1 /*
2 * MOV demuxer
3 * Copyright (c) 2001 Fabrice Bellard
4 * Copyright (c) 2009 Baptiste Coudurier <baptiste dot coudurier at gmail dot com>
5 *
6 * first version by Francois Revol <revol@free.fr>
7 * seek function by Gael Chardon <gael.dev@4now.net>
8 *
9 * This file is part of FFmpeg.
10 *
11 * FFmpeg is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU Lesser General Public
13 * License as published by the Free Software Foundation; either
14 * version 2.1 of the License, or (at your option) any later version.
15 *
16 * FFmpeg is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * Lesser General Public License for more details.
20 *
21 * You should have received a copy of the GNU Lesser General Public
22 * License along with FFmpeg; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 */
25
26 #include "config_components.h"
27
28 #include <inttypes.h>
29 #include <limits.h>
30 #include <stdint.h>
31
32 #include "libavutil/attributes.h"
33 #include "libavutil/bprint.h"
34 #include "libavutil/channel_layout.h"
35 #include "libavutil/internal.h"
36 #include "libavutil/intreadwrite.h"
37 #include "libavutil/intfloat.h"
38 #include "libavutil/mathematics.h"
39 #include "libavutil/avassert.h"
40 #include "libavutil/avstring.h"
41 #include "libavutil/dict.h"
42 #include "libavutil/opt.h"
43 #include "libavutil/aes.h"
44 #include "libavutil/aes_ctr.h"
45 #include "libavutil/pixdesc.h"
46 #include "libavutil/sha.h"
47 #include "libavutil/spherical.h"
48 #include "libavutil/stereo3d.h"
49 #include "libavutil/timecode.h"
50 #include "libavutil/uuid.h"
51 #include "libavcodec/ac3tab.h"
52 #include "libavcodec/flac.h"
53 #include "libavcodec/hevc.h"
54 #include "libavcodec/mpegaudiodecheader.h"
55 #include "libavcodec/mlp_parse.h"
56 #include "avformat.h"
57 #include "internal.h"
58 #include "avio_internal.h"
59 #include "demux.h"
60 #include "dovi_isom.h"
61 #include "riff.h"
62 #include "isom.h"
63 #include "libavcodec/get_bits.h"
64 #include "id3v1.h"
65 #include "mov_chan.h"
66 #include "replaygain.h"
67 #include "libavcodec/av3a.h"
68
69 #if CONFIG_ZLIB
70 #include <zlib.h>
71 #endif
72
73 #include "qtpalette.h"
74
75 #ifdef OHOS_DRM
76 #define MOV_DRM_PSSH_TITLE_LEN (8)
77
78 static const uint8_t g_pssh_title_buf[4] = { // 4:bufSize
79 0x70, 0x73, 0x73, 0x68
80 };
81 #endif
82
83 /* those functions parse an atom */
84 /* links atom IDs to parse functions */
85 typedef struct MOVParseTableEntry {
86 uint32_t type;
87 int (*parse)(MOVContext *ctx, AVIOContext *pb, MOVAtom atom);
88 } MOVParseTableEntry;
89
90 static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom);
91 static int mov_read_mfra(MOVContext *c, AVIOContext *f);
92 static int64_t add_ctts_entry(MOVCtts** ctts_data, unsigned int* ctts_count, unsigned int* allocated_size,
93 int count, int duration);
94
mov_metadata_track_or_disc_number(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)95 static int mov_metadata_track_or_disc_number(MOVContext *c, AVIOContext *pb,
96 unsigned len, const char *key)
97 {
98 char buf[16];
99
100 short current, total = 0;
101 avio_rb16(pb); // unknown
102 current = avio_rb16(pb);
103 if (len >= 6)
104 total = avio_rb16(pb);
105 if (!total)
106 snprintf(buf, sizeof(buf), "%d", current);
107 else
108 snprintf(buf, sizeof(buf), "%d/%d", current, total);
109 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
110 av_dict_set(&c->fc->metadata, key, buf, 0);
111
112 return 0;
113 }
114
mov_metadata_int8_bypass_padding(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)115 static int mov_metadata_int8_bypass_padding(MOVContext *c, AVIOContext *pb,
116 unsigned len, const char *key)
117 {
118 /* bypass padding bytes */
119 avio_r8(pb);
120 avio_r8(pb);
121 avio_r8(pb);
122
123 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
124 av_dict_set_int(&c->fc->metadata, key, avio_r8(pb), 0);
125
126 return 0;
127 }
128
mov_metadata_int8_no_padding(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)129 static int mov_metadata_int8_no_padding(MOVContext *c, AVIOContext *pb,
130 unsigned len, const char *key)
131 {
132 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
133 av_dict_set_int(&c->fc->metadata, key, avio_r8(pb), 0);
134
135 return 0;
136 }
137
mov_metadata_gnre(MOVContext * c,AVIOContext * pb,unsigned len,const char * key)138 static int mov_metadata_gnre(MOVContext *c, AVIOContext *pb,
139 unsigned len, const char *key)
140 {
141 short genre;
142
143 avio_r8(pb); // unknown
144
145 genre = avio_r8(pb);
146 if (genre < 1 || genre > ID3v1_GENRE_MAX)
147 return 0;
148 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
149 av_dict_set(&c->fc->metadata, key, ff_id3v1_genre_str[genre-1], 0);
150
151 return 0;
152 }
153
154 static const uint32_t mac_to_unicode[128] = {
155 0x00C4,0x00C5,0x00C7,0x00C9,0x00D1,0x00D6,0x00DC,0x00E1,
156 0x00E0,0x00E2,0x00E4,0x00E3,0x00E5,0x00E7,0x00E9,0x00E8,
157 0x00EA,0x00EB,0x00ED,0x00EC,0x00EE,0x00EF,0x00F1,0x00F3,
158 0x00F2,0x00F4,0x00F6,0x00F5,0x00FA,0x00F9,0x00FB,0x00FC,
159 0x2020,0x00B0,0x00A2,0x00A3,0x00A7,0x2022,0x00B6,0x00DF,
160 0x00AE,0x00A9,0x2122,0x00B4,0x00A8,0x2260,0x00C6,0x00D8,
161 0x221E,0x00B1,0x2264,0x2265,0x00A5,0x00B5,0x2202,0x2211,
162 0x220F,0x03C0,0x222B,0x00AA,0x00BA,0x03A9,0x00E6,0x00F8,
163 0x00BF,0x00A1,0x00AC,0x221A,0x0192,0x2248,0x2206,0x00AB,
164 0x00BB,0x2026,0x00A0,0x00C0,0x00C3,0x00D5,0x0152,0x0153,
165 0x2013,0x2014,0x201C,0x201D,0x2018,0x2019,0x00F7,0x25CA,
166 0x00FF,0x0178,0x2044,0x20AC,0x2039,0x203A,0xFB01,0xFB02,
167 0x2021,0x00B7,0x201A,0x201E,0x2030,0x00C2,0x00CA,0x00C1,
168 0x00CB,0x00C8,0x00CD,0x00CE,0x00CF,0x00CC,0x00D3,0x00D4,
169 0xF8FF,0x00D2,0x00DA,0x00DB,0x00D9,0x0131,0x02C6,0x02DC,
170 0x00AF,0x02D8,0x02D9,0x02DA,0x00B8,0x02DD,0x02DB,0x02C7,
171 };
172
mov_read_mac_string(MOVContext * c,AVIOContext * pb,int len,char * dst,int dstlen)173 static int mov_read_mac_string(MOVContext *c, AVIOContext *pb, int len,
174 char *dst, int dstlen)
175 {
176 char *p = dst;
177 char *end = dst+dstlen-1;
178 int i;
179
180 for (i = 0; i < len; i++) {
181 uint8_t t, c = avio_r8(pb);
182
183 if (p >= end)
184 continue;
185
186 if (c < 0x80)
187 *p++ = c;
188 else if (p < end)
189 PUT_UTF8(mac_to_unicode[c-0x80], t, if (p < end) *p++ = t;);
190 }
191 *p = 0;
192 return p - dst;
193 }
194
mov_read_covr(MOVContext * c,AVIOContext * pb,int type,int len)195 static int mov_read_covr(MOVContext *c, AVIOContext *pb, int type, int len)
196 {
197 AVStream *st;
198 MOVStreamContext *sc;
199 enum AVCodecID id;
200 int ret;
201
202 switch (type) {
203 case 0xd: id = AV_CODEC_ID_MJPEG; break;
204 case 0xe: id = AV_CODEC_ID_PNG; break;
205 case 0x1b: id = AV_CODEC_ID_BMP; break;
206 default:
207 av_log(c->fc, AV_LOG_WARNING, "Unknown cover type: 0x%x.\n", type);
208 avio_skip(pb, len);
209 return 0;
210 }
211
212 sc = av_mallocz(sizeof(*sc));
213 if (!sc)
214 return AVERROR(ENOMEM);
215 ret = ff_add_attached_pic(c->fc, NULL, pb, NULL, len);
216 if (ret < 0) {
217 av_free(sc);
218 return ret;
219 }
220 st = c->fc->streams[c->fc->nb_streams - 1];
221 st->priv_data = sc;
222
223 if (st->attached_pic.size >= 8 && id != AV_CODEC_ID_BMP) {
224 if (AV_RB64(st->attached_pic.data) == 0x89504e470d0a1a0a) {
225 id = AV_CODEC_ID_PNG;
226 } else {
227 id = AV_CODEC_ID_MJPEG;
228 }
229 }
230 st->codecpar->codec_id = id;
231
232 return 0;
233 }
234
235 // 3GPP TS 26.244
mov_metadata_loci(MOVContext * c,AVIOContext * pb,unsigned len)236 static int mov_metadata_loci(MOVContext *c, AVIOContext *pb, unsigned len)
237 {
238 char language[4] = { 0 };
239 char buf[200], place[100];
240 uint16_t langcode = 0;
241 double longitude, latitude, altitude;
242 const char *key = "location";
243
244 if (len < 4 + 2 + 1 + 1 + 4 + 4 + 4) {
245 av_log(c->fc, AV_LOG_ERROR, "loci too short\n");
246 return AVERROR_INVALIDDATA;
247 }
248
249 avio_skip(pb, 4); // version+flags
250 langcode = avio_rb16(pb);
251 ff_mov_lang_to_iso639(langcode, language);
252 len -= 6;
253
254 len -= avio_get_str(pb, len, place, sizeof(place));
255 if (len < 1) {
256 av_log(c->fc, AV_LOG_ERROR, "place name too long\n");
257 return AVERROR_INVALIDDATA;
258 }
259 avio_skip(pb, 1); // role
260 len -= 1;
261
262 if (len < 12) {
263 av_log(c->fc, AV_LOG_ERROR,
264 "loci too short (%u bytes left, need at least %d)\n", len, 12);
265 return AVERROR_INVALIDDATA;
266 }
267 longitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
268 latitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
269 altitude = ((int32_t) avio_rb32(pb)) / (float) (1 << 16);
270
271 // Try to output in the same format as the ?xyz field
272 snprintf(buf, sizeof(buf), "%+08.4f%+09.4f", latitude, longitude);
273 if (altitude)
274 av_strlcatf(buf, sizeof(buf), "%+f", altitude);
275 av_strlcatf(buf, sizeof(buf), "/%s", place);
276
277 if (*language && strcmp(language, "und")) {
278 char key2[16];
279 snprintf(key2, sizeof(key2), "%s-%s", key, language);
280 av_dict_set(&c->fc->metadata, key2, buf, 0);
281 }
282 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
283 return av_dict_set(&c->fc->metadata, key, buf, 0);
284 }
285
mov_metadata_hmmt(MOVContext * c,AVIOContext * pb,unsigned len)286 static int mov_metadata_hmmt(MOVContext *c, AVIOContext *pb, unsigned len)
287 {
288 int i, n_hmmt;
289
290 if (len < 2)
291 return 0;
292 if (c->ignore_chapters)
293 return 0;
294
295 n_hmmt = avio_rb32(pb);
296 if (n_hmmt > len / 4)
297 return AVERROR_INVALIDDATA;
298 for (i = 0; i < n_hmmt && !pb->eof_reached; i++) {
299 int moment_time = avio_rb32(pb);
300 avpriv_new_chapter(c->fc, i, av_make_q(1, 1000), moment_time, AV_NOPTS_VALUE, NULL);
301 }
302 if (avio_feof(pb))
303 return AVERROR_INVALIDDATA;
304 return 0;
305 }
306
mov_read_udta_string(MOVContext * c,AVIOContext * pb,MOVAtom atom)307 static int mov_read_udta_string(MOVContext *c, AVIOContext *pb, MOVAtom atom)
308 {
309 char tmp_key[AV_FOURCC_MAX_STRING_SIZE] = {0};
310 char key2[32], language[4] = {0};
311 char *str = NULL;
312 const char *key = NULL;
313 uint16_t langcode = 0;
314 uint32_t data_type = 0, str_size, str_size_alloc;
315 int (*parse)(MOVContext*, AVIOContext*, unsigned, const char*) = NULL;
316 int raw = 0;
317 int num = 0;
318
319 switch (atom.type) {
320 case MKTAG( '@','P','R','M'): key = "premiere_version"; raw = 1; break;
321 case MKTAG( '@','P','R','Q'): key = "quicktime_version"; raw = 1; break;
322 case MKTAG( 'X','M','P','_'):
323 if (c->export_xmp) { key = "xmp"; raw = 1; } break;
324 case MKTAG( 'a','A','R','T'): key = "album_artist"; break;
325 case MKTAG( 'a','k','I','D'): key = "account_type";
326 parse = mov_metadata_int8_no_padding; break;
327 case MKTAG( 'a','p','I','D'): key = "account_id"; break;
328 case MKTAG( 'c','a','t','g'): key = "category"; break;
