* 16.16 fixed point */
5547 yaw = avio_rb32(pb);
5548 pitch = avio_rb32(pb);
5549 roll = avio_rb32(pb);
5550
5551 size = avio_rb32(pb);
5552 if (size > atom.size)
5553 return AVERROR_INVALIDDATA;
5554
5555 tag = avio_rl32(pb);
5556 version = avio_r8(pb);
5557 if (version != 0) {
5558 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
5559 version);
5560 return 0;
5561 }
5562 avio_skip(pb, 3); /* flags */
5563 switch (tag) {
5564 case MKTAG('c','b','m','p'):
5565 layout = avio_rb32(pb);
5566 if (layout) {
5567 av_log(c->fc, AV_LOG_WARNING,
5568 "Unsupported cubemap layout %d\n", layout);
5569 return 0;
5570 }
5571 projection = AV_SPHERICAL_CUBEMAP;
5572 padding = avio_rb32(pb);
5573 break;
5574 case MKTAG('e','q','u','i'):
5575 t = avio_rb32(pb);
5576 b = avio_rb32(pb);
5577 l = avio_rb32(pb);
5578 r = avio_rb32(pb);
5579
5580 if (b >= UINT_MAX - t || r >= UINT_MAX - l) {
5581 av_log(c->fc, AV_LOG_ERROR,
5582 "Invalid bounding rectangle coordinates "
5583 "%"PRIu32",%"PRIu32",%"PRIu32",%"PRIu32"\n", l, t, r, b);
5584 return AVERROR_INVALIDDATA;
5585 }
5586
5587 if (l || t || r || b)
5588 projection = AV_SPHERICAL_EQUIRECTANGULAR_TILE;
5589 else
5590 projection = AV_SPHERICAL_EQUIRECTANGULAR;
5591 break;
5592 default:
5593 av_log(c->fc, AV_LOG_ERROR, "Unknown projection type: %s\n", av_fourcc2str(tag));
5594 return 0;
5595 }
5596
5597 sc->spherical = av_spherical_alloc(&sc->spherical_size);
5598 if (!sc->spherical)
5599 return AVERROR(ENOMEM);
5600
5601 sc->spherical->projection = projection;
5602
5603 sc->spherical->yaw = yaw;
5604 sc->spherical->pitch = pitch;
5605 sc->spherical->roll = roll;
5606
5607 sc->spherical->padding = padding;
5608
5609 sc->spherical->bound_left = l;
5610 sc->spherical->bound_top = t;
5611 sc->spherical->bound_right = r;
5612 sc->spherical->bound_bottom = b;
5613
5614 return 0;
5615 }
5616
mov_parse_uuid_spherical(MOVStreamContext * sc,AVIOContext * pb,size_t len)5617 static int mov_parse_uuid_spherical(MOVStreamContext *sc, AVIOContext *pb, size_t len)
5618 {
5619 int ret = 0;
5620 uint8_t *buffer = av_malloc(len + 1);
5621 const char *val;
5622
5623 if (!buffer)
5624 return AVERROR(ENOMEM);
5625 buffer[len] = '\0';
5626
5627 ret = ffio_read_size(pb, buffer, len);
5628 if (ret < 0)
5629 goto out;
5630
5631 /* Check for mandatory keys and values, try to support XML as best-effort */
5632 if (!sc->spherical &&
5633 av_stristr(buffer, "<GSpherical:StitchingSoftware>") &&
5634 (val = av_stristr(buffer, "<GSpherical:Spherical>")) &&
5635 av_stristr(val, "true") &&
5636 (val = av_stristr(buffer, "<GSpherical:Stitched>")) &&
5637 av_stristr(val, "true") &&
5638 (val = av_stristr(buffer, "<GSpherical:ProjectionType>")) &&
5639 av_stristr(val, "equirectangular")) {
5640 sc->spherical = av_spherical_alloc(&sc->spherical_size);
5641 if (!sc->spherical)
5642 goto out;
5643
5644 sc->spherical->projection = AV_SPHERICAL_EQUIRECTANGULAR;
5645
5646 if (av_stristr(buffer, "<GSpherical:StereoMode>") && !sc->stereo3d) {
5647 enum AVStereo3DType mode;
5648
5649 if (av_stristr(buffer, "left-right"))
5650 mode = AV_STEREO3D_SIDEBYSIDE;
5651 else if (av_stristr(buffer, "top-bottom"))
5652 mode = AV_STEREO3D_TOPBOTTOM;
5653 else
5654 mode = AV_STEREO3D_2D;
5655
5656 sc->stereo3d = av_stereo3d_alloc();
5657 if (!sc->stereo3d)
5658 goto out;
5659
5660 sc->stereo3d->type = mode;
5661 }
5662
5663 /* orientation */
5664 val = av_stristr(buffer, "<GSpherical:InitialViewHeadingDegrees>");
5665 if (val)
5666 sc->spherical->yaw = strtol(val, NULL, 10) * (1 << 16);
5667 val = av_stristr(buffer, "<GSpherical:InitialViewPitchDegrees>");
5668 if (val)
5669 sc->spherical->pitch = strtol(val, NULL, 10) * (1 << 16);
5670 val = av_stristr(buffer, "<GSpherical:InitialViewRollDegrees>");
5671 if (val)
5672 sc->spherical->roll = strtol(val, NULL, 10) * (1 << 16);
5673 }
5674
5675 out:
5676 av_free(buffer);
5677 return ret;
5678 }
5679
mov_read_uuid(MOVContext * c,AVIOContext * pb,MOVAtom atom)5680 static int mov_read_uuid(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5681 {
5682 AVStream *st;
5683 MOVStreamContext *sc;
5684 int64_t ret;
5685 uint8_t uuid[16];
5686 static const uint8_t uuid_isml_manifest[] = {
5687 0xa5, 0xd4, 0x0b, 0x30, 0xe8, 0x14, 0x11, 0xdd,
5688 0xba, 0x2f, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66
5689 };
5690 static const uint8_t uuid_xmp[] = {
5691 0xbe, 0x7a, 0xcf, 0xcb, 0x97, 0xa9, 0x42, 0xe8,
5692 0x9c, 0x71, 0x99, 0x94, 0x91, 0xe3, 0xaf, 0xac
5693 };
5694 static const uint8_t uuid_spherical[] = {
5695 0xff, 0xcc, 0x82, 0x63, 0xf8, 0x55, 0x4a, 0x93,
5696 0x88, 0x14, 0x58, 0x7a, 0x02, 0x52, 0x1f, 0xdd,
5697 };
5698
5699 if (atom.size < sizeof(uuid) || atom.size >= FFMIN(INT_MAX, SIZE_MAX))
5700 return AVERROR_INVALIDDATA;
5701
5702 if (c->fc->nb_streams < 1)
5703 return 0;
5704 st = c->fc->streams[c->fc->nb_streams - 1];
5705 sc = st->priv_data;
5706
5707 ret = avio_read(pb, uuid, sizeof(uuid));
5708 if (ret < 0) {
5709 return ret;
5710 } else if (ret != sizeof(uuid)) {
5711 return AVERROR_INVALIDDATA;
5712 }
5713 if (!memcmp(uuid, uuid_isml_manifest, sizeof(uuid))) {
5714 uint8_t *buffer, *ptr;
5715 char *endptr;
5716 size_t len = atom.size - sizeof(uuid);
5717
5718 if (len < 4) {
5719 return AVERROR_INVALIDDATA;
5720 }
5721 ret = avio_skip(pb, 4); // zeroes
5722 len -= 4;
5723
5724 buffer = av_mallocz(len + 1);
5725 if (!buffer) {
5726 return AVERROR(ENOMEM);
5727 }
5728 ret = avio_read(pb, buffer, len);
5729 if (ret < 0) {
5730 av_free(buffer);
5731 return ret;
5732 } else if (ret != len) {
5733 av_free(buffer);
5734 return AVERROR_INVALIDDATA;
5735 }
5736
5737 ptr = buffer;
5738 while ((ptr = av_stristr(ptr, "systemBitrate=\""))) {
5739 ptr += sizeof("systemBitrate=\"") - 1;
5740 c->bitrates_count++;
5741 c->bitrates = av_realloc_f(c->bitrates, c->bitrates_count, sizeof(*c->bitrates));
5742 if (!c->bitrates) {
5743 c->bitrates_count = 0;
5744 av_free(buffer);
5745 return AVERROR(ENOMEM);
5746 }
5747 errno = 0;
5748 ret = strtol(ptr, &endptr, 10);
5749 if (ret < 0 || errno || *endptr != '"') {
5750 c->bitrates[c->bitrates_count - 1] = 0;
5751 } else {
5752 c->bitrates[c->bitrates_count - 1] = ret;
5753 }
5754 }
5755
5756 av_free(buffer);
5757 } else if (!memcmp(uuid, uuid_xmp, sizeof(uuid))) {
5758 uint8_t *buffer;
5759 size_t len = atom.size - sizeof(uuid);
5760 if (c->export_xmp) {
5761 buffer = av_mallocz(len + 1);
5762 if (!buffer) {
5763 return AVERROR(ENOMEM);
5764 }
5765 ret = avio_read(pb, buffer, len);
5766 if (ret < 0) {
5767 av_free(buffer);
5768 return ret;
5769 } else if (ret != len) {
5770 av_free(buffer);
5771 return AVERROR_INVALIDDATA;
5772 }
5773 buffer[len] = '\0';
5774 av_dict_set(&c->fc->metadata, "xmp", buffer, 0);
5775 av_free(buffer);
5776 } else {
5777 // skip all uuid atom, which makes it fast for long uuid-xmp file
5778 ret = avio_skip(pb, len);
5779 if (ret < 0)
5780 return ret;
5781 }
5782 } else if (!memcmp(uuid, uuid_spherical, sizeof(uuid))) {
5783 size_t len = atom.size - sizeof(uuid);
5784 ret = mov_parse_uuid_spherical(sc, pb, len);
5785 if (ret < 0)
5786 return ret;
5787 if (!sc->spherical)
5788 av_log(c->fc, AV_LOG_WARNING, "Invalid spherical metadata found\n");
5789 }
5790
5791 return 0;
5792 }
5793
mov_read_free(MOVContext * c,AVIOContext * pb,MOVAtom atom)5794 static int mov_read_free(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5795 {
5796 int ret;
5797 uint8_t content[16];
5798
5799 if (atom.size < 8)
5800 return 0;
5801
5802 ret = avio_read(pb, content, FFMIN(sizeof(content), atom.size));
5803 if (ret < 0)
5804 return ret;
5805
5806 if ( !c->found_moov
5807 && !c->found_mdat
5808 && !memcmp(content, "Anevia\x1A\x1A", 8)
5809 && c->use_mfra_for == FF_MOV_FLAG_MFRA_AUTO) {
5810 c->use_mfra_for = FF_MOV_FLAG_MFRA_PTS;
5811 }
5812
5813 return 0;
5814 }
5815
mov_read_frma(MOVContext * c,AVIOContext * pb,MOVAtom atom)5816 static int mov_read_frma(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5817 {
5818 uint32_t format = avio_rl32(pb);
5819 MOVStreamContext *sc;
5820 enum AVCodecID id;
5821 AVStream *st;
5822
5823 if (c->fc->nb_streams < 1)
5824 return 0;
5825 st = c->fc->streams[c->fc->nb_streams - 1];
5826 sc = st->priv_data;
5827
5828 switch (sc->format)
5829 {
5830 case MKTAG('e','n','c','v'): // encrypted video
5831 case MKTAG('e','n','c','a'): // encrypted audio
5832 id = mov_codec_id(st, format);
5833 if (st->codecpar->codec_id != AV_CODEC_ID_NONE &&
5834 st->codecpar->codec_id != id) {
5835 av_log(c->fc, AV_LOG_WARNING,
5836 "ignoring 'frma' atom of '%.4s', stream has codec id %d\n",
5837 (char*)&format, st->codecpar->codec_id);
5838 break;
5839 }
5840
5841 st->codecpar->codec_id = id;
5842 sc->format = format;
5843 break;
5844
5845 default:
5846 if (format != sc->format) {
5847 av_log(c->fc, AV_LOG_WARNING,
5848 "ignoring 'frma' atom of '%.4s', stream format is '%.4s'\n",
5849 (char*)&format, (char*)&sc->format);
5850 }
5851 break;
5852 }
5853
5854 return 0;
5855 }
5856
5857 /**
5858 * Gets the current encryption info and associated current stream context. If
5859 * we are parsing a track fragment, this will return the specific encryption
5860 * info for this fragment; otherwise this will return the global encryption
5861 * info for the current stream.
5862 */
get_current_encryption_info(MOVContext * c,MOVEncryptionIndex ** encryption_index,MOVStreamContext ** sc)5863 static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encryption_index, MOVStreamContext **sc)
5864 {
5865 MOVFragmentStreamInfo *frag_stream_info;
5866 AVStream *st;
5867 int i;
5868
5869 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
5870 if (frag_stream_info) {
5871 for (i = 0; i < c->fc->nb_streams; i++) {
5872 if (c->fc->streams[i]->id == frag_stream_info->id) {
5873 st = c->fc->streams[i];
5874 break;
5875 }
5876 }
5877 if (i == c->fc->nb_streams)
5878 return 0;
5879 *sc = st->priv_data;
5880
5881 if (!frag_stream_info->encryption_index) {
5882 // If this stream isn't encrypted, don't create the index.
5883 if (!(*sc)->cenc.default_encrypted_sample)
5884 return 0;
5885 frag_stream_info->encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index));
5886 if (!frag_stream_info->encryption_index)
5887 return AVERROR(ENOMEM);
5888 }
5889 *encryption_index = frag_stream_info->encryption_index;
5890 return 1;
5891 } else {
5892 // No current track fragment, using stream level encryption info.
