Used a technique similar to lavc/tdsc.c for invoking the MJPEG decoder.
This commit adds support for:
- DNG tiles
- DNG tile huffman lossless JPEG decoding
- DNG 8-bpp ("packed" as dcraw calls it) decoding
- DNG color scaling [1]
- LinearizationTable tag
- BlackLevel tag
[1]: As specified in the DNG Specification - Chapter 5
Signed-off-by: Nick Renieris <velocityra@gmail.com>
This may break some valid tiff files, it appears the specification does not require
the offsets to be increasing. They increase in the 2 test files i have though except
the last offset which is 0 (an end marker) and for which a special case is added to
avoid asking for a sample for that end marker.
See: [FFmpeg-devel] [PATCH 2/2] avcodec/tiff: Detect infinite retry loop
for an alternative implementation
Fixes: Timeout (Infinite -> Finite)
Fixes: 15706/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5114674904825856
This variant was requested by paul on IRC
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Additionally:
- Renamed TIFF_WHITE_LEVEL to DNG_WHITE_LEVEL since it is specified
in the DNG spec.
- Added/changed some comments to be more precise in differentiating
between TIFF, TIFF/EP and DNG values.
Related to ticket: https://trac.ffmpeg.org/ticket/4364
Signed-off-by: Nick Renieris <velocityra@gmail.com>
SubIFDs that were part of more than single-sized "SubIFDs" tags were
being ignored due to existing code ignoring that case.
This patch makes is so the first entry is read, which is not ideal
but enough for some DNG images present in the wild to be decodeable
More specifically, the first SubIFD which we would process with this
patch is the main image and the second one is a second thumbnail,
which is not as important to decode.
In DNG images with the .tiff extension, it solves the issue where
the TIFF thumbnail in IFD 0 was incorrectly parsed (related
confusion: [1]).
Embedded thumbnails for DNG images can still be decoded with the
"-thumbnail" option.
Related to ticket: https://trac.ffmpeg.org/ticket/4364
[1]: https://superuser.com/questions/546879/creating-video-from-dng-images-with-ffmpeg
Signed-off-by: Nick Renieris <velocityra@gmail.com>
Adds the "-thumbnail" option, that works like the current "-subifd"
option, but only for non-full-sized images.
This is particularly useful for DNG images (see next commit) that
have SubIFDs that are not necessarily thumbnails.
Signed-off-by: Nick Renieris <velocityra@gmail.com>
Option "-page N" (page index N starts from 1) can now be used to specify which TIFF page/subfile to decode.
Signed-off-by: Nick Renieris <velocityra@gmail.com>
Fixes: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 11377/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5694319101476864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Timeout
Fixes: 10280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5676217211027456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 538976288 * 32 cannot be represented in type 'int'
Fixes: 2310/clusterfuzz-testcase-minimized-4534784887881728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes multiple runtime error: shift exponent 792 is too large for 32-bit type 'unsigned int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This should make no difference as the value should not be able to be that large
but its more correct this way
Fixes CID1348138
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The arguments of av_reduce are signed, so the cast to uint64_t is misleading.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Fixes out of array access
Fixes: 83aedfb29af669c4d6e10f1bfad974d2/asan_heap-oob_1ab42fe_4984_9f6ec14462f8d8a00ea24b320572a963.tif
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* commit 'ae5e1f3d66':
tiff: Check that there is no aliasing in pixel format selection
See: e1c0cfaa41
Merged-by: Michael Niedermayer <michaelni@gmx.at>