329 case MKTAG( 'c','p','i','l'): key = "compilation";
330 parse = mov_metadata_int8_no_padding; break;
331 case MKTAG( 'c','p','r','t'): key = "copyright"; break;
332 case MKTAG( 'd','e','s','c'): key = "description"; break;
333 case MKTAG( 'd','i','s','k'): key = "disc";
334 parse = mov_metadata_track_or_disc_number; break;
335 case MKTAG( 'e','g','i','d'): key = "episode_uid";
336 parse = mov_metadata_int8_no_padding; break;
337 case MKTAG( 'F','I','R','M'): key = "firmware"; raw = 1; break;
338 case MKTAG( 'g','n','r','e'): key = "genre";
339 parse = mov_metadata_gnre; break;
340 case MKTAG( 'h','d','v','d'): key = "hd_video";
341 parse = mov_metadata_int8_no_padding; break;
342 case MKTAG( 'H','M','M','T'):
343 return mov_metadata_hmmt(c, pb, atom.size);
344 case MKTAG( 'k','e','y','w'): key = "keywords"; break;
345 case MKTAG( 'l','d','e','s'): key = "synopsis"; break;
346 case MKTAG( 'l','o','c','i'):
347 return mov_metadata_loci(c, pb, atom.size);
348 case MKTAG( 'm','a','n','u'): key = "make"; break;
349 case MKTAG( 'm','o','d','l'): key = "model"; break;
350 case MKTAG( 'p','c','s','t'): key = "podcast";
351 parse = mov_metadata_int8_no_padding; break;
352 case MKTAG( 'p','g','a','p'): key = "gapless_playback";
353 parse = mov_metadata_int8_no_padding; break;
354 case MKTAG( 'p','u','r','d'): key = "purchase_date"; break;
355 case MKTAG( 'r','t','n','g'): key = "rating";
356 parse = mov_metadata_int8_no_padding; break;
357 case MKTAG( 's','o','a','a'): key = "sort_album_artist"; break;
358 case MKTAG( 's','o','a','l'): key = "sort_album"; break;
359 case MKTAG( 's','o','a','r'): key = "sort_artist"; break;
360 case MKTAG( 's','o','c','o'): key = "sort_composer"; break;
361 case MKTAG( 's','o','n','m'): key = "sort_name"; break;
362 case MKTAG( 's','o','s','n'): key = "sort_show"; break;
363 case MKTAG( 's','t','i','k'): key = "media_type";
364 parse = mov_metadata_int8_no_padding; break;
365 case MKTAG( 't','r','k','n'): key = "track";
366 parse = mov_metadata_track_or_disc_number; break;
367 case MKTAG( 't','v','e','n'): key = "episode_id"; break;
368 case MKTAG( 't','v','e','s'): key = "episode_sort";
369 parse = mov_metadata_int8_bypass_padding; break;
370 case MKTAG( 't','v','n','n'): key = "network"; break;
371 case MKTAG( 't','v','s','h'): key = "show"; break;
372 case MKTAG( 't','v','s','n'): key = "season_number";
373 parse = mov_metadata_int8_bypass_padding; break;
374 case MKTAG(0xa9,'A','R','T'): key = "artist"; break;
375 case MKTAG(0xa9,'P','R','D'): key = "producer"; break;
376 case MKTAG(0xa9,'a','l','b'): key = "album"; break;
377 case MKTAG(0xa9,'a','u','t'): key = "artist"; break;
378 case MKTAG(0xa9,'c','h','p'): key = "chapter"; break;
379 case MKTAG(0xa9,'c','m','t'): key = "comment"; break;
380 case MKTAG(0xa9,'c','o','m'): key = "composer"; break;
381 case MKTAG(0xa9,'c','p','y'): key = "copyright"; break;
382 case MKTAG(0xa9,'d','a','y'): key = "date"; break;
383 case MKTAG(0xa9,'d','i','r'): key = "director"; break;
384 case MKTAG(0xa9,'d','i','s'): key = "disclaimer"; break;
385 case MKTAG(0xa9,'e','d','1'): key = "edit_date"; break;
386 case MKTAG(0xa9,'e','n','c'): key = "encoder"; break;
387 case MKTAG(0xa9,'f','m','t'): key = "original_format"; break;
388 case MKTAG(0xa9,'g','e','n'): key = "genre"; break;
389 case MKTAG(0xa9,'g','r','p'): key = "grouping"; break;
390 case MKTAG(0xa9,'h','s','t'): key = "host_computer"; break;
391 case MKTAG(0xa9,'i','n','f'): key = "comment"; break;
392 case MKTAG(0xa9,'l','y','r'): key = "lyrics"; break;
393 case MKTAG(0xa9,'m','a','k'): key = "make"; break;
394 case MKTAG(0xa9,'m','o','d'): key = "model"; break;
395 case MKTAG(0xa9,'n','a','m'): key = "title"; break;
396 case MKTAG(0xa9,'o','p','e'): key = "original_artist"; break;
397 case MKTAG(0xa9,'p','r','d'): key = "producer"; break;
398 case MKTAG(0xa9,'p','r','f'): key = "performers"; break;
399 case MKTAG(0xa9,'r','e','q'): key = "playback_requirements"; break;
400 case MKTAG(0xa9,'s','r','c'): key = "original_source"; break;
401 case MKTAG(0xa9,'s','t','3'): key = "subtitle"; break;
402 case MKTAG(0xa9,'s','w','r'): key = "encoder"; break;
403 case MKTAG(0xa9,'t','o','o'): key = "encoder"; break;
404 case MKTAG(0xa9,'t','r','k'): key = "track"; break;
405 case MKTAG(0xa9,'u','r','l'): key = "URL"; break;
406 case MKTAG(0xa9,'w','r','n'): key = "warning"; break;
407 case MKTAG(0xa9,'w','r','t'): key = "composer"; break;
408 case MKTAG(0xa9,'x','y','z'): key = "location"; break;
409 }
410 retry:
411 if (c->itunes_metadata && atom.size > 8) {
412 int data_size = avio_rb32(pb);
413 int tag = avio_rl32(pb);
414 if (tag == MKTAG('d','a','t','a') && data_size <= atom.size && data_size >= 16) {
415 data_type = avio_rb32(pb); // type
416 avio_rb32(pb); // unknown
417 str_size = data_size - 16;
418 atom.size -= 16;
419
420 if (!key && c->found_hdlr_mdta && c->meta_keys) {
421 uint32_t index = av_bswap32(atom.type); // BE number has been read as LE
422 if (index < c->meta_keys_count && index > 0) {
423 key = c->meta_keys[index];
424 } else if (atom.type != MKTAG('c', 'o', 'v', 'r')) {
425 av_log(c->fc, AV_LOG_WARNING,
426 "The index of 'data' is out of range: %"PRId32" < 1 or >= %d.\n",
427 index, c->meta_keys_count);
428 }
429 }
430 if (atom.type == MKTAG('c', 'o', 'v', 'r') ||
431 (key && !strcmp(key, "com.apple.quicktime.artwork"))) {
432 int ret = mov_read_covr(c, pb, data_type, str_size);
433 if (ret < 0) {
434 av_log(c->fc, AV_LOG_ERROR, "Error parsing cover art.\n");
435 return ret;
436 }
437 atom.size -= str_size;
438 if (atom.size > 8)
439 goto retry;
440 return ret;
441 }
442 } else return 0;
443 } else if (atom.size > 4 && key && !c->itunes_metadata && !raw) {
444 str_size = avio_rb16(pb); // string length
445 if (str_size > atom.size) {
446 raw = 1;
447 avio_seek(pb, -2, SEEK_CUR);
448 av_log(c->fc, AV_LOG_WARNING, "UDTA parsing failed retrying raw\n");
449 goto retry;
450 }
451 langcode = avio_rb16(pb);
452 ff_mov_lang_to_iso639(langcode, language);
453 atom.size -= 4;
454 } else
455 str_size = atom.size;
456
457 if (c->export_all && !key) {
458 key = av_fourcc_make_string(tmp_key, atom.type);
459 }
460
461 if (!key)
462 return 0;
463 if (atom.size < 0 || str_size >= INT_MAX/2)
464 return AVERROR_INVALIDDATA;
465
466 // Allocates enough space if data_type is a int32 or float32 number, otherwise
467 // worst-case requirement for output string in case of utf8 coded input
468 num = (data_type >= 21 && data_type <= 23);
469 str_size_alloc = (num ? 512 : (raw ? str_size : str_size * 2)) + 1;
470 str = av_mallocz(str_size_alloc);
471 if (!str)
472 return AVERROR(ENOMEM);
473
474 if (parse)
475 parse(c, pb, str_size, key);
476 else {
477 if (!raw && (data_type == 3 || (data_type == 0 && (langcode < 0x400 || langcode == 0x7fff)))) { // MAC Encoded
478 mov_read_mac_string(c, pb, str_size, str, str_size_alloc);
479 #ifdef OHOS_MOOV_LEVEL_META
480 } else if (data_type == 21 || data_type == 67) { // BE signed integer, variable size
481 #else
482 } else if (data_type == 21) { // BE signed integer, variable size
483 #endif
484 int val = 0;
485 if (str_size == 1)
486 val = (int8_t)avio_r8(pb);
487 else if (str_size == 2)
488 val = (int16_t)avio_rb16(pb);
489 else if (str_size == 3)
490 val = ((int32_t)(avio_rb24(pb)<<8))>>8;
491 else if (str_size == 4)
492 val = (int32_t)avio_rb32(pb);
493 if (snprintf(str, str_size_alloc, "%d", val) >= str_size_alloc) {
494 av_log(c->fc, AV_LOG_ERROR,
495 "Failed to store the number (%d) in string.\n", val);
496 av_free(str);
497 return AVERROR_INVALIDDATA;
498 }
499 } else if (data_type == 22) { // BE unsigned integer, variable size
500 unsigned int val = 0;
501 if (str_size == 1)
502 val = avio_r8(pb);
503 else if (str_size == 2)
504 val = avio_rb16(pb);
505 else if (str_size == 3)
506 val = avio_rb24(pb);
507 else if (str_size == 4)
508 val = avio_rb32(pb);
509 if (snprintf(str, str_size_alloc, "%u", val) >= str_size_alloc) {
510 av_log(c->fc, AV_LOG_ERROR,
511 "Failed to store the number (%u) in string.\n", val);
512 av_free(str);
513 return AVERROR_INVALIDDATA;
514 }
515 } else if (data_type == 23 && str_size >= 4) { // BE float32
516 float val = av_int2float(avio_rb32(pb));
517 if (snprintf(str, str_size_alloc, "%f", val) >= str_size_alloc) {
518 av_log(c->fc, AV_LOG_ERROR,
519 "Failed to store the float32 number (%f) in string.\n", val);
520 av_free(str);
521 return AVERROR_INVALIDDATA;
522 }
523 } else if (data_type > 1 && data_type != 4) {
524 // data_type can be 0 if not set at all above. data_type 1 means
525 // UTF8 and 4 means "UTF8 sort". For any other type (UTF16 or e.g.
526 // a picture), don't return it blindly in a string that is supposed
527 // to be UTF8 text.
528 av_log(c->fc, AV_LOG_WARNING, "Skipping unhandled metadata %s of type %d\n", key, data_type);
529 av_free(str);
530 return 0;
531 } else {
532 int ret = ffio_read_size(pb, str, str_size);
533 if (ret < 0) {
534 av_free(str);
535 return ret;
536 }
537 str[str_size] = 0;
538 }
539 c->fc->event_flags |= AVFMT_EVENT_FLAG_METADATA_UPDATED;
540 #ifdef OHOS_MOOV_LEVEL_META
541 if (!strncmp(key, "moov_level_meta_key_", 20)) {
542 char* typeStr;
543 switch(data_type) {
544 case 1:
545 typeStr = av_asprintf("%s%s", "00000001", str); // string
546 break;
547 case 21:
548 typeStr = av_asprintf("%s%s", "00000015", str); // int
549 break;
550 case 23:
551 typeStr = av_asprintf("%s%s", "00000017", str); // float
552 break;
553 case 67:
554 typeStr = av_asprintf("%s%s", "00000043", str); // int
555 break;
556 default:
557 typeStr = av_asprintf("%s%s", "0000004d", str); // unknow
558 break;
559 }
560 if (!typeStr) {
561 av_dict_set(&c->fc->metadata, key, str, 0);
562 } else {
563 av_dict_set(&c->fc->metadata, key, typeStr, 0);
564 av_freep(&typeStr);
565 }
566 } else {
567 av_dict_set(&c->fc->metadata, key, str, 0);
568 }
569 #else
570 av_dict_set(&c->fc->metadata, key, str, 0);
571 #endif
572 if (*language && strcmp(language, "und")) {
573 snprintf(key2, sizeof(key2), "%s-%s", key, language);
574 av_dict_set(&c->fc->metadata, key2, str, 0);
575 }
576 if (!strcmp(key, "encoder")) {
577 int major, minor, micro;
578 if (sscanf(str, "HandBrake %d.%d.%d", &major, &minor, µ) == 3) {
579 c->handbrake_version = 1000000*major + 1000*minor + micro;
580 }
581 }
582 }
583
584 av_freep(&str);
585 return 0;
586 }
587
mov_read_chpl(MOVContext * c,AVIOContext * pb,MOVAtom atom)588 static int mov_read_chpl(MOVContext *c, AVIOContext *pb, MOVAtom atom)
589 {
590 int64_t start;
591 int i, nb_chapters, str_len, version;
592 char str[256+1];
593 int ret;
594
595 if (c->ignore_chapters)
596 return 0;
597
598 if ((atom.size -= 5) < 0)
599 return 0;
600
601 version = avio_r8(pb);
602 avio_rb24(pb);
603 if (version)
604 avio_rb32(pb); // ???