5893
5894 if (c->fc->nb_streams < 1)
5895 return 0;
5896 st = c->fc->streams[c->fc->nb_streams - 1];
5897 *sc = st->priv_data;
5898
5899 if (!(*sc)->cenc.encryption_index) {
5900 // If this stream isn't encrypted, don't create the index.
5901 if (!(*sc)->cenc.default_encrypted_sample)
5902 return 0;
5903 (*sc)->cenc.encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index));
5904 if (!(*sc)->cenc.encryption_index)
5905 return AVERROR(ENOMEM);
5906 }
5907
5908 *encryption_index = (*sc)->cenc.encryption_index;
5909 return 1;
5910 }
5911 }
5912
mov_read_sample_encryption_info(MOVContext * c,AVIOContext * pb,MOVStreamContext * sc,AVEncryptionInfo ** sample,int use_subsamples)5913 static int mov_read_sample_encryption_info(MOVContext *c, AVIOContext *pb, MOVStreamContext *sc, AVEncryptionInfo **sample, int use_subsamples)
5914 {
5915 int i;
5916 unsigned int subsample_count;
5917 AVSubsampleEncryptionInfo *subsamples;
5918
5919 if (!sc->cenc.default_encrypted_sample) {
5920 av_log(c->fc, AV_LOG_ERROR, "Missing schm or tenc\n");
5921 return AVERROR_INVALIDDATA;
5922 }
5923
5924 *sample = av_encryption_info_clone(sc->cenc.default_encrypted_sample);
5925 if (!*sample)
5926 return AVERROR(ENOMEM);
5927
5928 if (sc->cenc.per_sample_iv_size != 0) {
5929 if (avio_read(pb, (*sample)->iv, sc->cenc.per_sample_iv_size) != sc->cenc.per_sample_iv_size) {
5930 av_log(c->fc, AV_LOG_ERROR, "failed to read the initialization vector\n");
5931 av_encryption_info_free(*sample);
5932 *sample = NULL;
5933 return AVERROR_INVALIDDATA;
5934 }
5935 }
5936
5937 if (use_subsamples) {
5938 subsample_count = avio_rb16(pb);
5939 av_free((*sample)->subsamples);
5940 (*sample)->subsamples = av_mallocz_array(subsample_count, sizeof(*subsamples));
5941 if (!(*sample)->subsamples) {
5942 av_encryption_info_free(*sample);
5943 *sample = NULL;
5944 return AVERROR(ENOMEM);
5945 }
5946
5947 for (i = 0; i < subsample_count && !pb->eof_reached; i++) {
5948 (*sample)->subsamples[i].bytes_of_clear_data = avio_rb16(pb);
5949 (*sample)->subsamples[i].bytes_of_protected_data = avio_rb32(pb);
5950 }
5951
5952 if (pb->eof_reached) {
5953 av_log(c->fc, AV_LOG_ERROR, "hit EOF while reading sub-sample encryption info\n");
5954 av_encryption_info_free(*sample);
5955 *sample = NULL;
5956 return AVERROR_INVALIDDATA;
5957 }
5958 (*sample)->subsample_count = subsample_count;
5959 }
5960
5961 return 0;
5962 }
5963
mov_read_senc(MOVContext * c,AVIOContext * pb,MOVAtom atom)5964 static int mov_read_senc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5965 {
5966 AVEncryptionInfo **encrypted_samples;
5967 MOVEncryptionIndex *encryption_index;
5968 MOVStreamContext *sc;
5969 int use_subsamples, ret;
5970 unsigned int sample_count, i, alloc_size = 0;
5971
5972 ret = get_current_encryption_info(c, &encryption_index, &sc);
5973 if (ret != 1)
5974 return ret;
5975
5976 if (encryption_index->nb_encrypted_samples) {
5977 // This can happen if we have both saio/saiz and senc atoms.
5978 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in senc\n");
5979 return 0;
5980 }
5981
5982 avio_r8(pb); /* version */
5983 use_subsamples = avio_rb24(pb) & 0x02; /* flags */
5984
5985 sample_count = avio_rb32(pb);
5986 if (sample_count >= INT_MAX / sizeof(*encrypted_samples))
5987 return AVERROR(ENOMEM);
5988
5989 for (i = 0; i < sample_count; i++) {
5990 unsigned int min_samples = FFMIN(FFMAX(i + 1, 1024 * 1024), sample_count);
5991 encrypted_samples = av_fast_realloc(encryption_index->encrypted_samples, &alloc_size,
5992 min_samples * sizeof(*encrypted_samples));
5993 if (encrypted_samples) {
5994 encryption_index->encrypted_samples = encrypted_samples;
5995
5996 ret = mov_read_sample_encryption_info(
5997 c, pb, sc, &encryption_index->encrypted_samples[i], use_subsamples);
5998 } else {
5999 ret = AVERROR(ENOMEM);
6000 }
6001 if (pb->eof_reached) {
6002 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading senc\n");
6003 ret = AVERROR_INVALIDDATA;
6004 }
6005
6006 if (ret < 0) {
6007 for (; i > 0; i--)
6008 av_encryption_info_free(encryption_index->encrypted_samples[i - 1]);
6009 av_freep(&encryption_index->encrypted_samples);
6010 return ret;
6011 }
6012 }
6013 encryption_index->nb_encrypted_samples = sample_count;
6014
6015 return 0;
6016 }
6017
mov_parse_auxiliary_info(MOVContext * c,MOVStreamContext * sc,AVIOContext * pb,MOVEncryptionIndex * encryption_index)6018 static int mov_parse_auxiliary_info(MOVContext *c, MOVStreamContext *sc, AVIOContext *pb, MOVEncryptionIndex *encryption_index)
6019 {
6020 AVEncryptionInfo **sample, **encrypted_samples;
6021 int64_t prev_pos;
6022 size_t sample_count, sample_info_size, i;
6023 int ret = 0;
6024 unsigned int alloc_size = 0;
6025
6026 if (encryption_index->nb_encrypted_samples)
6027 return 0;
6028 sample_count = encryption_index->auxiliary_info_sample_count;
6029 if (encryption_index->auxiliary_offsets_count != 1) {
6030 av_log(c->fc, AV_LOG_ERROR, "Multiple auxiliary info chunks are not supported\n");
6031 return AVERROR_PATCHWELCOME;
6032 }
6033 if (sample_count >= INT_MAX / sizeof(*encrypted_samples))
6034 return AVERROR(ENOMEM);
6035
6036 prev_pos = avio_tell(pb);
6037 if (!(pb->seekable & AVIO_SEEKABLE_NORMAL) ||
6038 avio_seek(pb, encryption_index->auxiliary_offsets[0], SEEK_SET) != encryption_index->auxiliary_offsets[0]) {
6039 av_log(c->fc, AV_LOG_INFO, "Failed to seek for auxiliary info, will only parse senc atoms for encryption info\n");
6040 goto finish;
6041 }
6042
6043 for (i = 0; i < sample_count && !pb->eof_reached; i++) {
6044 unsigned int min_samples = FFMIN(FFMAX(i + 1, 1024 * 1024), sample_count);
6045 encrypted_samples = av_fast_realloc(encryption_index->encrypted_samples, &alloc_size,
6046 min_samples * sizeof(*encrypted_samples));
6047 if (!encrypted_samples) {
6048 ret = AVERROR(ENOMEM);
6049 goto finish;
6050 }
6051 encryption_index->encrypted_samples = encrypted_samples;
6052
6053 sample = &encryption_index->encrypted_samples[i];
6054 sample_info_size = encryption_index->auxiliary_info_default_size
6055 ? encryption_index->auxiliary_info_default_size
6056 : encryption_index->auxiliary_info_sizes[i];
6057
6058 ret = mov_read_sample_encryption_info(c, pb, sc, sample, sample_info_size > sc->cenc.per_sample_iv_size);
6059 if (ret < 0)
6060 goto finish;
6061 }
6062 if (pb->eof_reached) {
6063 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading auxiliary info\n");
6064 ret = AVERROR_INVALIDDATA;
6065 } else {
6066 encryption_index->nb_encrypted_samples = sample_count;
6067 }
6068
6069 finish:
6070 avio_seek(pb, prev_pos, SEEK_SET);
6071 if (ret < 0) {
6072 for (; i > 0; i--) {
6073 av_encryption_info_free(encryption_index->encrypted_samples[i - 1]);
6074 }
6075 av_freep(&encryption_index->encrypted_samples);
6076 }
6077 return ret;
6078 }
6079
6080 /**
6081 * Tries to read the given number of bytes from the stream and puts it in a
6082 * newly allocated buffer. This reads in small chunks to avoid allocating large
6083 * memory if the file contains an invalid/malicious size value.
6084 */
mov_try_read_block(AVIOContext * pb,size_t size,uint8_t ** data)6085 static int mov_try_read_block(AVIOContext *pb, size_t size, uint8_t **data)
6086 {
6087 const unsigned int block_size = 1024 * 1024;
6088 uint8_t *buffer = NULL;
6089 unsigned int alloc_size = 0, offset = 0;
6090 while (offset < size) {
6091 unsigned int new_size =
6092 alloc_size >= INT_MAX - block_size ? INT_MAX : alloc_size + block_size;
6093 uint8_t *new_buffer = av_fast_realloc(buffer, &alloc_size, new_size);
6094 unsigned int to_read = FFMIN(size, alloc_size) - offset;
6095 if (!new_buffer) {
6096 av_free(buffer);
6097 return AVERROR(ENOMEM);
6098 }
6099 buffer = new_buffer;
6100
6101 if (avio_read(pb, buffer + offset, to_read) != to_read) {
6102 av_free(buffer);
6103 return AVERROR_INVALIDDATA;
6104 }
6105 offset += to_read;
6106 }
6107
6108 *data = buffer;
6109 return 0;
6110 }
6111
mov_read_saiz(MOVContext * c,AVIOContext * pb,MOVAtom atom)6112 static int mov_read_saiz(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6113 {
6114 MOVEncryptionIndex *encryption_index;
6115 MOVStreamContext *sc;
6116 int ret;
6117 unsigned int sample_count, aux_info_type, aux_info_param;
6118
6119 ret = get_current_encryption_info(c, &encryption_index, &sc);
6120 if (ret != 1)
6121 return ret;
6122
6123 if (encryption_index->nb_encrypted_samples) {
6124 // This can happen if we have both saio/saiz and senc atoms.
6125 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saiz\n");
6126 return 0;
6127 }
6128
6129 if (encryption_index->auxiliary_info_sample_count) {
6130 av_log(c->fc, AV_LOG_ERROR, "Duplicate saiz atom\n");
6131 return AVERROR_INVALIDDATA;
6132 }
6133
6134 avio_r8(pb); /* version */
6135 if (avio_rb24(pb) & 0x01) { /* flags */
6136 aux_info_type = avio_rb32(pb);
6137 aux_info_param = avio_rb32(pb);
6138 if (sc->cenc.default_encrypted_sample) {
6139 if (aux_info_type != sc->cenc.default_encrypted_sample->scheme) {
6140 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saiz box with non-zero aux_info_type\n");
6141 return 0;
6142 }
6143 if (aux_info_param != 0) {
6144 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saiz box with non-zero aux_info_type_parameter\n");
6145 return 0;
6146 }
6147 } else {
6148 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6149 if ((aux_info_type == MKBETAG('c','e','n','c') ||
6150 aux_info_type == MKBETAG('c','e','n','s') ||
6151 aux_info_type == MKBETAG('c','b','c','1') ||
6152 aux_info_type == MKBETAG('c','b','c','s')) &&
6153 aux_info_param == 0) {
6154 av_log(c->fc, AV_LOG_ERROR, "Saw encrypted saiz without schm/tenc\n");
6155 return AVERROR_INVALIDDATA;
6156 } else {
6157 return 0;
6158 }
6159 }
6160 } else if (!sc->cenc.default_encrypted_sample) {
6161 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6162 return 0;
6163 }
6164
6165 encryption_index->auxiliary_info_default_size = avio_r8(pb);
6166 sample_count = avio_rb32(pb);
6167 encryption_index->auxiliary_info_sample_count = sample_count;
6168
6169 if (encryption_index->auxiliary_info_default_size == 0) {
6170 ret = mov_try_read_block(pb, sample_count, &encryption_index->auxiliary_info_sizes);
6171 if (ret < 0) {
6172 av_log(c->fc, AV_LOG_ERROR, "Failed to read the auxiliary info\n");
6173 return ret;
6174 }
6175 }
6176
6177 if (encryption_index->auxiliary_offsets_count) {
6178 return mov_parse_auxiliary_info(c, sc, pb, encryption_index);
6179 }
6180
6181 return 0;
6182 }
6183
mov_read_saio(MOVContext * c,AVIOContext * pb,MOVAtom atom)6184 static int mov_read_saio(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6185 {
6186 uint64_t *auxiliary_offsets;
6187 MOVEncryptionIndex *encryption_index;
6188 MOVStreamContext *sc;
6189 int i, ret;
6190 unsigned int version, entry_count, aux_info_type, aux_info_param;
6191 unsigned int alloc_size = 0;
6192
6193 ret = get_current_encryption_info(c, &encryption_index, &sc);
6194 if (ret != 1)
6195 return ret;
6196
6197 if (encryption_index->nb_encrypted_samples) {
6198 // This can happen if we have both saio/saiz and senc atoms.
