Although the fag end of both the NALU and the bitstream buffer
is being parsed, not all FGC SEI symbols would have been
decoded semantically. This commit detects and returns an error
in this situation.
Bug = ossfuzz:65418
Test: mvc_dec_fuzzer
There can be cases where there are multiple SEI payloads within a
single SEI NAL. In the particulkar case where the payload comprises
exclusiely of FGC data, the size of the NAL can exceed the size
of the 'dynamic bitstream buffer' which is used to pass the NALU
onto its appropriate parser.
This commit adds 'imvcd_bitstream_buf_realloc' which re-allocates
the 'dynamic bitstream buffer' such that any arbitrarily sized
NALU can be stored without a heap overflow.
Bug = ossfuzz:64286
Test: svc_enc_fuzzer
The cases where the value for log2MaxPocLsb was exceeding
'MAX_BITS_IN_POC_LSB' was not being handled correctly,
which was resulting in an integer overflow. This has been
fixed.
Test: mvc_dec_fuzzer
[x] For certain sequences of modification_of_pic_nums_idc,
OOB accessses of the aps_mod_dpb buffer within mvc_dpb_manager_t
struct could occur. This case has been now detected
and handled.
[x] Removed unused variables in 'imvcd_slice_functions.c'.
Test: mvc_dec_fuzzer
The worst case FGC SEI payload size in cojunction with the worst
case sizes of other NALU's can be significantly larger than the
default bitstream buffer size of 256000. It is now set to the sum
of 256000 and MAX_FGC_SEI_SIZE.
Bug: ossFuzz:58190
Test: mvc_dec_fuzzer
- Only libavcdec is marked as available to apex modules instead
of marking all decoder libraries to be available to apex modules.
- some formatting changes for consistency with neighboring lines.
Test: Builds
- Add SII flag and SII parameters for the encoder and decoder.
- Encoder: Added support for SII SEI
- Decoder: Added support for SII SEI parsing and exporting
Use generic function pointers on riscv.
Test: built for aosp_riscv64
Signed-off-by: Mao Han <han_mao@linux.alibaba.com>
Change-Id: I424d15396d7e9711d23a6118f92aee0fc7924c28
The logic for inserting long term refs was failing
when the new ltIdx was greater than any of the
existing ltIdx in the DPB
Bug: 242723830
Test: fuzzer poc in bug
Change-Id: Iea9d71e563910a884ddfc2ddc6d6ab2b32581fde
abs_diff_view_idx_minus1 is present in NALU with NALUID=20
within ref_pic_list_mvc_modification
Bug: 242723830
Test: fuzzer poc in bug
Change-Id: I6ff31b3294cd01484712eebdb6bff1e336f06e38