605 nb_chapters = avio_r8(pb);
606
607 for (i = 0; i < nb_chapters; i++) {
608 if (atom.size < 9)
609 return 0;
610
611 start = avio_rb64(pb);
612 str_len = avio_r8(pb);
613
614 if ((atom.size -= 9+str_len) < 0)
615 return 0;
616
617 ret = ffio_read_size(pb, str, str_len);
618 if (ret < 0)
619 return ret;
620 str[str_len] = 0;
621 avpriv_new_chapter(c->fc, i, (AVRational){1,10000000}, start, AV_NOPTS_VALUE, str);
622 }
623 return 0;
624 }
625
626 #define MIN_DATA_ENTRY_BOX_SIZE 12
mov_read_dref(MOVContext * c,AVIOContext * pb,MOVAtom atom)627 static int mov_read_dref(MOVContext *c, AVIOContext *pb, MOVAtom atom)
628 {
629 AVStream *st;
630 MOVStreamContext *sc;
631 int entries, i, j;
632
633 if (c->fc->nb_streams < 1)
634 return 0;
635 st = c->fc->streams[c->fc->nb_streams-1];
636 sc = st->priv_data;
637
638 avio_rb32(pb); // version + flags
639 entries = avio_rb32(pb);
640 if (!entries ||
641 entries > (atom.size - 1) / MIN_DATA_ENTRY_BOX_SIZE + 1 ||
642 entries >= UINT_MAX / sizeof(*sc->drefs))
643 return AVERROR_INVALIDDATA;
644
645 for (i = 0; i < sc->drefs_count; i++) {
646 MOVDref *dref = &sc->drefs[i];
647 av_freep(&dref->path);
648 av_freep(&dref->dir);
649 }
650 av_free(sc->drefs);
651 sc->drefs_count = 0;
652 sc->drefs = av_mallocz(entries * sizeof(*sc->drefs));
653 if (!sc->drefs)
654 return AVERROR(ENOMEM);
655 sc->drefs_count = entries;
656
657 for (i = 0; i < entries; i++) {
658 MOVDref *dref = &sc->drefs[i];
659 uint32_t size = avio_rb32(pb);
660 int64_t next = avio_tell(pb);
661
662 if (size < 12 || next < 0 || next > INT64_MAX - size)
663 return AVERROR_INVALIDDATA;
664
665 next += size - 4;
666
667 dref->type = avio_rl32(pb);
668 avio_rb32(pb); // version + flags
669
670 if (dref->type == MKTAG('a','l','i','s') && size > 150) {
671 /* macintosh alias record */
672 uint16_t volume_len, len;
673 int16_t type;
674 int ret;
675
676 avio_skip(pb, 10);
677
678 volume_len = avio_r8(pb);
679 volume_len = FFMIN(volume_len, 27);
680 ret = ffio_read_size(pb, dref->volume, 27);
681 if (ret < 0)
682 return ret;
683 dref->volume[volume_len] = 0;
684 av_log(c->fc, AV_LOG_DEBUG, "volume %s, len %d\n", dref->volume, volume_len);
685
686 avio_skip(pb, 12);
687
688 len = avio_r8(pb);
689 len = FFMIN(len, 63);
690 ret = ffio_read_size(pb, dref->filename, 63);
691 if (ret < 0)
692 return ret;
693 dref->filename[len] = 0;
694 av_log(c->fc, AV_LOG_DEBUG, "filename %s, len %d\n", dref->filename, len);
695
696 avio_skip(pb, 16);
697
698 /* read next level up_from_alias/down_to_target */
699 dref->nlvl_from = avio_rb16(pb);
700 dref->nlvl_to = avio_rb16(pb);
701 av_log(c->fc, AV_LOG_DEBUG, "nlvl from %d, nlvl to %d\n",
702 dref->nlvl_from, dref->nlvl_to);
703
704 avio_skip(pb, 16);
705
706 for (type = 0; type != -1 && avio_tell(pb) < next; ) {
707 if (avio_feof(pb))
708 return AVERROR_EOF;
709 type = avio_rb16(pb);
710 len = avio_rb16(pb);
711 av_log(c->fc, AV_LOG_DEBUG, "type %d, len %d\n", type, len);
712 if (len&1)
713 len += 1;
714 if (type == 2) { // absolute path
715 av_free(dref->path);
716 dref->path = av_mallocz(len+1);
717 if (!dref->path)
718 return AVERROR(ENOMEM);
719
720 ret = ffio_read_size(pb, dref->path, len);
721 if (ret < 0) {
722 av_freep(&dref->path);
723 return ret;
724 }
725 if (len > volume_len && !strncmp(dref->path, dref->volume, volume_len)) {
726 len -= volume_len;
727 memmove(dref->path, dref->path+volume_len, len);
728 dref->path[len] = 0;
729 }
730 // trim string of any ending zeros
731 for (j = len - 1; j >= 0; j--) {
732 if (dref->path[j] == 0)
733 len--;
734 else
735 break;
736 }
737 for (j = 0; j < len; j++)
738 if (dref->path[j] == ':' || dref->path[j] == 0)
739 dref->path[j] = '/';
740 av_log(c->fc, AV_LOG_DEBUG, "path %s\n", dref->path);
741 } else if (type == 0) { // directory name
742 av_free(dref->dir);
743 dref->dir = av_malloc(len+1);
744 if (!dref->dir)
745 return AVERROR(ENOMEM);
746
747 ret = ffio_read_size(pb, dref->dir, len);
748 if (ret < 0) {
749 av_freep(&dref->dir);
750 return ret;
751 }
752 dref->dir[len] = 0;
753 for (j = 0; j < len; j++)
754 if (dref->dir[j] == ':')
755 dref->dir[j] = '/';
756 av_log(c->fc, AV_LOG_DEBUG, "dir %s\n", dref->dir);
757 } else
758 avio_skip(pb, len);
759 }
760 } else {
761 av_log(c->fc, AV_LOG_DEBUG, "Unknown dref type 0x%08"PRIx32" size %"PRIu32"\n",
762 dref->type, size);
763 entries--;
764 i--;
765 }
766 avio_seek(pb, next, SEEK_SET);
767 }
768 return 0;
769 }
770
mov_read_hdlr(MOVContext * c,AVIOContext * pb,MOVAtom atom)771 static int mov_read_hdlr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
772 {
773 AVStream *st;
774 uint32_t type;
775 uint32_t ctype;
776 int64_t title_size;
777 char *title_str;
778 int ret;
779
780 avio_r8(pb); /* version */
781 avio_rb24(pb); /* flags */
782
783 /* component type */
784 ctype = avio_rl32(pb);
785 type = avio_rl32(pb); /* component subtype */
786
787 av_log(c->fc, AV_LOG_TRACE, "ctype=%s\n", av_fourcc2str(ctype));
788 av_log(c->fc, AV_LOG_TRACE, "stype=%s\n", av_fourcc2str(type));
789
790 if (c->trak_index < 0) { // meta not inside a trak
791 if (type == MKTAG('m','d','t','a')) {
792 c->found_hdlr_mdta = 1;
793 }
794 return 0;
795 }
796
797 st = c->fc->streams[c->fc->nb_streams-1];
798
799 if (type == MKTAG('v','i','d','e'))
800 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
801 else if (type == MKTAG('s','o','u','n'))
802 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
803 else if (type == MKTAG('m','1','a',' '))
804 st->codecpar->codec_id = AV_CODEC_ID_MP2;
805 #ifdef OHOS_SUBTITLE_DEMUXER
806 else if ((type == MKTAG('s','u','b','p')) || (type == MKTAG('c','l','c','p')) || (type == MKTAG('t','e','x','t')))
807 #else
808 else if ((type == MKTAG('s','u','b','p')) || (type == MKTAG('c','l','c','p')))
809 #endif
810 st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
811 avio_rb32(pb); /* component manufacture */
812 avio_rb32(pb); /* component flags */
813 avio_rb32(pb); /* component flags mask */
814
815 title_size = atom.size - 24;
816 if (title_size > 0) {
817 if (title_size > FFMIN(INT_MAX, SIZE_MAX-1))
818 return AVERROR_INVALIDDATA;
819 title_str = av_malloc(title_size + 1); /* Add null terminator */
820 if (!title_str)
821 return AVERROR(ENOMEM);
822
823 ret = ffio_read_size(pb, title_str, title_size);
824 if (ret < 0) {
825 av_freep(&title_str);
826 return ret;
827 }
828 title_str[title_size] = 0;
829 if (title_str[0]) {
830 int off = (!c->isom && title_str[0] == title_size - 1);
831 // flag added so as to not set stream handler name if already set from mdia->hdlr
832 av_dict_set(&st->metadata, "handler_name", title_str + off, AV_DICT_DONT_OVERWRITE);
833 #ifdef OHOS_TIMED_META_TRACK
834 if (!strncmp(title_str + off, "timed_metadata", 14) && type == MKTAG('m', 'e', 't' ,'a')) {
835 st->codecpar->codec_type = AVMEDIA_TYPE_TIMEDMETA;
836 }
837 #endif
838 }
839 av_freep(&title_str);
840 }
841
842 return 0;
843 }
844
mov_read_esds(MOVContext * c,AVIOContext * pb,MOVAtom atom)845 static int mov_read_esds(MOVContext *c, AVIOContext *pb, MOVAtom atom)
846 {
847 return ff_mov_read_esds(c->fc, pb);
848 }
849
mov_read_dac3(MOVContext * c,AVIOContext * pb,MOVAtom atom)850 static int mov_read_dac3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
851 {
852 AVStream *st;
853 enum AVAudioServiceType *ast;
854 int ac3info, acmod, lfeon, bsmod;
855 uint64_t mask;
856
857 if (c->fc->nb_streams < 1)
858 return 0;
859 st = c->fc->streams[c->fc->nb_streams-1];
860
861 ast = (enum AVAudioServiceType*)av_stream_new_side_data(st, AV_PKT_DATA_AUDIO_SERVICE_TYPE,
862 sizeof(*ast));
863 if (!ast)
864 return AVERROR(ENOMEM);
865
866 ac3info = avio_rb24(pb);
867 bsmod = (ac3info >> 14) & 0x7;
868 acmod = (ac3info >> 11) & 0x7;
869 lfeon = (ac3info >> 10) & 0x1;
870
871 mask = ff_ac3_channel_layout_tab[acmod];
872 if (lfeon)
873 mask |= AV_CH_LOW_FREQUENCY;
874 av_channel_layout_uninit(&st->codecpar->ch_layout);
875 av_channel_layout_from_mask(&st->codecpar->ch_layout, mask);
876
877 *ast = bsmod;
878 if (st->codecpar->ch_layout.nb_channels > 1 && bsmod == 0x7)
879 *ast = AV_AUDIO_SERVICE_TYPE_KARAOKE;
880
881 return 0;
882 }
883
mov_read_dec3(MOVContext * c,AVIOContext * pb,MOVAtom atom)884 static int mov_read_dec3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
885 {
886 AVStream *st;
887 enum AVAudioServiceType *ast;
888 int eac3info, acmod, lfeon, bsmod;
889 uint64_t mask;
890
891 if (c->fc->nb_streams < 1)
892 return 0;
893 st = c->fc->streams[c->fc->nb_streams-1];
894
895 ast = (enum AVAudioServiceType*)av_stream_new_side_data(st, AV_PKT_DATA_AUDIO_SERVICE_TYPE,
896 sizeof(*ast));
897 if (!ast)
898 return AVERROR(ENOMEM);
899
900 /* No need to parse fields for additional independent substreams and its
901 * associated dependent substreams since libavcodec's E-AC-3 decoder
902 * does not support them yet. */
903 avio_rb16(pb); /* data_rate and num_ind_sub */
904 eac3info = avio_rb24(pb);
905 bsmod = (eac3info >> 12) & 0x1f;
906 acmod = (eac3info >> 9) & 0x7;
907 lfeon = (eac3info >> 8) & 0x1;
908
909 mask = ff_ac3_channel_layout_tab[acmod];
910 if (lfeon)
911 mask |= AV_CH_LOW_FREQUENCY;
912 av_channel_layout_uninit(&st->codecpar->ch_layout);
913 av_channel_layout_from_mask(&st->codecpar->ch_layout, mask);
914
915 *ast = bsmod;
916 if (st->codecpar->ch_layout.nb_channels > 1 && bsmod == 0x7)
917 *ast = AV_AUDIO_SERVICE_TYPE_KARAOKE;
918
919 return 0;
920 }
921
mov_read_ddts(MOVContext * c,AVIOContext * pb,MOVAtom atom)922 static int mov_read_ddts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
923 {
924 #define DDTS_SIZE 20
925 uint8_t buf[DDTS_SIZE + AV_INPUT_BUFFER_PADDING_SIZE];
926 AVStream *st = NULL;
927 uint32_t frame_duration_code = 0;
928 uint32_t channel_layout_code = 0;
929 GetBitContext gb;
930 int ret;
931
932 if ((ret = ffio_read_size(pb, buf, DDTS_SIZE)) < 0)
933 return ret;
934
935 init_get_bits(&gb, buf, 8 * DDTS_SIZE);
936
937 if (c->fc->nb_streams < 1) {
938 return 0;
939 }
940 st = c->fc->streams[c->fc->nb_streams-1];
941
942 st->codecpar->sample_rate = get_bits_long(&gb, 32);
943 if (st->codecpar->sample_rate <= 0) {
944 av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
945 return AVERROR_INVALIDDATA;
946 }
947 skip_bits_long(&gb, 32); /* max bitrate */
948 st->codecpar->bit_rate = get_bits_long(&gb, 32);
949 st->codecpar->bits_per_coded_sample = get_bits(&gb, 8);
950 frame_duration_code = get_bits(&gb, 2);
951 skip_bits(&gb, 30); /* various fields */
952 channel_layout_code = get_bits(&gb, 16);
953
954 st->codecpar->frame_size =
955 (frame_duration_code == 0) ? 512 :
956 (frame_duration_code == 1) ? 1024 :
957 (frame_duration_code == 2) ? 2048 :
958 (frame_duration_code == 3) ? 4096 : 0;
959
960 if (channel_layout_code > 0xff) {
961 av_log(c->fc, AV_LOG_WARNING, "Unsupported DTS audio channel layout\n");
962 }
963 av_channel_layout_uninit(&st->codecpar->ch_layout);
964 av_channel_layout_from_mask(&st->codecpar->ch_layout,
965 ((channel_layout_code & 0x1) ? AV_CH_FRONT_CENTER : 0) |
966 ((channel_layout_code & 0x2) ? AV_CH_FRONT_LEFT : 0) |
967 ((channel_layout_code & 0x2) ? AV_CH_FRONT_RIGHT : 0) |
968 ((channel_layout_code & 0x4) ? AV_CH_SIDE_LEFT : 0) |
969 ((channel_layout_code & 0x4) ? AV_CH_SIDE_RIGHT : 0) |
970 ((channel_layout_code & 0x8) ? AV_CH_LOW_FREQUENCY : 0));
971
972 return 0;
973 }
974
mov_read_chan(MOVContext * c,AVIOContext * pb,MOVAtom atom)975 static int mov_read_chan(MOVContext *c, AVIOContext *pb, MOVAtom atom)
976 {
977 AVStream *st;
978
979 if (c->fc->nb_streams < 1)
980 return 0;
981 st = c->fc->streams[c->fc->nb_streams-1];
982
983 if (atom.size < 16)
984 return 0;
985
986 /* skip version and flags */
987 avio_skip(pb, 4);
988
989 ff_mov_read_chan(c->fc, pb, st, atom.size - 4);
990
991 return 0;
992 }
993
mov_read_wfex(MOVContext * c,AVIOContext * pb,MOVAtom atom)994 static int mov_read_wfex(MOVContext *c, AVIOContext *pb, MOVAtom atom)
995 {
996 AVStream *st;
997 int ret;
998
999 if (c->fc->nb_streams < 1)
1000 return 0;
1001 st = c->fc->streams[c->fc->nb_streams-1];
1002
1003 if ((ret = ff_get_wav_header(c->fc, pb, st->codecpar, atom.size, 0)) < 0)
1004 av_log(c->fc, AV_LOG_WARNING, "get_wav_header failed\n");
1005
1006 return ret;
1007 }
1008
1009 /* This atom overrides any previously set aspect ratio */
mov_read_pasp(MOVContext * c,AVIOContext * pb,MOVAtom atom)1010 static int mov_read_pasp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1011 {
1012 const int num = avio_rb32(pb);
1013 const int den = avio_rb32(pb);
1014 AVStream *st;
1015
1016 if (c->fc->nb_streams < 1)