6199 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saio\n");
6200 return 0;
6201 }
6202
6203 if (encryption_index->auxiliary_offsets_count) {
6204 av_log(c->fc, AV_LOG_ERROR, "Duplicate saio atom\n");
6205 return AVERROR_INVALIDDATA;
6206 }
6207
6208 version = avio_r8(pb); /* version */
6209 if (avio_rb24(pb) & 0x01) { /* flags */
6210 aux_info_type = avio_rb32(pb);
6211 aux_info_param = avio_rb32(pb);
6212 if (sc->cenc.default_encrypted_sample) {
6213 if (aux_info_type != sc->cenc.default_encrypted_sample->scheme) {
6214 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saio box with non-zero aux_info_type\n");
6215 return 0;
6216 }
6217 if (aux_info_param != 0) {
6218 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saio box with non-zero aux_info_type_parameter\n");
6219 return 0;
6220 }
6221 } else {
6222 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6223 if ((aux_info_type == MKBETAG('c','e','n','c') ||
6224 aux_info_type == MKBETAG('c','e','n','s') ||
6225 aux_info_type == MKBETAG('c','b','c','1') ||
6226 aux_info_type == MKBETAG('c','b','c','s')) &&
6227 aux_info_param == 0) {
6228 av_log(c->fc, AV_LOG_ERROR, "Saw encrypted saio without schm/tenc\n");
6229 return AVERROR_INVALIDDATA;
6230 } else {
6231 return 0;
6232 }
6233 }
6234 } else if (!sc->cenc.default_encrypted_sample) {
6235 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6236 return 0;
6237 }
6238
6239 entry_count = avio_rb32(pb);
6240 if (entry_count >= INT_MAX / sizeof(*auxiliary_offsets))
6241 return AVERROR(ENOMEM);
6242
6243 for (i = 0; i < entry_count && !pb->eof_reached; i++) {
6244 unsigned int min_offsets = FFMIN(FFMAX(i + 1, 1024), entry_count);
6245 auxiliary_offsets = av_fast_realloc(
6246 encryption_index->auxiliary_offsets, &alloc_size,
6247 min_offsets * sizeof(*auxiliary_offsets));
6248 if (!auxiliary_offsets) {
6249 av_freep(&encryption_index->auxiliary_offsets);
6250 return AVERROR(ENOMEM);
6251 }
6252 encryption_index->auxiliary_offsets = auxiliary_offsets;
6253
6254 if (version == 0) {
6255 encryption_index->auxiliary_offsets[i] = avio_rb32(pb);
6256 } else {
6257 encryption_index->auxiliary_offsets[i] = avio_rb64(pb);
6258 }
6259 if (c->frag_index.current >= 0) {
6260 encryption_index->auxiliary_offsets[i] += c->fragment.base_data_offset;
6261 }
6262 }
6263
6264 if (pb->eof_reached) {
6265 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading saio\n");
6266 av_freep(&encryption_index->auxiliary_offsets);
6267 return AVERROR_INVALIDDATA;
6268 }
6269
6270 encryption_index->auxiliary_offsets_count = entry_count;
6271
6272 if (encryption_index->auxiliary_info_sample_count) {
6273 return mov_parse_auxiliary_info(c, sc, pb, encryption_index);
6274 }
6275
6276 return 0;
6277 }
6278
mov_read_pssh(MOVContext * c,AVIOContext * pb,MOVAtom atom)6279 static int mov_read_pssh(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6280 {
6281 AVEncryptionInitInfo *info, *old_init_info;
6282 uint8_t **key_ids;
6283 AVStream *st;
6284 uint8_t *side_data, *extra_data, *old_side_data;
6285 size_t side_data_size;
6286 int ret = 0, old_side_data_size;
6287 unsigned int version, kid_count, extra_data_size, alloc_size = 0;
6288
6289 if (c->fc->nb_streams < 1)
6290 return 0;
6291 st = c->fc->streams[c->fc->nb_streams-1];
6292
6293 version = avio_r8(pb); /* version */
6294 avio_rb24(pb); /* flags */
6295
6296 info = av_encryption_init_info_alloc(/* system_id_size */ 16, /* num_key_ids */ 0,
6297 /* key_id_size */ 16, /* data_size */ 0);
6298 if (!info)
6299 return AVERROR(ENOMEM);
6300
6301 if (avio_read(pb, info->system_id, 16) != 16) {
6302 av_log(c->fc, AV_LOG_ERROR, "Failed to read the system id\n");
6303 ret = AVERROR_INVALIDDATA;
6304 goto finish;
6305 }
6306
6307 if (version > 0) {
6308 kid_count = avio_rb32(pb);
6309 if (kid_count >= INT_MAX / sizeof(*key_ids))
6310 return AVERROR(ENOMEM);
6311
6312 for (unsigned int i = 0; i < kid_count && !pb->eof_reached; i++) {
6313 unsigned int min_kid_count = FFMIN(FFMAX(i + 1, 1024), kid_count);
6314 key_ids = av_fast_realloc(info->key_ids, &alloc_size,
6315 min_kid_count * sizeof(*key_ids));
6316 if (!key_ids) {
6317 ret = AVERROR(ENOMEM);
6318 goto finish;
6319 }
6320 info->key_ids = key_ids;
6321
6322 info->key_ids[i] = av_mallocz(16);
6323 if (!info->key_ids[i]) {
6324 ret = AVERROR(ENOMEM);
6325 goto finish;
6326 }
6327 info->num_key_ids = i + 1;
6328
6329 if (avio_read(pb, info->key_ids[i], 16) != 16) {
6330 av_log(c->fc, AV_LOG_ERROR, "Failed to read the key id\n");
6331 ret = AVERROR_INVALIDDATA;
6332 goto finish;
6333 }
6334 }
6335
6336 if (pb->eof_reached) {
6337 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading pssh\n");
6338 ret = AVERROR_INVALIDDATA;
6339 goto finish;
6340 }
6341 }
6342
6343 extra_data_size = avio_rb32(pb);
6344 ret = mov_try_read_block(pb, extra_data_size, &extra_data);
6345 if (ret < 0)
6346 goto finish;
6347
6348 av_freep(&info->data); // malloc(0) may still allocate something.
6349 info->data = extra_data;
6350 info->data_size = extra_data_size;
6351
6352 // If there is existing initialization data, append to the list.
6353 old_side_data = av_stream_get_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO, &old_side_data_size);
6354 if (old_side_data) {
6355 old_init_info = av_encryption_init_info_get_side_data(old_side_data, old_side_data_size);
6356 if (old_init_info) {
6357 // Append to the end of the list.
6358 for (AVEncryptionInitInfo *cur = old_init_info;; cur = cur->next) {
6359 if (!cur->next) {
6360 cur->next = info;
6361 break;
6362 }
6363 }
6364 info = old_init_info;
6365 } else {
6366 // Assume existing side-data will be valid, so the only error we could get is OOM.
6367 ret = AVERROR(ENOMEM);
6368 goto finish;
6369 }
6370 }
6371
6372 side_data = av_encryption_init_info_add_side_data(info, &side_data_size);
6373 if (!side_data) {
6374 ret = AVERROR(ENOMEM);
6375 goto finish;
6376 }
6377 ret = av_stream_add_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO,
6378 side_data, side_data_size);
6379 if (ret < 0)
6380 av_free(side_data);
6381
6382 finish:
6383 av_encryption_init_info_free(info);
6384 return ret;
6385 }
6386
mov_read_schm(MOVContext * c,AVIOContext * pb,MOVAtom atom)6387 static int mov_read_schm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6388 {
6389 AVStream *st;
6390 MOVStreamContext *sc;
6391
6392 if (c->fc->nb_streams < 1)
6393 return 0;
6394 st = c->fc->streams[c->fc->nb_streams-1];
6395 sc = st->priv_data;
6396
6397 if (sc->pseudo_stream_id != 0) {
6398 av_log(c->fc, AV_LOG_ERROR, "schm boxes are only supported in first sample descriptor\n");
6399 return AVERROR_PATCHWELCOME;
6400 }
6401
6402 if (atom.size < 8)
6403 return AVERROR_INVALIDDATA;
6404
6405 avio_rb32(pb); /* version and flags */
6406
6407 if (!sc->cenc.default_encrypted_sample) {
6408 sc->cenc.default_encrypted_sample = av_encryption_info_alloc(0, 16, 16);
6409 if (!sc->cenc.default_encrypted_sample) {
6410 return AVERROR(ENOMEM);
6411 }
6412 }
6413
6414 sc->cenc.default_encrypted_sample->scheme = avio_rb32(pb);
6415 return 0;
6416 }
6417
mov_read_tenc(MOVContext * c,AVIOContext * pb,MOVAtom atom)6418 static int mov_read_tenc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6419 {
6420 AVStream *st;
6421 MOVStreamContext *sc;
6422 unsigned int version, pattern, is_protected, iv_size;
6423
6424 if (c->fc->nb_streams < 1)
6425 return 0;
6426 st = c->fc->streams[c->fc->nb_streams-1];
6427 sc = st->priv_data;
6428
6429 if (sc->pseudo_stream_id != 0) {
6430 av_log(c->fc, AV_LOG_ERROR, "tenc atom are only supported in first sample descriptor\n");
6431 return AVERROR_PATCHWELCOME;
6432 }
6433
6434 if (!sc->cenc.default_encrypted_sample) {
6435 sc->cenc.default_encrypted_sample = av_encryption_info_alloc(0, 16, 16);
6436 if (!sc->cenc.default_encrypted_sample) {
6437 return AVERROR(ENOMEM);
6438 }
6439 }
6440
6441 if (atom.size < 20)
6442 return AVERROR_INVALIDDATA;
6443
6444 version = avio_r8(pb); /* version */
6445 avio_rb24(pb); /* flags */
6446
6447 avio_r8(pb); /* reserved */
6448 pattern = avio_r8(pb);
6449
6450 if (version > 0) {
6451 sc->cenc.default_encrypted_sample->crypt_byte_block = pattern >> 4;
6452 sc->cenc.default_encrypted_sample->skip_byte_block = pattern & 0xf;
6453 }
6454
6455 is_protected = avio_r8(pb);
6456 if (is_protected && !sc->cenc.encryption_index) {
6457 // The whole stream should be by-default encrypted.
6458 sc->cenc.encryption_index = av_mallocz(sizeof(MOVEncryptionIndex));
6459 if (!sc->cenc.encryption_index)
6460 return AVERROR(ENOMEM);
6461 }
6462 sc->cenc.per_sample_iv_size = avio_r8(pb);
6463 if (sc->cenc.per_sample_iv_size != 0 && sc->cenc.per_sample_iv_size != 8 &&
6464 sc->cenc.per_sample_iv_size != 16) {
6465 av_log(c->fc, AV_LOG_ERROR, "invalid per-sample IV size value\n");
6466 return AVERROR_INVALIDDATA;
6467 }
6468 if (avio_read(pb, sc->cenc.default_encrypted_sample->key_id, 16) != 16) {
6469 av_log(c->fc, AV_LOG_ERROR, "failed to read the default key ID\n");
6470 return AVERROR_INVALIDDATA;
6471 }
6472
6473 if (is_protected && !sc->cenc.per_sample_iv_size) {
6474 iv_size = avio_r8(pb);
6475 if (iv_size != 8 && iv_size != 16) {
6476 av_log(c->fc, AV_LOG_ERROR, "invalid default_constant_IV_size in tenc atom\n");
6477 return AVERROR_INVALIDDATA;
6478 }
6479
6480 if (avio_read(pb, sc->cenc.default_encrypted_sample->iv, iv_size) != iv_size) {
6481 av_log(c->fc, AV_LOG_ERROR, "failed to read the default IV\n");
6482 return AVERROR_INVALIDDATA;
6483 }
6484 }
6485
6486 return 0;
6487 }
6488
mov_read_dfla(MOVContext * c,AVIOContext * pb,MOVAtom atom)6489 static int mov_read_dfla(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6490 {
6491 AVStream *st;
6492 int last, type, size, ret;
6493 uint8_t buf[4];
6494
6495 if (c->fc->nb_streams < 1)
6496 return 0;
6497 st = c->fc->streams[c->fc->nb_streams-1];
6498
6499 if ((uint64_t)atom.size > (1<<30) || atom.size < 42)
6500 return AVERROR_INVALIDDATA;
6501
6502 /* Check FlacSpecificBox version. */
6503 if (avio_r8(pb) != 0)
6504 return AVERROR_INVALIDDATA;
6505
6506 avio_rb24(pb); /* Flags */
6507
6508 avio_read(pb, buf, sizeof(buf));
6509 flac_parse_block_header(buf, &last, &type, &size);
6510
6511 if (type != FLAC_METADATA_TYPE_STREAMINFO || size != FLAC_STREAMINFO_SIZE) {
6512 av_log(c->fc, AV_LOG_ERROR, "STREAMINFO must be first FLACMetadataBlock\n");
6513 return AVERROR_INVALIDDATA;
6514 }
6515
6516 ret = ff_get_extradata(c->fc, st->codecpar, pb, size);
6517 if (ret < 0)
6518 return ret;
6519
6520 if (!last)
6521 av_log(c->fc, AV_LOG_WARNING, "non-STREAMINFO FLACMetadataBlock(s) ignored\n");
6522
6523 return 0;
6524 }
6525
cenc_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)6526 static int cenc_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
6527 {
6528 int i, ret;
6529
6530 if (sample->scheme != MKBETAG('c','e','n','c') || sample->crypt_byte_block != 0 || sample->skip_byte_block != 0) {
6531 av_log(c->fc, AV_LOG_ERROR, "Only the 'cenc' encryption scheme is supported\n");
6532 return AVERROR_PATCHWELCOME;
6533 }
6534
6535 if (!sc->cenc.aes_ctr) {
6536 /* initialize the cipher */
6537 sc->cenc.aes_ctr = av_aes_ctr_alloc();
6538 if (!sc->cenc.aes_ctr) {
6539 return AVERROR(ENOMEM);
6540 }
6541
6542 ret = av_aes_ctr_init(sc->cenc.aes_ctr, c->decryption_key);
6543 if (ret < 0) {
6544 return ret;
6545 }
6546 }
6547
6548 av_aes_ctr_set_full_iv(sc->cenc.aes_ctr, sample->iv);
6549
6550 if (!sample->subsample_count)
6551 {
6552 /* decrypt the whole packet */
6553 av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, size);
6554 return 0;
6555 }
6556
6557 for (i = 0; i < sample->subsample_count; i++)
6558 {
6559 if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
6560 av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
6561 return AVERROR_INVALIDDATA;
6562 }
6563
6564 /* skip the clear bytes */
6565 input += sample->subsamples[i].bytes_of_clear_data;
6566 size -= sample->subsamples[i].bytes_of_clear_data;
6567
6568 /* decrypt the encrypted bytes */
6569 av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, sample->subsamples[i].bytes_of_protected_data);
6570 input += sample->subsamples[i].bytes_of_protected_data;
6571 size -= sample->subsamples[i].bytes_of_protected_data;
6572 }
6573
6574 if (size > 0) {
6575 av_log(c->fc, AV_LOG_ERROR, "leftover packet bytes after subsample processing\n");
6576 return AVERROR_INVALIDDATA;
6577 }
6578
6579 return 0;
6580 }
6581
cenc_filter(MOVContext * mov,AVStream * st,MOVStreamContext * sc,AVPacket * pkt,int current_index)6582 static int cenc_filter(MOVContext *mov, AVStream* st, MOVStreamContext *sc, AVPacket *pkt, int current_index)
6583 {
6584 MOVFragmentStreamInfo *frag_stream_info;
6585 MOVEncryptionIndex *encryption_index;
6586 AVEncryptionInfo *encrypted_sample;
6587 int encrypted_index, ret;
6588
6589 frag_stream_info = get_frag_stream_info(&mov->frag_index, mov->frag_index.current, st->id);
6590 encrypted_index = current_index;
6591 encryption_index = NULL;
6592 if (frag_stream_info) {
6593 // Note this only supports encryption info in the first sample descriptor.
6594 if (mov->fragment.stsd_id == 1) {
6595 if (frag_stream_info->encryption_index) {
6596 encrypted_index = current_index - frag_stream_info->index_entry;
6597 encryption_index = frag_stream_info->encryption_index;
6598 } else {
6599 encryption_index = sc->cenc.encryption_index;
6600 }
6601 }
6602 } else {
6603 encryption_index = sc->cenc.encryption_index;
6604 }
6605
6606 if (encryption_index) {
6607 if (encryption_index->auxiliary_info_sample_count &&
6608 !encryption_index->nb_encrypted_samples) {
6609 av_log(mov->fc, AV_LOG_ERROR, "saiz atom found without saio\n");
6610 return AVERROR_INVALIDDATA;
6611 }
6612 if (encryption_index->auxiliary_offsets_count &&
6613 !encryption_index->nb_encrypted_samples) {
6614 av_log(mov->fc, AV_LOG_ERROR, "saio atom found without saiz\n");
6615 return AVERROR_INVALIDDATA;
6616 }
6617
6618 if (!encryption_index->nb_encrypted_samples) {
6619 // Full-sample encryption with default settings.
6620 encrypted_sample = sc->cenc.default_encrypted_sample;
6621 } else if (encrypted_index >= 0 && encrypted_index < encryption_index->nb_encrypted_samples) {
6622 // Per-sample setting override.
6623 encrypted_sample = encryption_index->encrypted_samples[encrypted_index];
6624 } else {
6625 av_log(mov->fc, AV_LOG_ERROR, "Incorrect number of samples in encryption info\n");
6626 return AVERROR_INVALIDDATA;
6627 }
6628
6629 if (mov->decryption_key) {
6630 return cenc_decrypt(mov, sc, encrypted_sample, pkt->data, pkt->size);
6631 } else {
6632 size_t size;
6633 uint8_t *side_data = av_encryption_info_add_side_data(encrypted_sample, &size);
6634 if (!side_data)
6635 return AVERROR(ENOMEM);
6636 ret = av_packet_add_side_data(pkt, AV_PKT_DATA_ENCRYPTION_INFO, side_data, size);
6637 if (ret < 0)
6638 av_free(side_data);
6639 return ret;
6640 }
6641 }
6642
6643 return 0;
6644 }
6645
mov_read_dops(MOVContext * c,AVIOContext * pb,MOVAtom atom)6646 static int mov_read_dops(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6647 {
6648 const int OPUS_SEEK_PREROLL_MS = 80;
6649 AVStream *st;
6650 size_t size;
6651 uint16_t pre_skip;
6652
6653 if (c->fc->nb_streams < 1)
6654 return 0;
6655 st = c->fc->streams[c->fc->nb_streams-1];
6656
6657 if ((uint64_t)atom.size > (1<<30) || atom.size < 11)
6658 return AVERROR_INVALIDDATA;
6659
6660 /* Check OpusSpecificBox version. */
6661 if (avio_r8(pb) != 0) {
6662 av_log(c->fc, AV_LOG_ERROR, "unsupported OpusSpecificBox version\n");
6663 return AVERROR_INVALIDDATA;
6664 }
6665
6666 /* OpusSpecificBox size plus magic for Ogg OpusHead header. */
6667 size = atom.size + 8;
6668
6669 if (ff_alloc_extradata(st->codecpar, size))
6670 return AVERROR(ENOMEM);
6671
6672 AV_WL32(st->codecpar->extradata, MKTAG('O','p','u','s'));
6673 AV_WL32(st->codecpar->extradata + 4, MKTAG('H','e','a','d'));
6674 AV_WB8(st->codecpar->extradata + 8, 1); /* OpusHead version */
6675 avio_read(pb, st->codecpar->extradata + 9, size - 9);
6676
6677 /* OpusSpecificBox is stored in big-endian, but OpusHead is
6678 little-endian; aside from the preceeding magic and version they're
6679 otherwise currently identical. Data after output gain at offset 16
6680 doesn't need to be bytewapped. */
6681 pre_skip = AV_RB16(st->codecpar->extradata + 10);
6682 AV_WL16(st->codecpar->extradata + 10, pre_skip);
6683 AV_WL32(st->codecpar->extradata + 12, AV_RB32(st->codecpar->extradata + 12));
6684 AV_WL16(st->codecpar->extradata + 16, AV_RB16(st->codecpar->extradata + 16));
6685
6686 st->codecpar->initial_padding = pre_skip;
6687 st->codecpar->seek_preroll = av_rescale_q(OPUS_SEEK_PREROLL_MS,
6688 (AVRational){1, 1000},
6689 (AVRational){1, 48000});
6690
6691 return 0;
6692 }
6693
6694 static const MOVParseTableEntry mov_default_parse_table[] = {
6695 { MKTAG('A','C','L','R'), mov_read_aclr },
6696 { MKTAG('A','P','R','G'), mov_read_avid },
6697 { MKTAG('A','A','L','P'), mov_read_avid },
6698 { MKTAG('A','R','E','S'), mov_read_ares },
6699 { MKTAG('a','v','s','s'), mov_read_avss },
6700 { MKTAG('a','v','1','C'), mov_read_av1c },
6701 { MKTAG('c','h','p','l'), mov_read_chpl },
6702 { MKTAG('c','o','6','4'), mov_read_stco },
6703 { MKTAG('c','o','l','r'), mov_read_colr },
6704 { MKTAG('c','t','t','s'), mov_read_ctts }, /* composition time to sample */
6705 { MKTAG('d','i','n','f'), mov_read_default },
6706 { MKTAG('D','p','x','E'), mov_read_dpxe },
6707 { MKTAG('d','r','e','f'), mov_read_dref },
6708 { MKTAG('e','d','t','s'), mov_read_default },
6709 { MKTAG('e','l','s','t'), mov_read_elst },
6710 { MKTAG('e','n','d','a'), mov_read_enda },
6711 { MKTAG('f','i','e','l'), mov_read_fiel },
6712 { MKTAG('a','d','r','m'), mov_read_adrm },
6713 { MKTAG('f','t','y','p'), mov_read_ftyp },
6714 { MKTAG('g','l','b','l'), mov_read_glbl },
6715 { MKTAG('h','d','l','r'), mov_read_hdlr },
6716 { MKTAG('i','l','s','t'), mov_read_ilst },
6717 { MKTAG('j','p','2','h'), mov_read_jp2h },
6718 { MKTAG('m','d','a','t'), mov_read_mdat },
6719 { MKTAG('m','d','h','d'), mov_read_mdhd },
6720 { MKTAG('m','d','i','a'), mov_read_default },
6721 { MKTAG('m','e','t','a'), mov_read_meta },
6722 { MKTAG('m','i','n','f'), mov_read_default },
6723 { MKTAG('m','o','o','f'), mov_read_moof },
6724 { MKTAG('m','o','o','v'), mov_read_moov },
6725 { MKTAG('m','v','e','x'), mov_read_default },
6726 { MKTAG('m','v','h','d'), mov_read_mvhd },
6727 { MKTAG('S','M','I',' '), mov_read_svq3 },
6728 { MKTAG('a','l','a','c'), mov_read_alac }, /* alac specific atom */
6729 { MKTAG('a','v','c','C'), mov_read_glbl },
6730 { MKTAG('p','a','s','p'), mov_read_pasp },
6731 { MKTAG('s','i','d','x'), mov_read_sidx },
6732 { MKTAG('s','t','b','l'), mov_read_default },
6733 { MKTAG('s','t','c','o'), mov_read_stco },
6734 { MKTAG('s','t','p','s'), mov_read_stps },
6735 { MKTAG('s','t','r','f'), mov_read_strf },
6736 { MKTAG('s','t','s','c'), mov_read_stsc },
6737 { MKTAG('s','t','s','d'), mov_read_stsd }, /* sample description */
6738 { MKTAG('s','t','s','s'), mov_read_stss }, /* sync sample */
6739 { MKTAG('s','t','s','z'), mov_read_stsz }, /* sample size */
6740 { MKTAG('s','t','t','s'), mov_read_stts },
6741 { MKTAG('s','t','z','2'), mov_read_stsz }, /* compact sample size */
6742 { MKTAG('t','k','h','d'), mov_read_tkhd }, /* track header */
6743 { MKTAG('t','f','d','t'), mov_read_tfdt },
6744 { MKTAG('t','f','h','d'), mov_read_tfhd }, /* track fragment header */
6745 { MKTAG('t','r','a','k'), mov_read_trak },
6746 { MKTAG('t','r','a','f'), mov_read_default },
6747 { MKTAG('t','r','e','f'), mov_read_default },
6748 { MKTAG('t','m','c','d'), mov_read_tmcd },
6749 { MKTAG('c','h','a','p'), mov_read_chap },
6750 { MKTAG('t','r','e','x'), mov_read_trex },
6751 { MKTAG('t','r','u','n'), mov_read_trun },
6752 { MKTAG('u','d','t','a'), mov_read_default },
6753 { MKTAG('w','a','v','e'), mov_read_wave },
6754 { MKTAG('e','s','d','s'), mov_read_esds },
6755 { MKTAG('d','a','c','3'), mov_read_dac3 }, /* AC-3 info */
6756 { MKTAG('d','e','c','3'), mov_read_dec3 }, /* EAC-3 info */
6757 { MKTAG('d','d','t','s'), mov_read_ddts }, /* DTS audio descriptor */
6758 { MKTAG('w','i','d','e'), mov_read_wide }, /* place holder */
6759 { MKTAG('w','f','e','x'), mov_read_wfex },
6760 { MKTAG('c','m','o','v'), mov_read_cmov },
6761 { MKTAG('c','h','a','n'), mov_read_chan }, /* channel layout */
6762 { MKTAG('d','v','c','1'), mov_read_dvc1 },
6763 { MKTAG('s','b','g','p'), mov_read_sbgp },
6764 { MKTAG('h','v','c','C'), mov_read_glbl },
6765 { MKTAG('u','u','i','d'), mov_read_uuid },
6766 { MKTAG('C','i','n', 0x8e), mov_read_targa_y216 },
6767 { MKTAG('f','r','e','e'), mov_read_free },
6768 { MKTAG('-','-','-','-'), mov_read_custom },
6769 { MKTAG('s','i','n','f'), mov_read_default },
6770 { MKTAG('f','r','m','a'), mov_read_frma },
6771 { MKTAG('s','e','n','c'), mov_read_senc },
6772 { MKTAG('s','a','i','z'), mov_read_saiz },
6773 { MKTAG('s','a','i','o'), mov_read_saio },
6774 { MKTAG('p','s','s','h'), mov_read_pssh },
6775 { MKTAG('s','c','h','m'), mov_read_schm },
6776 { MKTAG('s','c','h','i'), mov_read_default },
6777 { MKTAG('t','e','n','c'), mov_read_tenc },
6778 { MKTAG('d','f','L','a'), mov_read_dfla },
6779 { MKTAG('s','t','3','d'), mov_read_st3d }, /* stereoscopic 3D video box */
6780 { MKTAG('s','v','3','d'), mov_read_sv3d }, /* spherical video box */
6781 { MKTAG('d','O','p','s'), mov_read_dops },
6782 { MKTAG('S','m','D','m'), mov_read_smdm },
6783 { MKTAG('C','o','L','L'), mov_read_coll },
6784 { MKTAG('v','p','c','C'), mov_read_vpcc },
6785 { MKTAG('m','d','c','v'), mov_read_mdcv },
6786 { MKTAG('c','l','l','i'), mov_read_clli },
6787 { 0, NULL }
6788 };
6789
mov_read_default(MOVContext * c,AVIOContext * pb,MOVAtom atom)6790 static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6791 {
6792 int64_t total_size = 0;
6793 MOVAtom a;
6794 int i;
6795
6796 if (c->atom_depth > 10) {
6797 av_log(c->fc, AV_LOG_ERROR, "Atoms too deeply nested\n");
6798 return AVERROR_INVALIDDATA;
6799 }
6800 c->atom_depth ++;
6801
6802 if (atom.size < 0)
6803 atom.size = INT64_MAX;
6804 while (total_size <= atom.size - 8 && !avio_feof(pb)) {
6805 int (*parse)(MOVContext*, AVIOContext*, MOVAtom) = NULL;
6806 a.size = atom.size;
6807 a.type=0;
6808 if (atom.size >= 8) {
6809 a.size = avio_rb32(pb);
6810 a.type = avio_rl32(pb);
6811 if (a.type == MKTAG('f','r','e','e') &&
6812 a.size >= 8 &&
6813 c->fc->strict_std_compliance < FF_COMPLIANCE_STRICT &&
6814 c->moov_retry) {
6815 uint8_t buf[8];
6816 uint32_t *type = (uint32_t *)buf + 1;
6817 if (avio_read(pb, buf, 8) != 8)
6818 return AVERROR_INVALIDDATA;
6819 avio_seek(pb, -8, SEEK_CUR);
6820 if (*type == MKTAG('m','v','h','d') ||
6821 *type == MKTAG('c','m','o','v')) {
6822 av_log(c->fc, AV_LOG_ERROR, "Detected moov in a free atom.\n");
6823 a.type = MKTAG('m','o','o','v');
6824 }
6825 }
6826 if (atom.type != MKTAG('r','o','o','t') &&
6827 atom.type != MKTAG('m','o','o','v'))
6828 {
6829 if (a.type == MKTAG('t','r','a','k') || a.type == MKTAG('m','d','a','t'))
6830 {
6831 av_log(c->fc, AV_LOG_ERROR, "Broken file, trak/mdat not at top-level\n");
6832 avio_skip(pb, -8);
6833 c->atom_depth --;
6834 return 0;
6835 }
6836 }
6837 total_size += 8;
6838 if (a.size == 1 && total_size + 8 <= atom.size) { /* 64 bit extended size */
6839 a.size = avio_rb64(pb) - 8;
6840 total_size += 8;
6841 }
6842 }
6843 av_log(c->fc, AV_LOG_TRACE, "type:'%s' parent:'%s' sz: %"PRId64" %"PRId64" %"PRId64"\n",
6844 av_fourcc2str(a.type), av_fourcc2str(atom.type), a.size, total_size, atom.size);
6845 if (a.size == 0) {
6846 a.size = atom.size - total_size + 8;
6847 }
6848 a.size -= 8;
6849 if (a.size < 0)
6850 break;
6851 a.size = FFMIN(a.size, atom.size - total_size);
6852
6853 for (i = 0; mov_default_parse_table[i].type; i++)
6854 if (mov_default_parse_table[i].type == a.type) {
6855 parse = mov_default_parse_table[i].parse;
6856 break;
6857 }
6858
6859 // container is user data
6860 if (!parse && (atom.type == MKTAG('u','d','t','a') ||
6861 atom.type == MKTAG('i','l','s','t')))
6862 parse = mov_read_udta_string;
6863
6864 // Supports parsing the QuickTime Metadata Keys.