1017 return 0;
1018 st = c->fc->streams[c->fc->nb_streams-1];
1019
1020 if (den != 0) {
1021 av_reduce(&st->sample_aspect_ratio.num, &st->sample_aspect_ratio.den,
1022 num, den, 32767);
1023 }
1024 return 0;
1025 }
1026
1027 /* this atom contains actual media data */
mov_read_mdat(MOVContext * c,AVIOContext * pb,MOVAtom atom)1028 static int mov_read_mdat(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1029 {
1030 if (atom.size == 0) /* wrong one (MP4) */
1031 return 0;
1032 c->found_mdat=1;
1033 return 0; /* now go for moov */
1034 }
1035
1036 #define DRM_BLOB_SIZE 56
1037
mov_read_adrm(MOVContext * c,AVIOContext * pb,MOVAtom atom)1038 static int mov_read_adrm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1039 {
1040 uint8_t intermediate_key[20];
1041 uint8_t intermediate_iv[20];
1042 uint8_t input[64];
1043 uint8_t output[64];
1044 uint8_t file_checksum[20];
1045 uint8_t calculated_checksum[20];
1046 char checksum_string[2 * sizeof(file_checksum) + 1];
1047 struct AVSHA *sha;
1048 int i;
1049 int ret = 0;
1050 uint8_t *activation_bytes = c->activation_bytes;
1051 uint8_t *fixed_key = c->audible_fixed_key;
1052
1053 c->aax_mode = 1;
1054
1055 sha = av_sha_alloc();
1056 if (!sha)
1057 return AVERROR(ENOMEM);
1058 av_free(c->aes_decrypt);
1059 c->aes_decrypt = av_aes_alloc();
1060 if (!c->aes_decrypt) {
1061 ret = AVERROR(ENOMEM);
1062 goto fail;
1063 }
1064
1065 /* drm blob processing */
1066 avio_read(pb, output, 8); // go to offset 8, absolute position 0x251
1067 avio_read(pb, input, DRM_BLOB_SIZE);
1068 avio_read(pb, output, 4); // go to offset 4, absolute position 0x28d
1069 avio_read(pb, file_checksum, 20);
1070
1071 // required by external tools
1072 ff_data_to_hex(checksum_string, file_checksum, sizeof(file_checksum), 1);
1073 av_log(c->fc, AV_LOG_INFO, "[aax] file checksum == %s\n", checksum_string);
1074
1075 /* verify activation data */
1076 if (!activation_bytes) {
1077 av_log(c->fc, AV_LOG_WARNING, "[aax] activation_bytes option is missing!\n");
1078 ret = 0; /* allow ffprobe to continue working on .aax files */
1079 goto fail;
1080 }
1081 if (c->activation_bytes_size != 4) {
1082 av_log(c->fc, AV_LOG_FATAL, "[aax] activation_bytes value needs to be 4 bytes!\n");
1083 ret = AVERROR(EINVAL);
1084 goto fail;
1085 }
1086
1087 /* verify fixed key */
1088 if (c->audible_fixed_key_size != 16) {
1089 av_log(c->fc, AV_LOG_FATAL, "[aax] audible_fixed_key value needs to be 16 bytes!\n");
1090 ret = AVERROR(EINVAL);
1091 goto fail;
1092 }
1093
1094 /* AAX (and AAX+) key derivation */
1095 av_sha_init(sha, 160);
1096 av_sha_update(sha, fixed_key, 16);
1097 av_sha_update(sha, activation_bytes, 4);
1098 av_sha_final(sha, intermediate_key);
1099 av_sha_init(sha, 160);
1100 av_sha_update(sha, fixed_key, 16);
1101 av_sha_update(sha, intermediate_key, 20);
1102 av_sha_update(sha, activation_bytes, 4);
1103 av_sha_final(sha, intermediate_iv);
1104 av_sha_init(sha, 160);
1105 av_sha_update(sha, intermediate_key, 16);
1106 av_sha_update(sha, intermediate_iv, 16);
1107 av_sha_final(sha, calculated_checksum);
1108 if (memcmp(calculated_checksum, file_checksum, 20)) { // critical error
1109 av_log(c->fc, AV_LOG_ERROR, "[aax] mismatch in checksums!\n");
1110 ret = AVERROR_INVALIDDATA;
1111 goto fail;
1112 }
1113 av_aes_init(c->aes_decrypt, intermediate_key, 128, 1);
1114 av_aes_crypt(c->aes_decrypt, output, input, DRM_BLOB_SIZE >> 4, intermediate_iv, 1);
1115 for (i = 0; i < 4; i++) {
1116 // file data (in output) is stored in big-endian mode
1117 if (activation_bytes[i] != output[3 - i]) { // critical error
1118 av_log(c->fc, AV_LOG_ERROR, "[aax] error in drm blob decryption!\n");
1119 ret = AVERROR_INVALIDDATA;
1120 goto fail;
1121 }
1122 }
1123 memcpy(c->file_key, output + 8, 16);
1124 memcpy(input, output + 26, 16);
1125 av_sha_init(sha, 160);
1126 av_sha_update(sha, input, 16);
1127 av_sha_update(sha, c->file_key, 16);
1128 av_sha_update(sha, fixed_key, 16);
1129 av_sha_final(sha, c->file_iv);
1130
1131 fail:
1132 av_free(sha);
1133
1134 return ret;
1135 }
1136
mov_aaxc_crypto(MOVContext * c)1137 static int mov_aaxc_crypto(MOVContext *c)
1138 {
1139 if (c->audible_key_size != 16) {
1140 av_log(c->fc, AV_LOG_FATAL, "[aaxc] audible_key value needs to be 16 bytes!\n");
1141 return AVERROR(EINVAL);
1142 }
1143
1144 if (c->audible_iv_size != 16) {
1145 av_log(c->fc, AV_LOG_FATAL, "[aaxc] audible_iv value needs to be 16 bytes!\n");
1146 return AVERROR(EINVAL);
1147 }
1148
1149 c->aes_decrypt = av_aes_alloc();
1150 if (!c->aes_decrypt) {
1151 return AVERROR(ENOMEM);
1152 }
1153
1154 memcpy(c->file_key, c->audible_key, 16);
1155 memcpy(c->file_iv, c->audible_iv, 16);
1156 c->aax_mode = 1;
1157
1158 return 0;
1159 }
1160
1161 // Audible AAX (and AAX+) bytestream decryption
aax_filter(uint8_t * input,int size,MOVContext * c)1162 static int aax_filter(uint8_t *input, int size, MOVContext *c)
1163 {
1164 int blocks = 0;
1165 unsigned char iv[16];
1166
1167 memcpy(iv, c->file_iv, 16); // iv is overwritten
1168 blocks = size >> 4; // trailing bytes are not encrypted!
1169 av_aes_init(c->aes_decrypt, c->file_key, 128, 1);
1170 av_aes_crypt(c->aes_decrypt, input, input, blocks, iv, 1);
1171
1172 return 0;
1173 }
1174
1175 /* read major brand, minor version and compatible brands and store them as metadata */
mov_read_ftyp(MOVContext * c,AVIOContext * pb,MOVAtom atom)1176 static int mov_read_ftyp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1177 {
1178 uint32_t minor_ver;
1179 int comp_brand_size;
1180 char* comp_brands_str;
1181 uint8_t type[5] = {0};
1182 int ret = ffio_read_size(pb, type, 4);
1183 if (ret < 0)
1184 return ret;
1185 if (c->fc->nb_streams)
1186 return AVERROR_INVALIDDATA;
1187
1188 if (strcmp(type, "qt "))
1189 c->isom = 1;
1190 av_log(c->fc, AV_LOG_DEBUG, "ISO: File Type Major Brand: %.4s\n",(char *)&type);
1191 av_dict_set(&c->fc->metadata, "major_brand", type, 0);
1192 c->is_still_picture_avif = !strncmp(type, "avif", 4);
1193 minor_ver = avio_rb32(pb); /* minor version */
1194 av_dict_set_int(&c->fc->metadata, "minor_version", minor_ver, 0);
1195
1196 comp_brand_size = atom.size - 8;
1197 if (comp_brand_size < 0 || comp_brand_size == INT_MAX)
1198 return AVERROR_INVALIDDATA;
1199 comp_brands_str = av_malloc(comp_brand_size + 1); /* Add null terminator */
1200 if (!comp_brands_str)
1201 return AVERROR(ENOMEM);
1202
1203 ret = ffio_read_size(pb, comp_brands_str, comp_brand_size);
1204 if (ret < 0) {
1205 av_freep(&comp_brands_str);
1206 return ret;
1207 }
1208 comp_brands_str[comp_brand_size] = 0;
1209 av_dict_set(&c->fc->metadata, "compatible_brands",
1210 comp_brands_str, AV_DICT_DONT_STRDUP_VAL);
1211
1212 // Logic for handling Audible's .aaxc files
1213 if (!strcmp(type, "aaxc")) {
1214 mov_aaxc_crypto(c);
1215 }
1216
1217 return 0;
1218 }
1219
1220 /* this atom should contain all header atoms */
mov_read_moov(MOVContext * c,AVIOContext * pb,MOVAtom atom)1221 static int mov_read_moov(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1222 {
1223 int ret;
1224
1225 if (c->found_moov) {
1226 av_log(c->fc, AV_LOG_WARNING, "Found duplicated MOOV Atom. Skipped it\n");
1227 avio_skip(pb, atom.size);
1228 return 0;
1229 }
1230
1231 if ((ret = mov_read_default(c, pb, atom)) < 0)
1232 return ret;
1233 /* we parsed the 'moov' atom, we can terminate the parsing as soon as we find the 'mdat' */
1234 /* so we don't parse the whole file if over a network */
1235 c->found_moov=1;
1236 return 0; /* now go for mdat */
1237 }
1238
get_frag_stream_info(MOVFragmentIndex * frag_index,int index,int id)1239 static MOVFragmentStreamInfo * get_frag_stream_info(
1240 MOVFragmentIndex *frag_index,
1241 int index,
1242 int id)
1243 {
1244 int i;
1245 MOVFragmentIndexItem * item;
1246
1247 if (index < 0 || index >= frag_index->nb_items)
1248 return NULL;
1249 item = &frag_index->item[index];
1250 for (i = 0; i < item->nb_stream_info; i++)
1251 if (item->stream_info[i].id == id)
1252 return &item->stream_info[i];
1253
1254 // This shouldn't happen
1255 return NULL;
1256 }
1257
set_frag_stream(MOVFragmentIndex * frag_index,int id)1258 static void set_frag_stream(MOVFragmentIndex *frag_index, int id)
1259 {
1260 int i;
1261 MOVFragmentIndexItem * item;
1262
1263 if (frag_index->current < 0 ||
1264 frag_index->current >= frag_index->nb_items)
1265 return;
1266
1267 item = &frag_index->item[frag_index->current];
1268 for (i = 0; i < item->nb_stream_info; i++)
1269 if (item->stream_info[i].id == id) {
1270 item->current = i;
1271 return;
1272 }
1273
1274 // id not found. This shouldn't happen.
1275 item->current = -1;
1276 }
1277
get_current_frag_stream_info(MOVFragmentIndex * frag_index)1278 static MOVFragmentStreamInfo * get_current_frag_stream_info(
1279 MOVFragmentIndex *frag_index)
1280 {
1281 MOVFragmentIndexItem *item;
1282 if (frag_index->current < 0 ||
1283 frag_index->current >= frag_index->nb_items)
1284 return NULL;
1285
1286 item = &frag_index->item[frag_index->current];
1287 if (item->current >= 0 && item->current < item->nb_stream_info)
1288 return &item->stream_info[item->current];
1289
1290 // This shouldn't happen
1291 return NULL;
1292 }
1293
search_frag_moof_offset(MOVFragmentIndex * frag_index,int64_t offset)1294 static int search_frag_moof_offset(MOVFragmentIndex *frag_index, int64_t offset)
1295 {
1296 int a, b, m;
1297 int64_t moof_offset;
1298
1299 // Optimize for appending new entries
1300 if (!frag_index->nb_items ||
1301 frag_index->item[frag_index->nb_items - 1].moof_offset < offset)
1302 return frag_index->nb_items;
1303
1304 a = -1;
1305 b = frag_index->nb_items;
1306
1307 while (b - a > 1) {
1308 m = (a + b) >> 1;
1309 moof_offset = frag_index->item[m].moof_offset;
1310 if (moof_offset >= offset)
1311 b = m;
1312 if (moof_offset <= offset)
1313 a = m;
1314 }
1315 return b;
1316 }
1317
get_stream_info_time(MOVFragmentStreamInfo * frag_stream_info)1318 static int64_t get_stream_info_time(MOVFragmentStreamInfo * frag_stream_info)
1319 {
1320 av_assert0(frag_stream_info);
1321 if (frag_stream_info->sidx_pts != AV_NOPTS_VALUE)
1322 return frag_stream_info->sidx_pts;
1323 if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE)
1324 return frag_stream_info->first_tfra_pts;
1325 return frag_stream_info->tfdt_dts;
1326 }
1327
get_frag_time(MOVFragmentIndex * frag_index,int index,int track_id)1328 static int64_t get_frag_time(MOVFragmentIndex *frag_index,
1329 int index, int track_id)
1330 {
1331 MOVFragmentStreamInfo * frag_stream_info;
1332 int64_t timestamp;
1333 int i;
1334
1335 if (track_id >= 0) {
1336 frag_stream_info = get_frag_stream_info(frag_index, index, track_id);
1337 if (frag_stream_info->sidx_pts != AV_NOPTS_VALUE)
1338 return frag_stream_info->sidx_pts;
1339 if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE)
1340 return frag_stream_info->first_tfra_pts;
1341 return frag_stream_info->sidx_pts;
1342 }
1343
1344 for (i = 0; i < frag_index->item[index].nb_stream_info; i++) {
1345 frag_stream_info = &frag_index->item[index].stream_info[i];
1346 timestamp = get_stream_info_time(frag_stream_info);
1347 if (timestamp != AV_NOPTS_VALUE)
1348 return timestamp;
1349 }
1350 return AV_NOPTS_VALUE;
1351 }
1352
search_frag_timestamp(MOVFragmentIndex * frag_index,AVStream * st,int64_t timestamp)1353 static int search_frag_timestamp(MOVFragmentIndex *frag_index,
1354 AVStream *st, int64_t timestamp)
1355 {
1356 int a, b, m, m0;
1357 int64_t frag_time;
1358 int id = -1;
1359
1360 if (st) {
1361 // If the stream is referenced by any sidx, limit the search
1362 // to fragments that referenced this stream in the sidx
1363 MOVStreamContext *sc = st->priv_data;
1364 if (sc->has_sidx)
1365 id = st->id;
1366 }
1367
1368 a = -1;
1369 b = frag_index->nb_items;
1370
1371 while (b - a > 1) {
1372 m0 = m = (a + b) >> 1;
1373
1374 while (m < b &&
1375 (frag_time = get_frag_time(frag_index, m, id)) == AV_NOPTS_VALUE)
1376 m++;
1377
1378 if (m < b && frag_time <= timestamp)
1379 a = m;
1380 else
1381 b = m0;
1382 }
1383
1384 return a;
1385 }
1386
update_frag_index(MOVContext * c,int64_t offset)1387 static int update_frag_index(MOVContext *c, int64_t offset)
1388 {
1389 int index, i;
1390 MOVFragmentIndexItem * item;
1391 MOVFragmentStreamInfo * frag_stream_info;
1392
1393 // If moof_offset already exists in frag_index, return index to it
1394 index = search_frag_moof_offset(&c->frag_index, offset);
1395 if (index < c->frag_index.nb_items &&
1396 c->frag_index.item[index].moof_offset == offset)
1397 return index;
1398
1399 // offset is not yet in frag index.