6865 // https://developer.apple.com/library/mac/documentation/QuickTime/QTFF/Metadata/Metadata.html
6866 if (!parse && c->found_hdlr_mdta &&
6867 atom.type == MKTAG('m','e','t','a') &&
6868 a.type == MKTAG('k','e','y','s')) {
6869 parse = mov_read_keys;
6870 }
6871
6872 if (!parse) { /* skip leaf atoms data */
6873 avio_skip(pb, a.size);
6874 } else {
6875 int64_t start_pos = avio_tell(pb);
6876 int64_t left;
6877 int err = parse(c, pb, a);
6878 if (err < 0) {
6879 c->atom_depth --;
6880 return err;
6881 }
6882 if (c->found_moov && c->found_mdat &&
6883 ((!(pb->seekable & AVIO_SEEKABLE_NORMAL) || c->fc->flags & AVFMT_FLAG_IGNIDX || c->frag_index.complete) ||
6884 start_pos + a.size == avio_size(pb))) {
6885 if (!(pb->seekable & AVIO_SEEKABLE_NORMAL) || c->fc->flags & AVFMT_FLAG_IGNIDX || c->frag_index.complete)
6886 c->next_root_atom = start_pos + a.size;
6887 c->atom_depth --;
6888 return 0;
6889 }
6890 left = a.size - avio_tell(pb) + start_pos;
6891 if (left > 0) /* skip garbage at atom end */
6892 avio_skip(pb, left);
6893 else if (left < 0) {
6894 av_log(c->fc, AV_LOG_WARNING,
6895 "overread end of atom '%.4s' by %"PRId64" bytes\n",
6896 (char*)&a.type, -left);
6897 avio_seek(pb, left, SEEK_CUR);
6898 }
6899 }
6900
6901 total_size += a.size;
6902 }
6903
6904 if (total_size < atom.size && atom.size < 0x7ffff)
6905 avio_skip(pb, atom.size - total_size);
6906
6907 c->atom_depth --;
6908 return 0;
6909 }
6910
mov_probe(AVProbeData * p)6911 static int mov_probe(AVProbeData *p)
6912 {
6913 int64_t offset;
6914 uint32_t tag;
6915 int score = 0;
6916 int moov_offset = -1;
6917
6918 /* check file header */
6919 offset = 0;
6920 for (;;) {
6921 /* ignore invalid offset */
6922 if ((offset + 8) > (unsigned int)p->buf_size)
6923 break;
6924 tag = AV_RL32(p->buf + offset + 4);
6925 switch(tag) {
6926 /* check for obvious tags */
6927 case MKTAG('m','o','o','v'):
6928 moov_offset = offset + 4;
6929 case MKTAG('m','d','a','t'):
6930 case MKTAG('p','n','o','t'): /* detect movs with preview pics like ew.mov and april.mov */
6931 case MKTAG('u','d','t','a'): /* Packet Video PVAuthor adds this and a lot of more junk */
6932 case MKTAG('f','t','y','p'):
6933 if (AV_RB32(p->buf+offset) < 8 &&
6934 (AV_RB32(p->buf+offset) != 1 ||
6935 offset + 12 > (unsigned int)p->buf_size ||
6936 AV_RB64(p->buf+offset + 8) == 0)) {
6937 score = FFMAX(score, AVPROBE_SCORE_EXTENSION);
6938 } else if (tag == MKTAG('f','t','y','p') &&
6939 ( AV_RL32(p->buf + offset + 8) == MKTAG('j','p','2',' ')
6940 || AV_RL32(p->buf + offset + 8) == MKTAG('j','p','x',' ')
6941 )) {
6942 score = FFMAX(score, 5);
6943 } else {
6944 score = AVPROBE_SCORE_MAX;
6945 }
6946 offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
6947 break;
6948 /* those are more common words, so rate then a bit less */
6949 case MKTAG('e','d','i','w'): /* xdcam files have reverted first tags */
6950 case MKTAG('w','i','d','e'):
6951 case MKTAG('f','r','e','e'):
6952 case MKTAG('j','u','n','k'):
6953 case MKTAG('p','i','c','t'):
6954 score = FFMAX(score, AVPROBE_SCORE_MAX - 5);
6955 offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
6956 break;
6957 case MKTAG(0x82,0x82,0x7f,0x7d):
6958 case MKTAG('s','k','i','p'):
6959 case MKTAG('u','u','i','d'):
6960 case MKTAG('p','r','f','l'):
6961 /* if we only find those cause probedata is too small at least rate them */
6962 score = FFMAX(score, AVPROBE_SCORE_EXTENSION);
6963 offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
6964 break;
6965 default:
6966 offset = FFMAX(4, AV_RB32(p->buf+offset)) + offset;
6967 }
6968 }
6969 if(score > AVPROBE_SCORE_MAX - 50 && moov_offset != -1) {
6970 /* moov atom in the header - we should make sure that this is not a
6971 * MOV-packed MPEG-PS */
6972 offset = moov_offset;
6973
6974 while(offset < (p->buf_size - 16)){ /* Sufficient space */
6975 /* We found an actual hdlr atom */
6976 if(AV_RL32(p->buf + offset ) == MKTAG('h','d','l','r') &&
6977 AV_RL32(p->buf + offset + 8) == MKTAG('m','h','l','r') &&
6978 AV_RL32(p->buf + offset + 12) == MKTAG('M','P','E','G')){
6979 av_log(NULL, AV_LOG_WARNING, "Found media data tag MPEG indicating this is a MOV-packed MPEG-PS.\n");
6980 /* We found a media handler reference atom describing an
6981 * MPEG-PS-in-MOV, return a
6982 * low score to force expanding the probe window until
6983 * mpegps_probe finds what it needs */
6984 return 5;
6985 }else
6986 /* Keep looking */
6987 offset+=2;
6988 }
6989 }
6990
6991 return score;
6992 }
6993
6994 // must be done after parsing all trak because there's no order requirement
mov_read_chapters(AVFormatContext * s)6995 static void mov_read_chapters(AVFormatContext *s)
6996 {
6997 MOVContext *mov = s->priv_data;
6998 AVStream *st;
6999 MOVStreamContext *sc;
7000 int64_t cur_pos;
7001 int i, j;
7002 int chapter_track;
7003
7004 for (j = 0; j < mov->nb_chapter_tracks; j++) {
7005 chapter_track = mov->chapter_tracks[j];
7006 st = NULL;
7007 for (i = 0; i < s->nb_streams; i++)
7008 if (s->streams[i]->id == chapter_track) {
7009 st = s->streams[i];
7010 break;
7011 }
7012 if (!st) {
7013 av_log(s, AV_LOG_ERROR, "Referenced QT chapter track not found\n");
7014 continue;
7015 }
7016
7017 sc = st->priv_data;
7018 cur_pos = avio_tell(sc->pb);
7019
7020 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
7021 st->disposition |= AV_DISPOSITION_ATTACHED_PIC | AV_DISPOSITION_TIMED_THUMBNAILS;
7022 if (st->nb_index_entries) {
7023 // Retrieve the first frame, if possible
7024 AVPacket pkt;
7025 AVIndexEntry *sample = &st->index_entries[0];
7026 if (avio_seek(sc->pb, sample->pos, SEEK_SET) != sample->pos) {
7027 av_log(s, AV_LOG_ERROR, "Failed to retrieve first frame\n");
7028 goto finish;
7029 }
7030
7031 if (av_get_packet(sc->pb, &pkt, sample->size) < 0)
7032 goto finish;
7033
7034 st->attached_pic = pkt;
7035 st->attached_pic.stream_index = st->index;
7036 st->attached_pic.flags |= AV_PKT_FLAG_KEY;
7037 }
7038 } else {
7039 st->codecpar->codec_type = AVMEDIA_TYPE_DATA;
7040 st->codecpar->codec_id = AV_CODEC_ID_BIN_DATA;
7041 st->discard = AVDISCARD_ALL;
7042 for (i = 0; i < st->nb_index_entries; i++) {
7043 AVIndexEntry *sample = &st->index_entries[i];
7044 int64_t end = i+1 < st->nb_index_entries ? st->index_entries[i+1].timestamp : st->duration;
7045 uint8_t *title;
7046 uint16_t ch;
7047 int len, title_len;
7048
7049 if (end < sample->timestamp) {
7050 av_log(s, AV_LOG_WARNING, "ignoring stream duration which is shorter than chapters\n");
7051 end = AV_NOPTS_VALUE;
7052 }
7053
7054 if (avio_seek(sc->pb, sample->pos, SEEK_SET) != sample->pos) {
7055 av_log(s, AV_LOG_ERROR, "Chapter %d not found in file\n", i);
7056 goto finish;
7057 }
7058
7059 // the first two bytes are the length of the title
7060 len = avio_rb16(sc->pb);
7061 if (len > sample->size-2)
7062 continue;
7063 title_len = 2*len + 1;
7064 if (!(title = av_mallocz(title_len)))
7065 goto finish;
7066
7067 // The samples could theoretically be in any encoding if there's an encd
7068 // atom following, but in practice are only utf-8 or utf-16, distinguished
7069 // instead by the presence of a BOM
7070 if (!len) {
7071 title[0] = 0;
7072 } else {
7073 ch = avio_rb16(sc->pb);
7074 if (ch == 0xfeff)
7075 avio_get_str16be(sc->pb, len, title, title_len);
7076 else if (ch == 0xfffe)
7077 avio_get_str16le(sc->pb, len, title, title_len);
7078 else {
7079 AV_WB16(title, ch);
7080 if (len == 1 || len == 2)
7081 title[len] = 0;
7082 else
7083 avio_get_str(sc->pb, INT_MAX, title + 2, len - 1);
7084 }
7085 }
7086
7087 avpriv_new_chapter(s, i, st->time_base, sample->timestamp, end, title);
7088 av_freep(&title);
7089 }
7090 }
7091 finish:
7092 avio_seek(sc->pb, cur_pos, SEEK_SET);
7093 }
7094 }
7095
parse_timecode_in_framenum_format(AVFormatContext * s,AVStream * st,uint32_t value,int flags)7096 static int parse_timecode_in_framenum_format(AVFormatContext *s, AVStream *st,
7097 uint32_t value, int flags)
7098 {
7099 AVTimecode tc;
7100 char buf[AV_TIMECODE_STR_SIZE];
7101 AVRational rate = st->avg_frame_rate;
7102 int ret = av_timecode_init(&tc, rate, flags, 0, s);
7103 if (ret < 0)
7104 return ret;
7105 av_dict_set(&st->metadata, "timecode",
7106 av_timecode_make_string(&tc, buf, value), 0);
7107 return 0;
7108 }
7109
mov_read_rtmd_track(AVFormatContext * s,AVStream * st)7110 static int mov_read_rtmd_track(AVFormatContext *s, AVStream *st)
7111 {
7112 MOVStreamContext *sc = st->priv_data;
7113 char buf[AV_TIMECODE_STR_SIZE];
7114 int64_t cur_pos = avio_tell(sc->pb);
7115 int hh, mm, ss, ff, drop;
7116
7117 if (!st->nb_index_entries)
7118 return -1;
7119
7120 avio_seek(sc->pb, st->index_entries->pos, SEEK_SET);
7121 avio_skip(s->pb, 13);
7122 hh = avio_r8(s->pb);
7123 mm = avio_r8(s->pb);
7124 ss = avio_r8(s->pb);
7125 drop = avio_r8(s->pb);
7126 ff = avio_r8(s->pb);
7127 snprintf(buf, AV_TIMECODE_STR_SIZE, "%02d:%02d:%02d%c%02d",
7128 hh, mm, ss, drop ? ';' : ':', ff);
7129 av_dict_set(&st->metadata, "timecode", buf, 0);
7130
7131 avio_seek(sc->pb, cur_pos, SEEK_SET);
7132 return 0;
7133 }
7134
mov_read_timecode_track(AVFormatContext * s,AVStream * st)7135 static int mov_read_timecode_track(AVFormatContext *s, AVStream *st)
7136 {
7137 MOVStreamContext *sc = st->priv_data;
7138 int flags = 0;
7139 int64_t cur_pos = avio_tell(sc->pb);
7140 uint32_t value;
7141
7142 if (!st->nb_index_entries)
7143 return -1;
7144
7145 avio_seek(sc->pb, st->index_entries->pos, SEEK_SET);
7146 value = avio_rb32(s->pb);
7147
7148 if (sc->tmcd_flags & 0x0001) flags |= AV_TIMECODE_FLAG_DROPFRAME;
7149 if (sc->tmcd_flags & 0x0002) flags |= AV_TIMECODE_FLAG_24HOURSMAX;
7150 if (sc->tmcd_flags & 0x0004) flags |= AV_TIMECODE_FLAG_ALLOWNEGATIVE;
7151
7152 /* Assume Counter flag is set to 1 in tmcd track (even though it is likely
7153 * not the case) and thus assume "frame number format" instead of QT one.
7154 * No sample with tmcd track can be found with a QT timecode at the moment,
7155 * despite what the tmcd track "suggests" (Counter flag set to 0 means QT
7156 * format). */
7157 parse_timecode_in_framenum_format(s, st, value, flags);
7158
7159 avio_seek(sc->pb, cur_pos, SEEK_SET);
7160 return 0;
7161 }
7162
mov_free_encryption_index(MOVEncryptionIndex ** index)7163 static void mov_free_encryption_index(MOVEncryptionIndex **index) {
7164 int i;
7165 if (!index || !*index) return;
7166 for (i = 0; i < (*index)->nb_encrypted_samples; i++) {
7167 av_encryption_info_free((*index)->encrypted_samples[i]);
7168 }
7169 av_freep(&(*index)->encrypted_samples);
7170 av_freep(&(*index)->auxiliary_info_sizes);
7171 av_freep(&(*index)->auxiliary_offsets);
7172 av_freep(index);
7173 }
7174
mov_read_close(AVFormatContext * s)7175 static int mov_read_close(AVFormatContext *s)
7176 {
7177 MOVContext *mov = s->priv_data;
7178 int i, j;
7179
7180 for (i = 0; i < s->nb_streams; i++) {
7181 AVStream *st = s->streams[i];
7182 MOVStreamContext *sc = st->priv_data;
7183
7184 if (!sc)
7185 continue;
7186
7187 av_freep(&sc->ctts_data);
7188 for (j = 0; j < sc->drefs_count; j++) {
7189 av_freep(&sc->drefs[j].path);
7190 av_freep(&sc->drefs[j].dir);
7191 }
7192 av_freep(&sc->drefs);
7193
7194 sc->drefs_count = 0;
7195
7196 if (!sc->pb_is_copied)
7197 ff_format_io_close(s, &sc->pb);
7198
7199 sc->pb = NULL;
7200 av_freep(&sc->chunk_offsets);
7201 av_freep(&sc->stsc_data);
7202 av_freep(&sc->sample_sizes);
7203 av_freep(&sc->keyframes);
7204 av_freep(&sc->stts_data);
7205 av_freep(&sc->stps_data);
7206 av_freep(&sc->elst_data);
7207 av_freep(&sc->rap_group);
7208 av_freep(&sc->display_matrix);
7209 av_freep(&sc->index_ranges);
7210
7211 if (sc->extradata)
7212 for (j = 0; j < sc->stsd_count; j++)
7213 av_free(sc->extradata[j]);
7214 av_freep(&sc->extradata);
7215 av_freep(&sc->extradata_size);
7216
7217 mov_free_encryption_index(&sc->cenc.encryption_index);
7218 av_encryption_info_free(sc->cenc.default_encrypted_sample);
7219 av_aes_ctr_free(sc->cenc.aes_ctr);
7220
7221 av_freep(&sc->stereo3d);
7222 av_freep(&sc->spherical);
7223 av_freep(&sc->mastering);
7224 av_freep(&sc->coll);
7225 }
7226
7227 if (mov->dv_demux) {
7228 avformat_free_context(mov->dv_fctx);
7229 mov->dv_fctx = NULL;
7230 }
7231
7232 if (mov->meta_keys) {
7233 for (i = 1; i < mov->meta_keys_count; i++) {
7234 av_freep(&mov->meta_keys[i]);
7235 }
7236 av_freep(&mov->meta_keys);
7237 }
7238
7239 av_freep(&mov->trex_data);
7240 av_freep(&mov->bitrates);
7241
7242 for (i = 0; i < mov->frag_index.nb_items; i++) {
7243 MOVFragmentStreamInfo *frag = mov->frag_index.item[i].stream_info;
7244 for (j = 0; j < mov->frag_index.item[i].nb_stream_info; j++) {
7245 mov_free_encryption_index(&frag[j].encryption_index);
7246 }
7247 av_freep(&mov->frag_index.item[i].stream_info);
7248 }
7249 av_freep(&mov->frag_index.item);
7250
7251 av_freep(&mov->aes_decrypt);
7252 av_freep(&mov->chapter_tracks);
7253
7254 return 0;
7255 }
7256
tmcd_is_referenced(AVFormatContext * s,int tmcd_id)7257 static int tmcd_is_referenced(AVFormatContext *s, int tmcd_id)
7258 {
7259 int i;
7260
7261 for (i = 0; i < s->nb_streams; i++) {
7262 AVStream *st = s->streams[i];
7263 MOVStreamContext *sc = st->priv_data;
7264
7265 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO &&
7266 sc->timecode_track == tmcd_id)
7267 return 1;
7268 }
7269 return 0;
7270 }
7271
7272 /* look for a tmcd track not referenced by any video track, and export it globally */
export_orphan_timecode(AVFormatContext * s)7273 static void export_orphan_timecode(AVFormatContext *s)
7274 {
7275 int i;
7276
7277 for (i = 0; i < s->nb_streams; i++) {
7278 AVStream *st = s->streams[i];
7279
7280 if (st->codecpar->codec_tag == MKTAG('t','m','c','d') &&
7281 !tmcd_is_referenced(s, i + 1)) {
7282 AVDictionaryEntry *tcr = av_dict_get(st->metadata, "timecode", NULL, 0);
7283 if (tcr) {
7284 av_dict_set(&s->metadata, "timecode", tcr->value, 0);
7285 break;
7286 }
7287 }
7288 }
7289 }
7290
read_tfra(MOVContext * mov,AVIOContext * f)7291 static int read_tfra(MOVContext *mov, AVIOContext *f)
7292 {
7293 int version, fieldlength, i, j;
7294 int64_t pos = avio_tell(f);
7295 uint32_t size = avio_rb32(f);
7296 unsigned track_id, item_count;
7297
7298 if (avio_rb32(f) != MKBETAG('t', 'f', 'r', 'a')) {
7299 return 1;
7300 }
7301 av_log(mov->fc, AV_LOG_VERBOSE, "found tfra\n");
7302
7303 version = avio_r8(f);
7304 avio_rb24(f);
7305 track_id = avio_rb32(f);
7306 fieldlength = avio_rb32(f);
7307 item_count = avio_rb32(f);
7308 for (i = 0; i < item_count; i++) {
7309 int64_t time, offset;
7310 int index;
7311 MOVFragmentStreamInfo * frag_stream_info;
7312
7313 if (avio_feof(f)) {
7314 return AVERROR_INVALIDDATA;
7315 }
7316
7317 if (version == 1) {
7318 time = avio_rb64(f);
7319 offset = avio_rb64(f);
7320 } else {
7321 time = avio_rb32(f);
7322 offset = avio_rb32(f);
7323 }
7324
7325 // The first sample of each stream in a fragment is always a random
7326 // access sample. So it's entry in the tfra can be used as the
7327 // initial PTS of the fragment.
7328 index = update_frag_index(mov, offset);
7329 frag_stream_info = get_frag_stream_info(&mov->frag_index, index, track_id);
7330 if (frag_stream_info &&
7331 frag_stream_info->first_tfra_pts == AV_NOPTS_VALUE)
7332 frag_stream_info->first_tfra_pts = time;
7333
7334 for (j = 0; j < ((fieldlength >> 4) & 3) + 1; j++)
7335 avio_r8(f);
7336 for (j = 0; j < ((fieldlength >> 2) & 3) + 1; j++)
7337 avio_r8(f);
7338 for (j = 0; j < ((fieldlength >> 0) & 3) + 1; j++)
7339 avio_r8(f);
7340 }
7341
7342 avio_seek(f, pos + size, SEEK_SET);
7343 return 0;
7344 }
7345
mov_read_mfra(MOVContext * c,AVIOContext * f)7346 static int mov_read_mfra(MOVContext *c, AVIOContext *f)
7347 {
7348 int64_t stream_size = avio_size(f);
7349 int64_t original_pos = avio_tell(f);
7350 int64_t seek_ret;
7351 int32_t mfra_size;
7352 int ret = -1;
7353 if ((seek_ret = avio_seek(f, stream_size - 4, SEEK_SET)) < 0) {
7354 ret = seek_ret;
7355 goto fail;
7356 }
7357 mfra_size = avio_rb32(f);
7358 if (mfra_size < 0 || mfra_size > stream_size) {
7359 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (unreasonable size)\n");
7360 goto fail;
7361 }
7362 if ((seek_ret = avio_seek(f, -mfra_size, SEEK_CUR)) < 0) {
7363 ret = seek_ret;
7364 goto fail;
7365 }
7366 if (avio_rb32(f) != mfra_size) {
7367 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (size mismatch)\n");
7368 goto fail;
7369 }
7370 if (avio_rb32(f) != MKBETAG('m', 'f', 'r', 'a')) {
7371 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (tag mismatch)\n");
7372 goto fail;
7373 }
7374 av_log(c->fc, AV_LOG_VERBOSE, "stream has mfra\n");
7375 do {
7376 ret = read_tfra(c, f);
7377 if (ret < 0)
7378 goto fail;
7379 } while (!ret);
7380 ret = 0;
7381 fail:
7382 seek_ret = avio_seek(f, original_pos, SEEK_SET);
7383 if (seek_ret < 0) {
7384 av_log(c->fc, AV_LOG_ERROR,
7385 "failed to seek back after looking for mfra\n");
7386 ret = seek_ret;
7387 }
7388 return ret;
7389 }
7390
mov_read_header(AVFormatContext * s)7391 static int mov_read_header(AVFormatContext *s)
7392 {
7393 MOVContext *mov = s->priv_data;
7394 AVIOContext *pb = s->pb;
7395 int j, err;
7396 MOVAtom atom = { AV_RL32("root") };
7397 int i;
7398
7399 if (mov->decryption_key_len != 0 && mov->decryption_key_len != AES_CTR_KEY_SIZE) {
7400 av_log(s, AV_LOG_ERROR, "Invalid decryption key len %d expected %d\n",
7401 mov->decryption_key_len, AES_CTR_KEY_SIZE);
7402 return AVERROR(EINVAL);
7403 }
7404
7405 mov->fc = s;
7406 mov->trak_index = -1;
7407 /* .mov and .mp4 aren't streamable anyway (only progressive download if moov is before mdat) */
7408 if (pb->seekable & AVIO_SEEKABLE_NORMAL)
7409 atom.size = avio_size(pb);
7410 else
7411 atom.size = INT64_MAX;
7412
7413 /* check MOV header */
7414 do {
7415 if (mov->moov_retry)
7416 avio_seek(pb, 0, SEEK_SET);
7417 if ((err = mov_read_default(mov, pb, atom)) < 0) {
7418 av_log(s, AV_LOG_ERROR, "error reading header\n");
7419 mov_read_close(s);
7420 return err;
7421 }
7422 } while ((pb->seekable & AVIO_SEEKABLE_NORMAL) && !mov->found_moov && !mov->moov_retry++);
7423 if (!mov->found_moov) {
7424 av_log(s, AV_LOG_ERROR, "moov atom not found\n");
7425 mov_read_close(s);
7426 return AVERROR_INVALIDDATA;
7427 }
7428 av_log(mov->fc, AV_LOG_TRACE, "on_parse_exit_offset=%"PRId64"\n", avio_tell(pb));
7429
7430 if (pb->seekable & AVIO_SEEKABLE_NORMAL) {
7431 if (mov->nb_chapter_tracks > 0 && !mov->ignore_chapters)
7432 mov_read_chapters(s);
7433 for (i = 0; i < s->nb_streams; i++)
7434 if (s->streams[i]->codecpar->codec_tag == AV_RL32("tmcd")) {
7435 mov_read_timecode_track(s, s->streams[i]);
7436 } else if (s->streams[i]->codecpar->codec_tag == AV_RL32("rtmd")) {
7437 mov_read_rtmd_track(s, s->streams[i]);
7438 }
7439 }
7440
7441 /* copy timecode metadata from tmcd tracks to the related video streams */
7442 for (i = 0; i < s->nb_streams; i++) {
7443 AVStream *st = s->streams[i];
7444 MOVStreamContext *sc = st->priv_data;
7445 if (sc->timecode_track > 0) {
7446 AVDictionaryEntry *tcr;
7447 int tmcd_st_id = -1;
7448
7449 for (j = 0; j < s->nb_streams; j++)
7450 if (s->streams[j]->id == sc->timecode_track)
7451 tmcd_st_id = j;
7452
7453 if (tmcd_st_id < 0 || tmcd_st_id == i)
7454 continue;
7455 tcr = av_dict_get(s->streams[tmcd_st_id]->metadata, "timecode", NULL, 0);
7456 if (tcr)
7457 av_dict_set(&st->metadata, "timecode", tcr->value, 0);
7458 }
7459 }
7460 export_orphan_timecode(s);
7461
7462 for (i = 0; i < s->nb_streams; i++) {
7463 AVStream *st = s->streams[i];
7464 MOVStreamContext *sc = st->priv_data;
7465 fix_timescale(mov, sc);
7466 if(st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO && st->codecpar->codec_id == AV_CODEC_ID_AAC) {
7467 st->skip_samples = sc->start_pad;
7468 }
7469 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && sc->nb_frames_for_fps > 0 && sc->duration_for_fps > 0)
7470 av_reduce(&st->avg_frame_rate.num, &st->avg_frame_rate.den,
7471 sc->time_scale*(int64_t)sc->nb_frames_for_fps, sc->duration_for_fps, INT_MAX);
7472 if (st->codecpar->codec_type == AVMEDIA_TYPE_SUBTITLE) {
7473 if (st->codecpar->width <= 0 || st->codecpar->height <= 0) {
7474 st->codecpar->width = sc->width;