1400 // Insert new item at index (sorted by moof offset)
1401 item = av_fast_realloc(c->frag_index.item,
1402 &c->frag_index.allocated_size,
1403 (c->frag_index.nb_items + 1) *
1404 sizeof(*c->frag_index.item));
1405 if (!item)
1406 return -1;
1407 c->frag_index.item = item;
1408
1409 frag_stream_info = av_realloc_array(NULL, c->fc->nb_streams,
1410 sizeof(*item->stream_info));
1411 if (!frag_stream_info)
1412 return -1;
1413
1414 for (i = 0; i < c->fc->nb_streams; i++) {
1415 // Avoid building frag index if streams lack track id.
1416 if (c->fc->streams[i]->id < 0) {
1417 av_free(frag_stream_info);
1418 return AVERROR_INVALIDDATA;
1419 }
1420
1421 frag_stream_info[i].id = c->fc->streams[i]->id;
1422 frag_stream_info[i].sidx_pts = AV_NOPTS_VALUE;
1423 frag_stream_info[i].tfdt_dts = AV_NOPTS_VALUE;
1424 frag_stream_info[i].next_trun_dts = AV_NOPTS_VALUE;
1425 frag_stream_info[i].first_tfra_pts = AV_NOPTS_VALUE;
1426 frag_stream_info[i].index_entry = -1;
1427 frag_stream_info[i].encryption_index = NULL;
1428 }
1429
1430 if (index < c->frag_index.nb_items)
1431 memmove(c->frag_index.item + index + 1, c->frag_index.item + index,
1432 (c->frag_index.nb_items - index) * sizeof(*c->frag_index.item));
1433
1434 item = &c->frag_index.item[index];
1435 item->headers_read = 0;
1436 item->current = 0;
1437 item->nb_stream_info = c->fc->nb_streams;
1438 item->moof_offset = offset;
1439 item->stream_info = frag_stream_info;
1440 c->frag_index.nb_items++;
1441
1442 return index;
1443 }
1444
fix_frag_index_entries(MOVFragmentIndex * frag_index,int index,int id,int entries)1445 static void fix_frag_index_entries(MOVFragmentIndex *frag_index, int index,
1446 int id, int entries)
1447 {
1448 int i;
1449 MOVFragmentStreamInfo * frag_stream_info;
1450
1451 if (index < 0)
1452 return;
1453 for (i = index; i < frag_index->nb_items; i++) {
1454 frag_stream_info = get_frag_stream_info(frag_index, i, id);
1455 if (frag_stream_info && frag_stream_info->index_entry >= 0)
1456 frag_stream_info->index_entry += entries;
1457 }
1458 }
1459
mov_read_moof(MOVContext * c,AVIOContext * pb,MOVAtom atom)1460 static int mov_read_moof(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1461 {
1462 // Set by mov_read_tfhd(). mov_read_trun() will reject files missing tfhd.
1463 c->fragment.found_tfhd = 0;
1464
1465 if (!c->has_looked_for_mfra && c->use_mfra_for > 0) {
1466 c->has_looked_for_mfra = 1;
1467 if (pb->seekable & AVIO_SEEKABLE_NORMAL) {
1468 int ret;
1469 av_log(c->fc, AV_LOG_VERBOSE, "stream has moof boxes, will look "
1470 "for a mfra\n");
1471 if ((ret = mov_read_mfra(c, pb)) < 0) {
1472 av_log(c->fc, AV_LOG_VERBOSE, "found a moof box but failed to "
1473 "read the mfra (may be a live ismv)\n");
1474 }
1475 } else {
1476 av_log(c->fc, AV_LOG_VERBOSE, "found a moof box but stream is not "
1477 "seekable, can not look for mfra\n");
1478 }
1479 }
1480 c->fragment.moof_offset = c->fragment.implicit_offset = avio_tell(pb) - 8;
1481 av_log(c->fc, AV_LOG_TRACE, "moof offset %"PRIx64"\n", c->fragment.moof_offset);
1482 c->frag_index.current = update_frag_index(c, c->fragment.moof_offset);
1483 return mov_read_default(c, pb, atom);
1484 }
1485
mov_metadata_creation_time(AVDictionary ** metadata,int64_t time,void * logctx)1486 static void mov_metadata_creation_time(AVDictionary **metadata, int64_t time, void *logctx)
1487 {
1488 if (time) {
1489 if (time >= 2082844800)
1490 time -= 2082844800; /* seconds between 1904-01-01 and Epoch */
1491
1492 if ((int64_t)(time * 1000000ULL) / 1000000 != time) {
1493 av_log(logctx, AV_LOG_DEBUG, "creation_time is not representable\n");
1494 return;
1495 }
1496
1497 avpriv_dict_set_timestamp(metadata, "creation_time", time * 1000000);
1498 }
1499 }
1500
mov_read_mdhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)1501 static int mov_read_mdhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1502 {
1503 AVStream *st;
1504 MOVStreamContext *sc;
1505 int version;
1506 char language[4] = {0};
1507 unsigned lang;
1508 int64_t creation_time;
1509
1510 if (c->fc->nb_streams < 1)
1511 return 0;
1512 st = c->fc->streams[c->fc->nb_streams-1];
1513 sc = st->priv_data;
1514
1515 if (sc->time_scale) {
1516 av_log(c->fc, AV_LOG_ERROR, "Multiple mdhd?\n");
1517 return AVERROR_INVALIDDATA;
1518 }
1519
1520 version = avio_r8(pb);
1521 if (version > 1) {
1522 avpriv_request_sample(c->fc, "Version %d", version);
1523 return AVERROR_PATCHWELCOME;
1524 }
1525 avio_rb24(pb); /* flags */
1526 if (version == 1) {
1527 creation_time = avio_rb64(pb);
1528 avio_rb64(pb);
1529 } else {
1530 creation_time = avio_rb32(pb);
1531 avio_rb32(pb); /* modification time */
1532 }
1533 mov_metadata_creation_time(&st->metadata, creation_time, c->fc);
1534
1535 sc->time_scale = avio_rb32(pb);
1536 if (sc->time_scale <= 0) {
1537 av_log(c->fc, AV_LOG_ERROR, "Invalid mdhd time scale %d, defaulting to 1\n", sc->time_scale);
1538 sc->time_scale = 1;
1539 }
1540 st->duration = (version == 1) ? avio_rb64(pb) : avio_rb32(pb); /* duration */
1541
1542 lang = avio_rb16(pb); /* language */
1543 if (ff_mov_lang_to_iso639(lang, language))
1544 av_dict_set(&st->metadata, "language", language, 0);
1545 avio_rb16(pb); /* quality */
1546
1547 #ifdef OHOS_EXPAND_MP4_INFO
1548 st->time_scale = sc->time_scale;
1549 #endif
1550
1551 return 0;
1552 }
1553
mov_read_mvhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)1554 static int mov_read_mvhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1555 {
1556 int i;
1557 int64_t creation_time;
1558 int version = avio_r8(pb); /* version */
1559 avio_rb24(pb); /* flags */
1560
1561 if (version == 1) {
1562 creation_time = avio_rb64(pb);
1563 avio_rb64(pb);
1564 } else {
1565 creation_time = avio_rb32(pb);
1566 avio_rb32(pb); /* modification time */
1567 }
1568 mov_metadata_creation_time(&c->fc->metadata, creation_time, c->fc);
1569 c->time_scale = avio_rb32(pb); /* time scale */
1570 if (c->time_scale <= 0) {
1571 av_log(c->fc, AV_LOG_ERROR, "Invalid mvhd time scale %d, defaulting to 1\n", c->time_scale);
1572 c->time_scale = 1;
1573 }
1574 av_log(c->fc, AV_LOG_TRACE, "time scale = %i\n", c->time_scale);
1575
1576 c->duration = (version == 1) ? avio_rb64(pb) : avio_rb32(pb); /* duration */
1577 // set the AVFormatContext duration because the duration of individual tracks
1578 // may be inaccurate
1579 if (!c->trex_data)
1580 c->fc->duration = av_rescale(c->duration, AV_TIME_BASE, c->time_scale);
1581 avio_rb32(pb); /* preferred scale */
1582
1583 avio_rb16(pb); /* preferred volume */
1584
1585 avio_skip(pb, 10); /* reserved */
1586
1587 /* movie display matrix, store it in main context and use it later on */
1588 for (i = 0; i < 3; i++) {
1589 c->movie_display_matrix[i][0] = avio_rb32(pb); // 16.16 fixed point
1590 c->movie_display_matrix[i][1] = avio_rb32(pb); // 16.16 fixed point
1591 c->movie_display_matrix[i][2] = avio_rb32(pb); // 2.30 fixed point
1592 }
1593
1594 avio_rb32(pb); /* preview time */
1595 avio_rb32(pb); /* preview duration */
1596 avio_rb32(pb); /* poster time */
1597 avio_rb32(pb); /* selection time */
1598 avio_rb32(pb); /* selection duration */
1599 avio_rb32(pb); /* current time */
1600 avio_rb32(pb); /* next track ID */
1601
1602 return 0;
1603 }
1604
set_last_stream_little_endian(AVFormatContext * fc)1605 static void set_last_stream_little_endian(AVFormatContext *fc)
1606 {
1607 AVStream *st;
1608
1609 if (fc->nb_streams < 1)
1610 return;
1611 st = fc->streams[fc->nb_streams-1];
1612
1613 switch (st->codecpar->codec_id) {
1614 case AV_CODEC_ID_PCM_S16BE:
1615 st->codecpar->codec_id = AV_CODEC_ID_PCM_S16LE;
1616 break;
1617 case AV_CODEC_ID_PCM_S24BE:
1618 st->codecpar->codec_id = AV_CODEC_ID_PCM_S24LE;
1619 break;
1620 case AV_CODEC_ID_PCM_S32BE:
1621 st->codecpar->codec_id = AV_CODEC_ID_PCM_S32LE;
1622 break;
1623 case AV_CODEC_ID_PCM_F32BE:
1624 st->codecpar->codec_id = AV_CODEC_ID_PCM_F32LE;
1625 break;
1626 case AV_CODEC_ID_PCM_F64BE:
1627 st->codecpar->codec_id = AV_CODEC_ID_PCM_F64LE;
1628 break;
1629 default:
1630 break;
1631 }
1632 }
1633
mov_read_enda(MOVContext * c,AVIOContext * pb,MOVAtom atom)1634 static int mov_read_enda(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1635 {
1636 int little_endian = avio_rb16(pb) & 0xFF;
1637 av_log(c->fc, AV_LOG_TRACE, "enda %d\n", little_endian);
1638 if (little_endian == 1)
1639 set_last_stream_little_endian(c->fc);
1640 return 0;
1641 }
1642
mov_read_pcmc(MOVContext * c,AVIOContext * pb,MOVAtom atom)1643 static int mov_read_pcmc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1644 {
1645 int format_flags;
1646
1647 if (atom.size < 6) {
1648 av_log(c->fc, AV_LOG_ERROR, "Empty pcmC box\n");
1649 return AVERROR_INVALIDDATA;
1650 }
1651
1652 avio_r8(pb); // version
1653 avio_rb24(pb); // flags
1654 format_flags = avio_r8(pb);
1655 if (format_flags == 1) // indicates little-endian format. If not present, big-endian format is used
1656 set_last_stream_little_endian(c->fc);
1657
1658 return 0;
1659 }
1660
mov_read_colr(MOVContext * c,AVIOContext * pb,MOVAtom atom)1661 static int mov_read_colr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1662 {
1663 AVStream *st;
1664 uint8_t *icc_profile;
1665 char color_parameter_type[5] = { 0 };
1666 uint16_t color_primaries, color_trc, color_matrix;
1667 int ret;
1668
1669 if (c->fc->nb_streams < 1)
1670 return 0;
1671 st = c->fc->streams[c->fc->nb_streams - 1];
1672
1673 ret = ffio_read_size(pb, color_parameter_type, 4);
1674 if (ret < 0)
1675 return ret;
1676 if (strncmp(color_parameter_type, "nclx", 4) &&
1677 strncmp(color_parameter_type, "nclc", 4) &&
1678 strncmp(color_parameter_type, "prof", 4)) {
1679 av_log(c->fc, AV_LOG_WARNING, "unsupported color_parameter_type %s\n",
1680 color_parameter_type);
1681 return 0;
1682 }
1683
1684 if (!strncmp(color_parameter_type, "prof", 4)) {
1685 icc_profile = av_stream_new_side_data(st, AV_PKT_DATA_ICC_PROFILE, atom.size - 4);
1686 if (!icc_profile)
1687 return AVERROR(ENOMEM);
1688 ret = ffio_read_size(pb, icc_profile, atom.size - 4);
1689 if (ret < 0)
1690 return ret;
1691 } else {
1692 color_primaries = avio_rb16(pb);
1693 color_trc = avio_rb16(pb);
1694 color_matrix = avio_rb16(pb);
1695
1696 av_log(c->fc, AV_LOG_TRACE,
1697 "%s: pri %d trc %d matrix %d",
1698 color_parameter_type, color_primaries, color_trc, color_matrix);
1699
1700 if (!strncmp(color_parameter_type, "nclx", 4)) {
1701 uint8_t color_range = avio_r8(pb) >> 7;
1702 av_log(c->fc, AV_LOG_TRACE, " full %"PRIu8"", color_range);
1703 if (color_range)
1704 st->codecpar->color_range = AVCOL_RANGE_JPEG;
1705 else
1706 st->codecpar->color_range = AVCOL_RANGE_MPEG;
1707 }
1708
1709 if (!av_color_primaries_name(color_primaries))
1710 color_primaries = AVCOL_PRI_UNSPECIFIED;
1711 if (!av_color_transfer_name(color_trc))
1712 color_trc = AVCOL_TRC_UNSPECIFIED;