7475 st->codecpar->height = sc->height;
7476 }
7477 if (st->codecpar->codec_id == AV_CODEC_ID_DVD_SUBTITLE) {
7478 if ((err = mov_rewrite_dvd_sub_extradata(st)) < 0)
7479 return err;
7480 }
7481 }
7482 if (mov->handbrake_version &&
7483 mov->handbrake_version <= 1000000*0 + 1000*10 + 2 && // 0.10.2
7484 st->codecpar->codec_id == AV_CODEC_ID_MP3
7485 ) {
7486 av_log(s, AV_LOG_VERBOSE, "Forcing full parsing for mp3 stream\n");
7487 st->need_parsing = AVSTREAM_PARSE_FULL;
7488 }
7489 }
7490
7491 if (mov->trex_data) {
7492 for (i = 0; i < s->nb_streams; i++) {
7493 AVStream *st = s->streams[i];
7494 MOVStreamContext *sc = st->priv_data;
7495 if (st->duration > 0) {
7496 if (sc->data_size > INT64_MAX / sc->time_scale / 8) {
7497 av_log(s, AV_LOG_ERROR, "Overflow during bit rate calculation %"PRId64" * 8 * %d\n",
7498 sc->data_size, sc->time_scale);
7499 mov_read_close(s);
7500 return AVERROR_INVALIDDATA;
7501 }
7502 st->codecpar->bit_rate = sc->data_size * 8 * sc->time_scale / st->duration;
7503 }
7504 }
7505 }
7506
7507 if (mov->use_mfra_for > 0) {
7508 for (i = 0; i < s->nb_streams; i++) {
7509 AVStream *st = s->streams[i];
7510 MOVStreamContext *sc = st->priv_data;
7511 if (sc->duration_for_fps > 0) {
7512 if (sc->data_size > INT64_MAX / sc->time_scale / 8) {
7513 av_log(s, AV_LOG_ERROR, "Overflow during bit rate calculation %"PRId64" * 8 * %d\n",
7514 sc->data_size, sc->time_scale);
7515 mov_read_close(s);
7516 return AVERROR_INVALIDDATA;
7517 }
7518 st->codecpar->bit_rate = sc->data_size * 8 * sc->time_scale /
7519 sc->duration_for_fps;
7520 }
7521 }
7522 }
7523
7524 for (i = 0; i < mov->bitrates_count && i < s->nb_streams; i++) {
7525 if (mov->bitrates[i]) {
7526 s->streams[i]->codecpar->bit_rate = mov->bitrates[i];
7527 }
7528 }
7529
7530 ff_rfps_calculate(s);
7531
7532 for (i = 0; i < s->nb_streams; i++) {
7533 AVStream *st = s->streams[i];
7534 MOVStreamContext *sc = st->priv_data;
7535
7536 switch (st->codecpar->codec_type) {
7537 case AVMEDIA_TYPE_AUDIO:
7538 err = ff_replaygain_export(st, s->metadata);
7539 if (err < 0) {
7540 mov_read_close(s);
7541 return err;
7542 }
7543 break;
7544 case AVMEDIA_TYPE_VIDEO:
7545 if (sc->display_matrix) {
7546 err = av_stream_add_side_data(st, AV_PKT_DATA_DISPLAYMATRIX, (uint8_t*)sc->display_matrix,
7547 sizeof(int32_t) * 9);
7548 if (err < 0)
7549 return err;
7550
7551 sc->display_matrix = NULL;
7552 }
7553 if (sc->stereo3d) {
7554 err = av_stream_add_side_data(st, AV_PKT_DATA_STEREO3D,
7555 (uint8_t *)sc->stereo3d,
7556 sizeof(*sc->stereo3d));
7557 if (err < 0)
7558 return err;
7559
7560 sc->stereo3d = NULL;
7561 }
7562 if (sc->spherical) {
7563 err = av_stream_add_side_data(st, AV_PKT_DATA_SPHERICAL,
7564 (uint8_t *)sc->spherical,
7565 sc->spherical_size);
7566 if (err < 0)
7567 return err;
7568
7569 sc->spherical = NULL;
7570 }
7571 if (sc->mastering) {
7572 err = av_stream_add_side_data(st, AV_PKT_DATA_MASTERING_DISPLAY_METADATA,
7573 (uint8_t *)sc->mastering,
7574 sizeof(*sc->mastering));
7575 if (err < 0)
7576 return err;
7577
7578 sc->mastering = NULL;
7579 }
7580 if (sc->coll) {
7581 err = av_stream_add_side_data(st, AV_PKT_DATA_CONTENT_LIGHT_LEVEL,
7582 (uint8_t *)sc->coll,
7583 sc->coll_size);
7584 if (err < 0)
7585 return err;
7586
7587 sc->coll = NULL;
7588 }
7589 break;
7590 }
7591 }
7592 ff_configure_buffers_for_index(s, AV_TIME_BASE);
7593
7594 for (i = 0; i < mov->frag_index.nb_items; i++)
7595 if (mov->frag_index.item[i].moof_offset <= mov->fragment.moof_offset)
7596 mov->frag_index.item[i].headers_read = 1;
7597
7598 return 0;
7599 }
7600
mov_find_next_sample(AVFormatContext * s,AVStream ** st)7601 static AVIndexEntry *mov_find_next_sample(AVFormatContext *s, AVStream **st)
7602 {
7603 AVIndexEntry *sample = NULL;
7604 int64_t best_dts = INT64_MAX;
7605 int i;
7606 for (i = 0; i < s->nb_streams; i++) {
7607 AVStream *avst = s->streams[i];
7608 MOVStreamContext *msc = avst->priv_data;
7609 if (msc->pb && msc->current_sample < avst->nb_index_entries) {
7610 AVIndexEntry *current_sample = &avst->index_entries[msc->current_sample];
7611 int64_t dts = av_rescale(current_sample->timestamp, AV_TIME_BASE, msc->time_scale);
7612 av_log(s, AV_LOG_TRACE, "stream %d, sample %d, dts %"PRId64"\n", i, msc->current_sample, dts);
7613 if (!sample || (!(s->pb->seekable & AVIO_SEEKABLE_NORMAL) && current_sample->pos < sample->pos) ||
7614 ((s->pb->seekable & AVIO_SEEKABLE_NORMAL) &&
7615 ((msc->pb != s->pb && dts < best_dts) || (msc->pb == s->pb &&
7616 ((FFABS(best_dts - dts) <= AV_TIME_BASE && current_sample->pos < sample->pos) ||
7617 (FFABS(best_dts - dts) > AV_TIME_BASE && dts < best_dts)))))) {
7618 sample = current_sample;
7619 best_dts = dts;
7620 *st = avst;
7621 }
7622 }
7623 }
7624 return sample;
7625 }
7626
should_retry(AVIOContext * pb,int error_code)7627 static int should_retry(AVIOContext *pb, int error_code) {
7628 if (error_code == AVERROR_EOF || avio_feof(pb))
7629 return 0;
7630
7631 return 1;
7632 }
7633
mov_switch_root(AVFormatContext * s,int64_t target,int index)7634 static int mov_switch_root(AVFormatContext *s, int64_t target, int index)
7635 {
7636 int ret;
7637 MOVContext *mov = s->priv_data;
7638
7639 if (index >= 0 && index < mov->frag_index.nb_items)
7640 target = mov->frag_index.item[index].moof_offset;
7641 if (avio_seek(s->pb, target, SEEK_SET) != target) {
7642 av_log(mov->fc, AV_LOG_ERROR, "root atom offset 0x%"PRIx64": partial file\n", target);
7643 return AVERROR_INVALIDDATA;
7644 }
7645
7646 mov->next_root_atom = 0;
7647 if (index < 0 || index >= mov->frag_index.nb_items)
7648 index = search_frag_moof_offset(&mov->frag_index, target);
7649 if (index < mov->frag_index.nb_items) {
7650 if (index + 1 < mov->frag_index.nb_items)
7651 mov->next_root_atom = mov->frag_index.item[index + 1].moof_offset;
7652 if (mov->frag_index.item[index].headers_read)
7653 return 0;
7654 mov->frag_index.item[index].headers_read = 1;
7655 }
7656
7657 mov->found_mdat = 0;
7658
7659 ret = mov_read_default(mov, s->pb, (MOVAtom){ AV_RL32("root"), INT64_MAX });
7660 if (ret < 0)
7661 return ret;
7662 if (avio_feof(s->pb))
7663 return AVERROR_EOF;
7664 av_log(s, AV_LOG_TRACE, "read fragments, offset 0x%"PRIx64"\n", avio_tell(s->pb));
7665
7666 return 1;
7667 }
7668
mov_change_extradata(MOVStreamContext * sc,AVPacket * pkt)7669 static int mov_change_extradata(MOVStreamContext *sc, AVPacket *pkt)
7670 {
7671 uint8_t *side, *extradata;
7672 int extradata_size;
7673
7674 /* Save the current index. */
7675 sc->last_stsd_index = sc->stsc_data[sc->stsc_index].id - 1;
7676
7677 /* Notify the decoder that extradata changed. */
7678 extradata_size = sc->extradata_size[sc->last_stsd_index];
7679 extradata = sc->extradata[sc->last_stsd_index];
7680 if (extradata_size > 0 && extradata) {
7681 side = av_packet_new_side_data(pkt,
7682 AV_PKT_DATA_NEW_EXTRADATA,
7683 extradata_size);
7684 if (!side)
7685 return AVERROR(ENOMEM);
7686 memcpy(side, extradata, extradata_size);
7687 }
7688
7689 return 0;
7690 }
7691
mov_read_packet(AVFormatContext * s,AVPacket * pkt)7692 static int mov_read_packet(AVFormatContext *s, AVPacket *pkt)
7693 {
7694 MOVContext *mov = s->priv_data;
7695 MOVStreamContext *sc;
7696 AVIndexEntry *sample;
7697 AVStream *st = NULL;
7698 int64_t current_index;
7699 int ret;
7700 mov->fc = s;
7701 retry:
7702 sample = mov_find_next_sample(s, &st);
7703 if (!sample || (mov->next_root_atom && sample->pos > mov->next_root_atom)) {
7704 if (!mov->next_root_atom)
7705 return AVERROR_EOF;
7706 if ((ret = mov_switch_root(s, mov->next_root_atom, -1)) < 0)
7707 return ret;
7708 goto retry;
7709 }
7710 sc = st->priv_data;
7711 /* must be done just before reading, to avoid infinite loop on sample */
7712 current_index = sc->current_index;
7713 mov_current_sample_inc(sc);
7714
7715 if (mov->next_root_atom) {
7716 sample->pos = FFMIN(sample->pos, mov->next_root_atom);
7717 sample->size = FFMIN(sample->size, (mov->next_root_atom - sample->pos));
7718 }
7719
7720 if (st->discard != AVDISCARD_ALL) {
7721 int64_t ret64 = avio_seek(sc->pb, sample->pos, SEEK_SET);
7722 if (ret64 != sample->pos) {
7723 av_log(mov->fc, AV_LOG_ERROR, "stream %d, offset 0x%"PRIx64": partial file\n",
7724 sc->ffindex, sample->pos);
7725 if (should_retry(sc->pb, ret64)) {
7726 mov_current_sample_dec(sc);
7727 }
7728 return AVERROR_INVALIDDATA;
7729 }
7730
7731 if( st->discard == AVDISCARD_NONKEY && 0==(sample->flags & AVINDEX_KEYFRAME) ) {
7732 av_log(mov->fc, AV_LOG_DEBUG, "Nonkey frame from stream %d discarded due to AVDISCARD_NONKEY\n", sc->ffindex);
7733 goto retry;
7734 }
7735
7736 ret = av_get_packet(sc->pb, pkt, sample->size);
7737 if (ret < 0) {
7738 if (should_retry(sc->pb, ret)) {
7739 mov_current_sample_dec(sc);
7740 }
7741 return ret;
7742 }
7743 if (sc->has_palette) {
7744 uint8_t *pal;
7745
7746 pal = av_packet_new_side_data(pkt, AV_PKT_DATA_PALETTE, AVPALETTE_SIZE);
7747 if (!pal) {
7748 av_log(mov->fc, AV_LOG_ERROR, "Cannot append palette to packet\n");
7749 } else {
7750 memcpy(pal, sc->palette, AVPALETTE_SIZE);
7751 sc->has_palette = 0;
7752 }
7753 }
7754 #if CONFIG_DV_DEMUXER
7755 if (mov->dv_demux && sc->dv_audio_container) {
7756 avpriv_dv_produce_packet(mov->dv_demux, pkt, pkt->data, pkt->size, pkt->pos);
7757 av_freep(&pkt->data);
7758 pkt->size = 0;
7759 ret = avpriv_dv_get_packet(mov->dv_demux, pkt);
7760 if (ret < 0)
7761 return ret;
7762 }
7763 #endif
7764 if (st->codecpar->codec_id == AV_CODEC_ID_MP3 && !st->need_parsing && pkt->size > 4) {
7765 if (ff_mpa_check_header(AV_RB32(pkt->data)) < 0)
7766 st->need_parsing = AVSTREAM_PARSE_FULL;
7767 }
7768 }
7769
7770 pkt->stream_index = sc->ffindex;
7771 pkt->dts = sample->timestamp;
7772 if (sample->flags & AVINDEX_DISCARD_FRAME) {
7773 pkt->flags |= AV_PKT_FLAG_DISCARD;
7774 }
7775 if (sc->ctts_data && sc->ctts_index < sc->ctts_count) {
7776 pkt->pts = pkt->dts + sc->dts_shift + sc->ctts_data[sc->ctts_index].duration;
7777 /* update ctts context */
7778 sc->ctts_sample++;
7779 if (sc->ctts_index < sc->ctts_count &&
7780 sc->ctts_data[sc->ctts_index].count == sc->ctts_sample) {
7781 sc->ctts_index++;
7782 sc->ctts_sample = 0;
7783 }
7784 } else {
7785 int64_t next_dts = (sc->current_sample < st->nb_index_entries) ?