1713 if (!av_color_space_name(color_matrix))
1714 color_matrix = AVCOL_SPC_UNSPECIFIED;
1715
1716 st->codecpar->color_primaries = color_primaries;
1717 st->codecpar->color_trc = color_trc;
1718 st->codecpar->color_space = color_matrix;
1719 av_log(c->fc, AV_LOG_TRACE, "\n");
1720 }
1721 return 0;
1722 }
1723
mov_read_fiel(MOVContext * c,AVIOContext * pb,MOVAtom atom)1724 static int mov_read_fiel(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1725 {
1726 AVStream *st;
1727 unsigned mov_field_order;
1728 enum AVFieldOrder decoded_field_order = AV_FIELD_UNKNOWN;
1729
1730 if (c->fc->nb_streams < 1) // will happen with jp2 files
1731 return 0;
1732 st = c->fc->streams[c->fc->nb_streams-1];
1733 if (atom.size < 2)
1734 return AVERROR_INVALIDDATA;
1735 mov_field_order = avio_rb16(pb);
1736 if ((mov_field_order & 0xFF00) == 0x0100)
1737 decoded_field_order = AV_FIELD_PROGRESSIVE;
1738 else if ((mov_field_order & 0xFF00) == 0x0200) {
1739 switch (mov_field_order & 0xFF) {
1740 case 0x01: decoded_field_order = AV_FIELD_TT;
1741 break;
1742 case 0x06: decoded_field_order = AV_FIELD_BB;
1743 break;
1744 case 0x09: decoded_field_order = AV_FIELD_TB;
1745 break;
1746 case 0x0E: decoded_field_order = AV_FIELD_BT;
1747 break;
1748 }
1749 }
1750 if (decoded_field_order == AV_FIELD_UNKNOWN && mov_field_order) {
1751 av_log(c->fc, AV_LOG_ERROR, "Unknown MOV field order 0x%04x\n", mov_field_order);
1752 }
1753 st->codecpar->field_order = decoded_field_order;
1754
1755 return 0;
1756 }
1757
mov_realloc_extradata(AVCodecParameters * par,MOVAtom atom)1758 static int mov_realloc_extradata(AVCodecParameters *par, MOVAtom atom)
1759 {
1760 int err = 0;
1761 uint64_t size = (uint64_t)par->extradata_size + atom.size + 8 + AV_INPUT_BUFFER_PADDING_SIZE;
1762 if (size > INT_MAX || (uint64_t)atom.size > INT_MAX)
1763 return AVERROR_INVALIDDATA;
1764 if ((err = av_reallocp(&par->extradata, size)) < 0) {
1765 par->extradata_size = 0;
1766 return err;
1767 }
1768 par->extradata_size = size - AV_INPUT_BUFFER_PADDING_SIZE;
1769 return 0;
1770 }
1771
1772 /* Read a whole atom into the extradata return the size of the atom read, possibly truncated if != atom.size */
mov_read_atom_into_extradata(MOVContext * c,AVIOContext * pb,MOVAtom atom,AVCodecParameters * par,uint8_t * buf)1773 static int64_t mov_read_atom_into_extradata(MOVContext *c, AVIOContext *pb, MOVAtom atom,
1774 AVCodecParameters *par, uint8_t *buf)
1775 {
1776 int64_t result = atom.size;
1777 int err;
1778
1779 AV_WB32(buf , atom.size + 8);
1780 AV_WL32(buf + 4, atom.type);
1781 err = ffio_read_size(pb, buf + 8, atom.size);
1782 if (err < 0) {
1783 par->extradata_size -= atom.size;
1784 return err;
1785 } else if (err < atom.size) {
1786 av_log(c->fc, AV_LOG_WARNING, "truncated extradata\n");
1787 par->extradata_size -= atom.size - err;
1788 result = err;
1789 }
1790 memset(buf + 8 + err, 0, AV_INPUT_BUFFER_PADDING_SIZE);
1791 return result;
1792 }
1793
1794 /* FIXME modify QDM2/SVQ3/H.264 decoders to take full atom as extradata */
mov_read_extradata(MOVContext * c,AVIOContext * pb,MOVAtom atom,enum AVCodecID codec_id)1795 static int mov_read_extradata(MOVContext *c, AVIOContext *pb, MOVAtom atom,
1796 enum AVCodecID codec_id)
1797 {
1798 AVStream *st;
1799 uint64_t original_size;
1800 int err;
1801
1802 if (c->fc->nb_streams < 1) // will happen with jp2 files
1803 return 0;
1804 st = c->fc->streams[c->fc->nb_streams-1];
1805
1806 if (st->codecpar->codec_id != codec_id)
1807 return 0; /* unexpected codec_id - don't mess with extradata */
1808
1809 original_size = st->codecpar->extradata_size;
1810 err = mov_realloc_extradata(st->codecpar, atom);
1811 if (err)
1812 return err;
1813
1814 err = mov_read_atom_into_extradata(c, pb, atom, st->codecpar, st->codecpar->extradata + original_size);
1815 if (err < 0)
1816 return err;
1817 return 0; // Note: this is the original behavior to ignore truncation.
1818 }
1819
1820 /* wrapper functions for reading ALAC/AVS/MJPEG/MJPEG2000 extradata atoms only for those codecs */
mov_read_alac(MOVContext * c,AVIOContext * pb,MOVAtom atom)1821 static int mov_read_alac(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1822 {
1823 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_ALAC);
1824 }
1825
mov_read_avss(MOVContext * c,AVIOContext * pb,MOVAtom atom)1826 static int mov_read_avss(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1827 {
1828 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_AVS);
1829 }
1830
mov_read_jp2h(MOVContext * c,AVIOContext * pb,MOVAtom atom)1831 static int mov_read_jp2h(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1832 {
1833 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_JPEG2000);
1834 }
1835
mov_read_dpxe(MOVContext * c,AVIOContext * pb,MOVAtom atom)1836 static int mov_read_dpxe(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1837 {
1838 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_R10K);
1839 }
1840
mov_read_avid(MOVContext * c,AVIOContext * pb,MOVAtom atom)1841 static int mov_read_avid(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1842 {
1843 int ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_AVUI);
1844 if (!ret)
1845 ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_DNXHD);
1846 return ret;
1847 }
1848
mov_read_targa_y216(MOVContext * c,AVIOContext * pb,MOVAtom atom)1849 static int mov_read_targa_y216(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1850 {
1851 int ret = mov_read_extradata(c, pb, atom, AV_CODEC_ID_TARGA_Y216);
1852
1853 if (!ret && c->fc->nb_streams >= 1) {
1854 AVCodecParameters *par = c->fc->streams[c->fc->nb_streams-1]->codecpar;
1855 if (par->extradata_size >= 40) {
1856 par->height = AV_RB16(&par->extradata[36]);
1857 par->width = AV_RB16(&par->extradata[38]);
1858 }
1859 }
1860 return ret;
1861 }
1862
mov_read_ares(MOVContext * c,AVIOContext * pb,MOVAtom atom)1863 static int mov_read_ares(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1864 {
1865 if (c->fc->nb_streams >= 1) {
1866 AVStream *const st = c->fc->streams[c->fc->nb_streams - 1];
1867 FFStream *const sti = ffstream(st);
1868 AVCodecParameters *par = st->codecpar;
1869
1870 if (par->codec_tag == MKTAG('A', 'V', 'i', 'n') &&
1871 par->codec_id == AV_CODEC_ID_H264 &&
1872 atom.size > 11) {
1873 int cid;
1874 avio_skip(pb, 10);
1875 cid = avio_rb16(pb);
1876 /* For AVID AVCI50, force width of 1440 to be able to select the correct SPS and PPS */
1877 if (cid == 0xd4d || cid == 0xd4e)
1878 par->width = 1440;
1879 return 0;
1880 } else if ((par->codec_tag == MKTAG('A', 'V', 'd', '1') ||
1881 par->codec_tag == MKTAG('A', 'V', 'j', '2') ||
1882 par->codec_tag == MKTAG('A', 'V', 'd', 'n')) &&
1883 atom.size >= 24) {
1884 int num, den;
1885 avio_skip(pb, 12);
1886 num = avio_rb32(pb);
1887 den = avio_rb32(pb);
1888 if (num <= 0 || den <= 0)
1889 return 0;
1890 switch (avio_rb32(pb)) {
1891 case 2:
1892 if (den >= INT_MAX / 2)
1893 return 0;
1894 den *= 2;
1895 case 1:
1896 sti->display_aspect_ratio = (AVRational){ num, den };
1897 default:
1898 return 0;
1899 }
1900 }
1901 }
1902
1903 return mov_read_avid(c, pb, atom);
1904 }
1905
mov_read_aclr(MOVContext * c,AVIOContext * pb,MOVAtom atom)1906 static int mov_read_aclr(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1907 {
1908 int ret = 0;
1909 int length = 0;
1910 uint64_t original_size;
1911 if (c->fc->nb_streams >= 1) {
1912 AVCodecParameters *par = c->fc->streams[c->fc->nb_streams-1]->codecpar;
1913 if (par->codec_id == AV_CODEC_ID_H264)
1914 return 0;
1915 if (atom.size == 16) {
1916 original_size = par->extradata_size;
1917 ret = mov_realloc_extradata(par, atom);
1918 if (!ret) {
1919 length = mov_read_atom_into_extradata(c, pb, atom, par, par->extradata + original_size);
1920 if (length == atom.size) {
1921 const uint8_t range_value = par->extradata[original_size + 19];
1922 switch (range_value) {
1923 case 1:
1924 par->color_range = AVCOL_RANGE_MPEG;
1925 break;
1926 case 2:
1927 par->color_range = AVCOL_RANGE_JPEG;
1928 break;
1929 default:
1930 av_log(c->fc, AV_LOG_WARNING, "ignored unknown aclr value (%d)\n", range_value);
1931 break;
1932 }
1933 ff_dlog(c->fc, "color_range: %d\n", par->color_range);
1934 } else {
1935 /* For some reason the whole atom was not added to the extradata */
1936 av_log(c->fc, AV_LOG_ERROR, "aclr not decoded - incomplete atom\n");
1937 }
1938 } else {
1939 av_log(c->fc, AV_LOG_ERROR, "aclr not decoded - unable to add atom to extradata\n");
1940 }
1941 } else {
1942 av_log(c->fc, AV_LOG_WARNING, "aclr not decoded - unexpected size %"PRId64"\n", atom.size);
1943 }
1944 }
1945
1946 return ret;
1947 }
1948
mov_read_svq3(MOVContext * c,AVIOContext * pb,MOVAtom atom)1949 static int mov_read_svq3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1950 {
1951 return mov_read_extradata(c, pb, atom, AV_CODEC_ID_SVQ3);
1952 }
1953
mov_read_wave(MOVContext * c,AVIOContext * pb,MOVAtom atom)1954 static int mov_read_wave(MOVContext *c, AVIOContext *pb, MOVAtom atom)
1955 {
1956 AVStream *st;
1957 int ret;
1958
1959 if (c->fc->nb_streams < 1)
1960 return 0;
1961 st = c->fc->streams[c->fc->nb_streams-1];
1962
1963 if ((uint64_t)atom.size > (1<<30))
1964 return AVERROR_INVALIDDATA;
1965
1966 if (st->codecpar->codec_id == AV_CODEC_ID_QDM2 ||
1967 st->codecpar->codec_id == AV_CODEC_ID_QDMC ||
1968 st->codecpar->codec_id == AV_CODEC_ID_SPEEX) {
1969 // pass all frma atom to codec, needed at least for QDMC and QDM2
1970 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size);
1971 if (ret < 0)
1972 return ret;
1973 } else if (atom.size > 8) { /* to read frma, esds atoms */
1974 if (st->codecpar->codec_id == AV_CODEC_ID_ALAC && atom.size >= 24) {
1975 uint64_t buffer;
1976 ret = ffio_ensure_seekback(pb, 8);
1977 if (ret < 0)
1978 return ret;
1979 buffer = avio_rb64(pb);
1980 atom.size -= 8;
1981 if ( (buffer & 0xFFFFFFFF) == MKBETAG('f','r','m','a')
1982 && buffer >> 32 <= atom.size
1983 && buffer >> 32 >= 8) {
1984 avio_skip(pb, -8);
1985 atom.size += 8;
1986 } else if (!st->codecpar->extradata_size) {
1987 #define ALAC_EXTRADATA_SIZE 36
1988 st->codecpar->extradata = av_mallocz(ALAC_EXTRADATA_SIZE + AV_INPUT_BUFFER_PADDING_SIZE);
1989 if (!st->codecpar->extradata)
1990 return AVERROR(ENOMEM);
1991 st->codecpar->extradata_size = ALAC_EXTRADATA_SIZE;
1992 AV_WB32(st->codecpar->extradata , ALAC_EXTRADATA_SIZE);
1993 AV_WB32(st->codecpar->extradata + 4, MKTAG('a','l','a','c'));
1994 AV_WB64(st->codecpar->extradata + 12, buffer);
1995 avio_read(pb, st->codecpar->extradata + 20, 16);
1996 avio_skip(pb, atom.size - 24);
1997 return 0;
1998 }
1999 }
2000 if ((ret = mov_read_default(c, pb, atom)) < 0)
2001 return ret;
2002 } else
2003 avio_skip(pb, atom.size);
2004 return 0;
2005 }
2006
2007 /**
2008 * This function reads atom content and puts data in extradata without tag
2009 * nor size unlike mov_read_extradata.
2010 */
mov_read_glbl(MOVContext * c,AVIOContext * pb,MOVAtom atom)2011 static int mov_read_glbl(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2012 {
2013 AVStream *st;
2014 int ret;
2015
2016 if (c->fc->nb_streams < 1)
2017 return 0;
2018 st = c->fc->streams[c->fc->nb_streams-1];
2019
2020 if ((uint64_t)atom.size > (1<<30))
2021 return AVERROR_INVALIDDATA;
2022 #ifdef OHOS_OPT_COMPAT
2023 if (atom.type == MKTAG('v','v','c','C')) {
2024 avio_rb32(pb);
2025 atom.size -= 4;
2026 }
2027 #endif
2028 if (atom.size >= 10) {
2029 // Broken files created by legacy versions of libavformat will
2030 // wrap a whole fiel atom inside of a glbl atom.
2031 unsigned size = avio_rb32(pb);
2032 unsigned type = avio_rl32(pb);
2033 if (avio_feof(pb))
2034 return AVERROR_INVALIDDATA;
2035 avio_seek(pb, -8, SEEK_CUR);
2036 if (type == MKTAG('f','i','e','l') && size == atom.size)
2037 return mov_read_default(c, pb, atom);
2038 }
2039 if (st->codecpar->extradata_size > 1 && st->codecpar->extradata) {
2040 av_log(c->fc, AV_LOG_WARNING, "ignoring multiple glbl\n");
2041 return 0;
2042 }
2043 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size);
2044 if (ret < 0)
2045 return ret;
2046 if (atom.type == MKTAG('h','v','c','C') && st->codecpar->codec_tag == MKTAG('d','v','h','1'))
2047 /* HEVC-based Dolby Vision derived from hvc1.
2048 Happens to match with an identifier
2049 previously utilized for DV. Thus, if we have
2050 the hvcC extradata box available as specified,
2051 set codec to HEVC */
2052 st->codecpar->codec_id = AV_CODEC_ID_HEVC;
2053 #ifdef OHOS_OPT_COMPAT
2054 if (atom.type == MKTAG('v','v','c','C'))
2055 st->codecpar->codec_id = AV_CODEC_ID_VVC;
2056 #endif
2057 return 0;
2058 }
2059
mov_read_dvc1(MOVContext * c,AVIOContext * pb,MOVAtom atom)2060 static int mov_read_dvc1(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2061 {
2062 AVStream *st;
2063 uint8_t profile_level;
2064 int ret;
2065
2066 if (c->fc->nb_streams < 1)
2067 return 0;
2068 st = c->fc->streams[c->fc->nb_streams-1];
2069
2070 if (atom.size >= (1<<28) || atom.size < 7)
2071 return AVERROR_INVALIDDATA;
2072
2073 profile_level = avio_r8(pb);
2074 if ((profile_level & 0xf0) != 0xc0)
2075 return 0;
2076
2077 avio_seek(pb, 6, SEEK_CUR);
2078 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size - 7);
2079 if (ret < 0)
2080 return ret;
2081
2082 return 0;
2083 }
2084
2085 /**
2086 * An strf atom is a BITMAPINFOHEADER struct. This struct is 40 bytes itself,
2087 * but can have extradata appended at the end after the 40 bytes belonging
2088 * to the struct.
2089 */
mov_read_strf(MOVContext * c,AVIOContext * pb,MOVAtom atom)2090 static int mov_read_strf(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2091 {
2092 AVStream *st;
2093 int ret;
2094
2095 if (c->fc->nb_streams < 1)
2096 return 0;
2097 if (atom.size <= 40)
2098 return 0;
2099 st = c->fc->streams[c->fc->nb_streams-1];
2100
2101 if ((uint64_t)atom.size > (1<<30))
2102 return AVERROR_INVALIDDATA;
2103
2104 avio_skip(pb, 40);
2105 ret = ff_get_extradata(c->fc, st->codecpar, pb, atom.size - 40);
2106 if (ret < 0)
2107 return ret;
2108
2109 return 0;
2110 }
2111
mov_read_stco(MOVContext * c,AVIOContext * pb,MOVAtom atom)2112 static int mov_read_stco(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2113 {
2114 AVStream *st;
2115 MOVStreamContext *sc;
2116 unsigned int i, entries;
2117
2118 if (c->trak_index < 0) {
2119 av_log(c->fc, AV_LOG_WARNING, "STCO outside TRAK\n");
2120 return 0;
2121 }
2122 if (c->fc->nb_streams < 1)
2123 return 0;
2124 st = c->fc->streams[c->fc->nb_streams-1];
2125 sc = st->priv_data;
2126
2127 avio_r8(pb); /* version */
2128 avio_rb24(pb); /* flags */
2129
2130 entries = avio_rb32(pb);
2131
2132 if (!entries)
2133 return 0;
2134
2135 if (sc->chunk_offsets) {
2136 av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicated STCO atom\n");
2137 return 0;
2138 }
2139 av_free(sc->chunk_offsets);
2140 sc->chunk_count = 0;
2141 sc->chunk_offsets = av_malloc_array(entries, sizeof(*sc->chunk_offsets));
2142 if (!sc->chunk_offsets)
2143 return AVERROR(ENOMEM);
2144 sc->chunk_count = entries;
2145
2146 if (atom.type == MKTAG('s','t','c','o'))
2147 for (i = 0; i < entries && !pb->eof_reached; i++)
2148 sc->chunk_offsets[i] = avio_rb32(pb);
2149 else if (atom.type == MKTAG('c','o','6','4'))
2150 for (i = 0; i < entries && !pb->eof_reached; i++)
2151 sc->chunk_offsets[i] = avio_rb64(pb);
2152 else
2153 return AVERROR_INVALIDDATA;
2154
2155 sc->chunk_count = i;
2156
2157 if (pb->eof_reached) {
2158 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STCO atom\n");
2159 return AVERROR_EOF;
2160 }
2161
2162 return 0;
2163 }
2164
mov_codec_id(AVStream * st,uint32_t format)2165 static int mov_codec_id(AVStream *st, uint32_t format)
2166 {
2167 int id = ff_codec_get_id(ff_codec_movaudio_tags, format);
2168
2169 if (id <= 0 &&
2170 ((format & 0xFFFF) == 'm' + ('s' << 8) ||
2171 (format & 0xFFFF) == 'T' + ('S' << 8)))
2172 id = ff_codec_get_id(ff_codec_wav_tags, av_bswap32(format) & 0xFFFF);
2173
2174 if (st->codecpar->codec_type != AVMEDIA_TYPE_VIDEO && id > 0) {
2175 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
2176 } else if (st->codecpar->codec_type != AVMEDIA_TYPE_AUDIO &&
2177 /* skip old ASF MPEG-4 tag */
2178 format && format != MKTAG('m','p','4','s')) {
2179 id = ff_codec_get_id(ff_codec_movvideo_tags, format);
2180 if (id <= 0)
2181 id = ff_codec_get_id(ff_codec_bmp_tags, format);
2182 if (id > 0)
2183 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
2184 else if (st->codecpar->codec_type == AVMEDIA_TYPE_DATA ||
2185 (st->codecpar->codec_type == AVMEDIA_TYPE_SUBTITLE &&
2186 st->codecpar->codec_id == AV_CODEC_ID_NONE)) {
2187 id = ff_codec_get_id(ff_codec_movsubtitle_tags, format);
2188 if (id > 0)
2189 st->codecpar->codec_type = AVMEDIA_TYPE_SUBTITLE;
2190 else
2191 id = ff_codec_get_id(ff_codec_movdata_tags, format);
2192 #ifdef OHOS_TIMED_META_TRACK
2193 } else if (st->codecpar->codec_type == AVMEDIA_TYPE_TIMEDMETA) {
2194 id = AV_CODEC_ID_FFMETADATA;
2195 }
2196 #else
2197 }
2198 #endif
2199 }
2200
2201 st->codecpar->codec_tag = format;
2202
2203 return id;
2204 }
2205
mov_parse_stsd_video(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2206 static void mov_parse_stsd_video(MOVContext *c, AVIOContext *pb,
2207 AVStream *st, MOVStreamContext *sc)
2208 {
2209 uint8_t codec_name[32] = { 0 };
2210 int64_t stsd_start;
2211 unsigned int len;
2212 uint32_t id = 0;
2213
2214 /* The first 16 bytes of the video sample description are already
2215 * read in ff_mov_read_stsd_entries() */
2216 stsd_start = avio_tell(pb) - 16;
2217
2218 avio_rb16(pb); /* version */
2219 avio_rb16(pb); /* revision level */
2220 id = avio_rl32(pb); /* vendor */
2221 av_dict_set(&st->metadata, "vendor_id", av_fourcc2str(id), 0);
2222 avio_rb32(pb); /* temporal quality */
2223 avio_rb32(pb); /* spatial quality */
2224
2225 st->codecpar->width = avio_rb16(pb); /* width */
2226 st->codecpar->height = avio_rb16(pb); /* height */
2227
2228 avio_rb32(pb); /* horiz resolution */
2229 avio_rb32(pb); /* vert resolution */
2230 avio_rb32(pb); /* data size, always 0 */
2231 avio_rb16(pb); /* frames per samples */
2232
2233 len = avio_r8(pb); /* codec name, pascal string */
2234 if (len > 31)
2235 len = 31;
2236 mov_read_mac_string(c, pb, len, codec_name, sizeof(codec_name));
2237 if (len < 31)
2238 avio_skip(pb, 31 - len);
2239
2240 if (codec_name[0])
2241 av_dict_set(&st->metadata, "encoder", codec_name, 0);
2242
2243 /* codec_tag YV12 triggers an UV swap in rawdec.c */
2244 if (!strncmp(codec_name, "Planar Y'CbCr 8-bit 4:2:0", 25)) {
2245 st->codecpar->codec_tag = MKTAG('I', '4', '2', '0');
2246 st->codecpar->width &= ~1;
2247 st->codecpar->height &= ~1;
2248 }
2249 /* Flash Media Server uses tag H.263 with Sorenson Spark */
2250 if (st->codecpar->codec_tag == MKTAG('H','2','6','3') &&
2251 !strncmp(codec_name, "Sorenson H263", 13))
2252 st->codecpar->codec_id = AV_CODEC_ID_FLV1;
2253
2254 st->codecpar->bits_per_coded_sample = avio_rb16(pb); /* depth */
2255
2256 avio_seek(pb, stsd_start, SEEK_SET);
2257
2258 if (ff_get_qtpalette(st->codecpar->codec_id, pb, sc->palette)) {
2259 st->codecpar->bits_per_coded_sample &= 0x1F;
2260 sc->has_palette = 1;
2261 }
2262 }
2263
mov_parse_stsd_audio(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2264 static void mov_parse_stsd_audio(MOVContext *c, AVIOContext *pb,
2265 AVStream *st, MOVStreamContext *sc)
2266 {
2267 int bits_per_sample, flags;
2268 uint16_t version = avio_rb16(pb);
2269 uint32_t id = 0;
2270 AVDictionaryEntry *compatible_brands = av_dict_get(c->fc->metadata, "compatible_brands", NULL, AV_DICT_MATCH_CASE);
2271 int channel_count;
2272
2273 avio_rb16(pb); /* revision level */
2274 id = avio_rl32(pb); /* vendor */
2275 av_dict_set(&st->metadata, "vendor_id", av_fourcc2str(id), 0);
2276
2277 channel_count = avio_rb16(pb);
2278
2279 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;
2280 st->codecpar->ch_layout.nb_channels = channel_count;
2281 st->codecpar->bits_per_coded_sample = avio_rb16(pb); /* sample size */
2282 av_log(c->fc, AV_LOG_TRACE, "audio channels %d\n", channel_count);
2283
2284 sc->audio_cid = avio_rb16(pb);
2285 avio_rb16(pb); /* packet size = 0 */
2286
2287 st->codecpar->sample_rate = ((avio_rb32(pb) >> 16));
2288
2289 // Read QT version 1 fields. In version 0 these do not exist.
2290 av_log(c->fc, AV_LOG_TRACE, "version =%d, isom =%d\n", version, c->isom);
2291 if (!c->isom ||
2292 (compatible_brands && strstr(compatible_brands->value, "qt ")) ||
2293 (sc->stsd_version == 0 && version > 0)) {
2294 if (version == 1) {
2295 sc->samples_per_frame = avio_rb32(pb);
2296 avio_rb32(pb); /* bytes per packet */
2297 sc->bytes_per_frame = avio_rb32(pb);
2298 avio_rb32(pb); /* bytes per sample */
2299 } else if (version == 2) {
2300 avio_rb32(pb); /* sizeof struct only */
2301 st->codecpar->sample_rate = av_int2double(avio_rb64(pb));
2302 channel_count = avio_rb32(pb);
2303 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;
2304 st->codecpar->ch_layout.nb_channels = channel_count;
2305 avio_rb32(pb); /* always 0x7F000000 */
2306 st->codecpar->bits_per_coded_sample = avio_rb32(pb);
2307
2308 flags = avio_rb32(pb); /* lpcm format specific flag */
2309 sc->bytes_per_frame = avio_rb32(pb);
2310 sc->samples_per_frame = avio_rb32(pb);
2311 if (st->codecpar->codec_tag == MKTAG('l','p','c','m'))
2312 st->codecpar->codec_id =
2313 ff_mov_get_lpcm_codec_id(st->codecpar->bits_per_coded_sample,
2314 flags);
2315 }
2316 if (version == 0 || (version == 1 && sc->audio_cid != -2)) {
2317 /* can't correctly handle variable sized packet as audio unit */
2318 switch (st->codecpar->codec_id) {
2319 case AV_CODEC_ID_MP2:
2320 case AV_CODEC_ID_MP3:
2321 ffstream(st)->need_parsing = AVSTREAM_PARSE_FULL;
2322 break;
2323 }
2324 }
2325 }
2326
2327 if (sc->format == 0) {
2328 if (st->codecpar->bits_per_coded_sample == 8)
2329 st->codecpar->codec_id = mov_codec_id(st, MKTAG('r','a','w',' '));
2330 else if (st->codecpar->bits_per_coded_sample == 16)
2331 st->codecpar->codec_id = mov_codec_id(st, MKTAG('t','w','o','s'));
2332 }
2333
2334 switch (st->codecpar->codec_id) {
2335 case AV_CODEC_ID_PCM_S8:
2336 case AV_CODEC_ID_PCM_U8:
2337 if (st->codecpar->bits_per_coded_sample == 16)
2338 st->codecpar->codec_id = AV_CODEC_ID_PCM_S16BE;
2339 break;
2340 case AV_CODEC_ID_PCM_S16LE:
2341 case AV_CODEC_ID_PCM_S16BE:
2342 if (st->codecpar->bits_per_coded_sample == 8)
2343 st->codecpar->codec_id = AV_CODEC_ID_PCM_S8;
2344 else if (st->codecpar->bits_per_coded_sample == 24)
2345 st->codecpar->codec_id =
2346 st->codecpar->codec_id == AV_CODEC_ID_PCM_S16BE ?