7786 st->index_entries[sc->current_sample].timestamp : st->duration;
7787
7788 if (next_dts >= pkt->dts)
7789 pkt->duration = next_dts - pkt->dts;
7790 pkt->pts = pkt->dts;
7791 }
7792 if (st->discard == AVDISCARD_ALL)
7793 goto retry;
7794 pkt->flags |= sample->flags & AVINDEX_KEYFRAME ? AV_PKT_FLAG_KEY : 0;
7795 pkt->pos = sample->pos;
7796
7797 /* Multiple stsd handling. */
7798 if (sc->stsc_data) {
7799 /* Keep track of the stsc index for the given sample, then check
7800 * if the stsd index is different from the last used one. */
7801 sc->stsc_sample++;
7802 if (mov_stsc_index_valid(sc->stsc_index, sc->stsc_count) &&
7803 mov_get_stsc_samples(sc, sc->stsc_index) == sc->stsc_sample) {
7804 sc->stsc_index++;
7805 sc->stsc_sample = 0;
7806 /* Do not check indexes after a switch. */
7807 } else if (sc->stsc_data[sc->stsc_index].id > 0 &&
7808 sc->stsc_data[sc->stsc_index].id - 1 < sc->stsd_count &&
7809 sc->stsc_data[sc->stsc_index].id - 1 != sc->last_stsd_index) {
7810 ret = mov_change_extradata(sc, pkt);
7811 if (ret < 0)
7812 return ret;
7813 }
7814 }
7815
7816 if (mov->aax_mode)
7817 aax_filter(pkt->data, pkt->size, mov);
7818
7819 ret = cenc_filter(mov, st, sc, pkt, current_index);
7820 if (ret < 0)
7821 return ret;
7822
7823 return 0;
7824 }
7825
mov_seek_fragment(AVFormatContext * s,AVStream * st,int64_t timestamp)7826 static int mov_seek_fragment(AVFormatContext *s, AVStream *st, int64_t timestamp)
7827 {
7828 MOVContext *mov = s->priv_data;
7829 int index;
7830
7831 if (!mov->frag_index.complete)
7832 return 0;
7833
7834 index = search_frag_timestamp(&mov->frag_index, st, timestamp);
7835 if (index < 0)
7836 index = 0;
7837 if (!mov->frag_index.item[index].headers_read)
7838 return mov_switch_root(s, -1, index);
7839 if (index + 1 < mov->frag_index.nb_items)
7840 mov->next_root_atom = mov->frag_index.item[index + 1].moof_offset;
7841
7842 return 0;
7843 }
7844
mov_seek_stream(AVFormatContext * s,AVStream * st,int64_t timestamp,int flags)7845 static int mov_seek_stream(AVFormatContext *s, AVStream *st, int64_t timestamp, int flags)
7846 {
7847 MOVStreamContext *sc = st->priv_data;
7848 int sample, time_sample, ret;
7849 unsigned int i;
7850
7851 // Here we consider timestamp to be PTS, hence try to offset it so that we
7852 // can search over the DTS timeline.
7853 timestamp -= (sc->min_corrected_pts + sc->dts_shift);
7854
7855 ret = mov_seek_fragment(s, st, timestamp);
7856 if (ret < 0)
7857 return ret;
7858
7859 sample = av_index_search_timestamp(st, timestamp, flags);
7860 av_log(s, AV_LOG_TRACE, "stream %d, timestamp %"PRId64", sample %d\n", st->index, timestamp, sample);
7861 if (sample < 0 && st->nb_index_entries && timestamp < st->index_entries[0].timestamp)
7862 sample = 0;
7863 if (sample < 0) /* not sure what to do */
7864 return AVERROR_INVALIDDATA;
7865 mov_current_sample_set(sc, sample);
7866 av_log(s, AV_LOG_TRACE, "stream %d, found sample %d\n", st->index, sc->current_sample);
7867 /* adjust ctts index */
7868 if (sc->ctts_data) {
7869 time_sample = 0;
7870 for (i = 0; i < sc->ctts_count; i++) {
7871 int next = time_sample + sc->ctts_data[i].count;
7872 if (next > sc->current_sample) {
7873 sc->ctts_index = i;
7874 sc->ctts_sample = sc->current_sample - time_sample;
7875 break;
7876 }
7877 time_sample = next;
7878 }
7879 }
7880
7881 /* adjust stsd index */
7882 time_sample = 0;
7883 for (i = 0; i < sc->stsc_count; i++) {
7884 int64_t next = time_sample + mov_get_stsc_samples(sc, i);
7885 if (next > sc->current_sample) {
7886 sc->stsc_index = i;
7887 sc->stsc_sample = sc->current_sample - time_sample;
7888 break;
7889 }
7890 av_assert0(next == (int)next);
7891 time_sample = next;
7892 }
7893
7894 return sample;
7895 }
7896
mov_read_seek(AVFormatContext * s,int stream_index,int64_t sample_time,int flags)7897 static int mov_read_seek(AVFormatContext *s, int stream_index, int64_t sample_time, int flags)
7898 {
7899 MOVContext *mc = s->priv_data;
7900 AVStream *st;
7901 int sample;
7902 int i;
7903
7904 if (stream_index >= s->nb_streams)
7905 return AVERROR_INVALIDDATA;
7906
7907 st = s->streams[stream_index];
7908 sample = mov_seek_stream(s, st, sample_time, flags);
7909 if (sample < 0)
7910 return sample;
7911
7912 if (mc->seek_individually) {
7913 /* adjust seek timestamp to found sample timestamp */
7914 int64_t seek_timestamp = st->index_entries[sample].timestamp;
7915
7916 for (i = 0; i < s->nb_streams; i++) {
7917 int64_t timestamp;
7918 MOVStreamContext *sc = s->streams[i]->priv_data;
7919 st = s->streams[i];
7920 st->skip_samples = (sample_time <= 0) ? sc->start_pad : 0;
7921
7922 if (stream_index == i)
7923 continue;
7924
7925 timestamp = av_rescale_q(seek_timestamp, s->streams[stream_index]->time_base, st->time_base);
7926 mov_seek_stream(s, st, timestamp, flags);
7927 }
7928 } else {
7929 for (i = 0; i < s->nb_streams; i++) {
7930 MOVStreamContext *sc;
7931 st = s->streams[i];
7932 sc = st->priv_data;
7933 mov_current_sample_set(sc, 0);
7934 }
7935 while (1) {
7936 MOVStreamContext *sc;
7937 AVIndexEntry *entry = mov_find_next_sample(s, &st);
7938 if (!entry)
7939 return AVERROR_INVALIDDATA;
7940 sc = st->priv_data;
7941 if (sc->ffindex == stream_index && sc->current_sample == sample)
7942 break;
7943 mov_current_sample_inc(sc);
7944 }
7945 }
7946 return 0;
7947 }
7948
7949 #define OFFSET(x) offsetof(MOVContext, x)
7950 #define FLAGS AV_OPT_FLAG_VIDEO_PARAM | AV_OPT_FLAG_DECODING_PARAM
7951 static const AVOption mov_options[] = {
7952 {"use_absolute_path",
7953 "allow using absolute path when opening alias, this is a possible security issue",
7954 OFFSET(use_absolute_path), AV_OPT_TYPE_BOOL, {.i64 = 0},
7955 0, 1, FLAGS},
7956 {"seek_streams_individually",
7957 "Seek each stream individually to the to the closest point",
7958 OFFSET(seek_individually), AV_OPT_TYPE_BOOL, { .i64 = 1 },
7959 0, 1, FLAGS},
7960 {"ignore_editlist", "Ignore the edit list atom.", OFFSET(ignore_editlist), AV_OPT_TYPE_BOOL, {.i64 = 0},
7961 0, 1, FLAGS},
7962 {"advanced_editlist",
7963 "Modify the AVIndex according to the editlists. Use this option to decode in the order specified by the edits.",
7964 OFFSET(advanced_editlist), AV_OPT_TYPE_BOOL, {.i64 = 1},
7965 0, 1, FLAGS},
7966 {"ignore_chapters", "", OFFSET(ignore_chapters), AV_OPT_TYPE_BOOL, {.i64 = 0},
7967 0, 1, FLAGS},
7968 {"use_mfra_for",
7969 "use mfra for fragment timestamps",
7970 OFFSET(use_mfra_for), AV_OPT_TYPE_INT, {.i64 = FF_MOV_FLAG_MFRA_AUTO},
7971 -1, FF_MOV_FLAG_MFRA_PTS, FLAGS,
7972 "use_mfra_for"},
7973 {"auto", "auto", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_AUTO}, 0, 0,
7974 FLAGS, "use_mfra_for" },
7975 {"dts", "dts", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_DTS}, 0, 0,
7976 FLAGS, "use_mfra_for" },
7977 {"pts", "pts", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_PTS}, 0, 0,
7978 FLAGS, "use_mfra_for" },
7979 { "export_all", "Export unrecognized metadata entries", OFFSET(export_all),
7980 AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, .flags = FLAGS },
7981 { "export_xmp", "Export full XMP metadata", OFFSET(export_xmp),
7982 AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, .flags = FLAGS },
7983 { "activation_bytes", "Secret bytes for Audible AAX files", OFFSET(activation_bytes),
7984 AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
7985 { "audible_fixed_key", // extracted from libAAX_SDK.so and AAXSDKWin.dll files!
7986 "Fixed key used for handling Audible AAX files", OFFSET(audible_fixed_key),
7987 AV_OPT_TYPE_BINARY, {.str="77214d4b196a87cd520045fd20a51d67"},
7988 .flags = AV_OPT_FLAG_DECODING_PARAM },
7989 { "decryption_key", "The media decryption key (hex)", OFFSET(decryption_key), AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
7990 { "enable_drefs", "Enable external track support.", OFFSET(enable_drefs), AV_OPT_TYPE_BOOL,
7991 {.i64 = 0}, 0, 1, FLAGS },
7992
7993 { NULL },
7994 };
7995
7996 static const AVClass mov_class = {
7997 .class_name = "mov,mp4,m4a,3gp,3g2,mj2",
7998 .item_name = av_default_item_name,
7999 .option = mov_options,
8000 .version = LIBAVUTIL_VERSION_INT,
8001 };
8002
8003 AVInputFormat ff_mov_demuxer = {
8004 .name = "mov,mp4,m4a,3gp,3g2,mj2",
8005 .long_name = NULL_IF_CONFIG_SMALL("QuickTime / MOV"),
8006 .priv_class = &mov_class,
8007 .priv_data_size = sizeof(MOVContext),
8008 .extensions = "mov,mp4,m4a,3gp,3g2,mj2",
8009 .read_probe = mov_probe,
8010 .read_header = mov_read_header,
8011 .read_packet = mov_read_packet,
8012 .read_close = mov_read_close,
8013 .read_seek = mov_read_seek,
8014 .flags = AVFMT_NO_BYTE_SEEK,
8015 };
8016