2347 AV_CODEC_ID_PCM_S24BE : AV_CODEC_ID_PCM_S24LE;
2348 else if (st->codecpar->bits_per_coded_sample == 32)
2349 st->codecpar->codec_id =
2350 st->codecpar->codec_id == AV_CODEC_ID_PCM_S16BE ?
2351 AV_CODEC_ID_PCM_S32BE : AV_CODEC_ID_PCM_S32LE;
2352 break;
2353 /* set values for old format before stsd version 1 appeared */
2354 case AV_CODEC_ID_MACE3:
2355 sc->samples_per_frame = 6;
2356 sc->bytes_per_frame = 2 * st->codecpar->ch_layout.nb_channels;
2357 break;
2358 case AV_CODEC_ID_MACE6:
2359 sc->samples_per_frame = 6;
2360 sc->bytes_per_frame = 1 * st->codecpar->ch_layout.nb_channels;
2361 break;
2362 case AV_CODEC_ID_ADPCM_IMA_QT:
2363 sc->samples_per_frame = 64;
2364 sc->bytes_per_frame = 34 * st->codecpar->ch_layout.nb_channels;
2365 break;
2366 case AV_CODEC_ID_GSM:
2367 sc->samples_per_frame = 160;
2368 sc->bytes_per_frame = 33;
2369 break;
2370 default:
2371 break;
2372 }
2373
2374 bits_per_sample = av_get_bits_per_sample(st->codecpar->codec_id);
2375 if (bits_per_sample && (bits_per_sample >> 3) * (uint64_t)st->codecpar->ch_layout.nb_channels <= INT_MAX) {
2376 st->codecpar->bits_per_coded_sample = bits_per_sample;
2377 sc->sample_size = (bits_per_sample >> 3) * st->codecpar->ch_layout.nb_channels;
2378 }
2379 }
2380
mov_parse_stsd_subtitle(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc,int64_t size)2381 static void mov_parse_stsd_subtitle(MOVContext *c, AVIOContext *pb,
2382 AVStream *st, MOVStreamContext *sc,
2383 int64_t size)
2384 {
2385 // ttxt stsd contains display flags, justification, background
2386 // color, fonts, and default styles, so fake an atom to read it
2387 MOVAtom fake_atom = { .size = size };
2388 // mp4s contains a regular esds atom
2389 if (st->codecpar->codec_tag != AV_RL32("mp4s"))
2390 mov_read_glbl(c, pb, fake_atom);
2391 st->codecpar->width = sc->width;
2392 st->codecpar->height = sc->height;
2393 }
2394
yuv_to_rgba(uint32_t ycbcr)2395 static uint32_t yuv_to_rgba(uint32_t ycbcr)
2396 {
2397 uint8_t r, g, b;
2398 int y, cb, cr;
2399
2400 y = (ycbcr >> 16) & 0xFF;
2401 cr = (ycbcr >> 8) & 0xFF;
2402 cb = ycbcr & 0xFF;
2403
2404 b = av_clip_uint8((1164 * (y - 16) + 2018 * (cb - 128)) / 1000);
2405 g = av_clip_uint8((1164 * (y - 16) - 813 * (cr - 128) - 391 * (cb - 128)) / 1000);
2406 r = av_clip_uint8((1164 * (y - 16) + 1596 * (cr - 128) ) / 1000);
2407
2408 return (r << 16) | (g << 8) | b;
2409 }
2410
mov_rewrite_dvd_sub_extradata(AVStream * st)2411 static int mov_rewrite_dvd_sub_extradata(AVStream *st)
2412 {
2413 char buf[256] = {0};
2414 uint8_t *src = st->codecpar->extradata;
2415 int i, ret;
2416
2417 if (st->codecpar->extradata_size != 64)
2418 return 0;
2419
2420 if (st->codecpar->width > 0 && st->codecpar->height > 0)
2421 snprintf(buf, sizeof(buf), "size: %dx%d\n",
2422 st->codecpar->width, st->codecpar->height);
2423 av_strlcat(buf, "palette: ", sizeof(buf));
2424
2425 for (i = 0; i < 16; i++) {
2426 uint32_t yuv = AV_RB32(src + i * 4);
2427 uint32_t rgba = yuv_to_rgba(yuv);
2428
2429 av_strlcatf(buf, sizeof(buf), "%06"PRIx32"%s", rgba, i != 15 ? ", " : "");
2430 }
2431
2432 if (av_strlcat(buf, "\n", sizeof(buf)) >= sizeof(buf))
2433 return 0;
2434
2435 ret = ff_alloc_extradata(st->codecpar, strlen(buf));
2436 if (ret < 0)
2437 return ret;
2438 memcpy(st->codecpar->extradata, buf, st->codecpar->extradata_size);
2439
2440 return 0;
2441 }
2442
2443 #ifdef OHOS_TIMED_META_TRACK
mov_parse_mebx_keyd(MOVContext * c,AVIOContext * pb,AVStream * st)2444 static int mov_parse_mebx_keyd(MOVContext *c, AVIOContext *pb, AVStream *st)
2445 {
2446 int atom_size = (int)avio_rb32(pb);
2447 avio_rb32(pb); // local key id
2448 int keyd_size = (int)avio_rb32(pb);
2449 avio_rb32(pb); // keyd
2450 avio_rb32(pb); // mdta
2451 int key_value_size = keyd_size - 12; // 12 bytes to skip
2452
2453 unsigned char* buf = av_malloc(key_value_size + 1);
2454 if (!buf)
2455 return AVERROR(ENOMEM);
2456 int ret = ffio_read_size(pb, buf, key_value_size);
2457 if (ret < 0) {
2458 av_freep(&buf);
2459 av_log(c->fc, AV_LOG_WARNING, "failed to read key value\n");
2460 return ret;
2461 }
2462 buf[key_value_size] = 0;
2463 av_dict_set(&st->metadata, "timed_metadata_key", buf, 0);
2464 av_freep(&buf);
2465 return atom_size;
2466 }
2467
mov_parse_mebx_data(MOVContext * c,AVIOContext * pb,AVStream * st,int64_t size)2468 static int mov_parse_mebx_data(MOVContext *c, AVIOContext *pb,
2469 AVStream *st, int64_t size)
2470 {
2471 int read_size = 0;
2472
2473 if (c->fc->nb_streams < 1)
2474 return 0;
2475 st = c->fc->streams[c->fc->nb_streams-1];
2476
2477 int size_keys = (int)avio_rb32(pb); // size of keys
2478 avio_rb32(pb); // keys
2479 const int read_counts = 8;
2480 read_size += read_counts;
2481 while (read_size < size_keys) {
2482 int atom_size = mov_parse_mebx_keyd(c, pb, st);
2483 if (atom_size < 0) {
2484 return atom_size;
2485 }
2486 read_size += atom_size;
2487 }
2488 return 0;
2489 }
2490
mov_read_cdsc(MOVContext * c,AVIOContext * pb,MOVAtom atom)2491 static int mov_read_cdsc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2492 {
2493 AVStream *st;
2494
2495 if (c->fc->nb_streams < 1)
2496 return 0;
2497 st = c->fc->streams[c->fc->nb_streams - 1];
2498 int src_track_id = (int)avio_rb32(pb);
2499 char* metaKeyStr;
2500 metaKeyStr = av_d2str(src_track_id - 1);
2501 if (!metaKeyStr)
2502 return AVERROR(ENOMEM);
2503 av_dict_set(&st->metadata, "src_track_id", metaKeyStr, 0);
2504 av_freep(&metaKeyStr);
2505 return 0;
2506 }
2507 #endif
2508
mov_parse_stsd_data(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc,int64_t size)2509 static int mov_parse_stsd_data(MOVContext *c, AVIOContext *pb,
2510 AVStream *st, MOVStreamContext *sc,
2511 int64_t size)
2512 {
2513 int ret;
2514
2515 if (st->codecpar->codec_tag == MKTAG('t','m','c','d')) {
2516 if ((int)size != size)
2517 return AVERROR(ENOMEM);
2518
2519 ret = ff_get_extradata(c->fc, st->codecpar, pb, size);
2520 if (ret < 0)
2521 return ret;
2522 if (size > 16) {
2523 MOVStreamContext *tmcd_ctx = st->priv_data;
2524 int val;
2525 val = AV_RB32(st->codecpar->extradata + 4);
2526 tmcd_ctx->tmcd_flags = val;
2527 st->avg_frame_rate.num = AV_RB32(st->codecpar->extradata + 8); /* timescale */
2528 st->avg_frame_rate.den = AV_RB32(st->codecpar->extradata + 12); /* frameDuration */
2529 tmcd_ctx->tmcd_nb_frames = st->codecpar->extradata[16]; /* number of frames */
2530 if (size > 30) {
2531 uint32_t len = AV_RB32(st->codecpar->extradata + 18); /* name atom length */
2532 uint32_t format = AV_RB32(st->codecpar->extradata + 22);
2533 if (format == AV_RB32("name") && (int64_t)size >= (int64_t)len + 18) {
2534 uint16_t str_size = AV_RB16(st->codecpar->extradata + 26); /* string length */
2535 if (str_size > 0 && size >= (int)str_size + 30 &&
2536 st->codecpar->extradata[30] /* Don't add empty string */) {
2537 char *reel_name = av_malloc(str_size + 1);
2538 if (!reel_name)
2539 return AVERROR(ENOMEM);
2540 memcpy(reel_name, st->codecpar->extradata + 30, str_size);
2541 reel_name[str_size] = 0; /* Add null terminator */
2542 av_dict_set(&st->metadata, "reel_name", reel_name,
2543 AV_DICT_DONT_STRDUP_VAL);
2544 }
2545 }
2546 }
2547 }
2548 } else {
2549 /* other codec type, just skip (rtp, mp4s ...) */
2550 avio_skip(pb, size);
2551 }
2552 return 0;
2553 }
2554
mov_finalize_stsd_codec(MOVContext * c,AVIOContext * pb,AVStream * st,MOVStreamContext * sc)2555 static int mov_finalize_stsd_codec(MOVContext *c, AVIOContext *pb,
2556 AVStream *st, MOVStreamContext *sc)
2557 {
2558 FFStream *const sti = ffstream(st);
2559
2560 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
2561 !st->codecpar->sample_rate && sc->time_scale > 1)
2562 st->codecpar->sample_rate = sc->time_scale;
2563
2564 /* special codec parameters handling */
2565 switch (st->codecpar->codec_id) {
2566 #if CONFIG_DV_DEMUXER
2567 case AV_CODEC_ID_DVAUDIO:
2568 c->dv_fctx = avformat_alloc_context();
2569 if (!c->dv_fctx) {
2570 av_log(c->fc, AV_LOG_ERROR, "dv demux context alloc error\n");
2571 return AVERROR(ENOMEM);
2572 }
2573 c->dv_demux = avpriv_dv_init_demux(c->dv_fctx);
2574 if (!c->dv_demux) {
2575 av_log(c->fc, AV_LOG_ERROR, "dv demux context init error\n");
2576 return AVERROR(ENOMEM);
2577 }
2578 sc->dv_audio_container = 1;
2579 st->codecpar->codec_id = AV_CODEC_ID_PCM_S16LE;
2580 break;
2581 #endif
2582 /* no ifdef since parameters are always those */
2583 case AV_CODEC_ID_QCELP:
2584 av_channel_layout_uninit(&st->codecpar->ch_layout);
2585 st->codecpar->ch_layout = (AVChannelLayout)AV_CHANNEL_LAYOUT_MONO;
2586 // force sample rate for qcelp when not stored in mov
2587 if (st->codecpar->codec_tag != MKTAG('Q','c','l','p'))
2588 st->codecpar->sample_rate = 8000;
2589 // FIXME: Why is the following needed for some files?
2590 sc->samples_per_frame = 160;
2591 if (!sc->bytes_per_frame)
2592 sc->bytes_per_frame = 35;
2593 break;
2594 case AV_CODEC_ID_AMR_NB:
2595 av_channel_layout_uninit(&st->codecpar->ch_layout);
2596 st->codecpar->ch_layout = (AVChannelLayout)AV_CHANNEL_LAYOUT_MONO;
2597 /* force sample rate for amr, stsd in 3gp does not store sample rate */
2598 st->codecpar->sample_rate = 8000;
2599 break;
2600 case AV_CODEC_ID_AMR_WB:
2601 av_channel_layout_uninit(&st->codecpar->ch_layout);
2602 st->codecpar->ch_layout = (AVChannelLayout)AV_CHANNEL_LAYOUT_MONO;
2603 st->codecpar->sample_rate = 16000;
2604 break;
2605 case AV_CODEC_ID_MP2:
2606 case AV_CODEC_ID_MP3:
2607 /* force type after stsd for m1a hdlr */
2608 st->codecpar->codec_type = AVMEDIA_TYPE_AUDIO;
2609 break;
2610 case AV_CODEC_ID_GSM:
2611 case AV_CODEC_ID_ADPCM_MS:
2612 case AV_CODEC_ID_ADPCM_IMA_WAV:
2613 case AV_CODEC_ID_ILBC:
2614 case AV_CODEC_ID_MACE3:
2615 case AV_CODEC_ID_MACE6:
2616 case AV_CODEC_ID_QDM2:
2617 st->codecpar->block_align = sc->bytes_per_frame;
2618 break;
2619 case AV_CODEC_ID_ALAC:
2620 if (st->codecpar->extradata_size == 36) {
2621 int channel_count = AV_RB8(st->codecpar->extradata + 21);
2622 if (st->codecpar->ch_layout.nb_channels != channel_count) {
2623 av_channel_layout_uninit(&st->codecpar->ch_layout);
2624 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_UNSPEC;
2625 st->codecpar->ch_layout.nb_channels = channel_count;
2626 }
2627 st->codecpar->sample_rate = AV_RB32(st->codecpar->extradata + 32);
2628 }
2629 break;
2630 case AV_CODEC_ID_AC3:
2631 case AV_CODEC_ID_EAC3:
2632 case AV_CODEC_ID_MPEG1VIDEO:
2633 case AV_CODEC_ID_VC1:
2634 case AV_CODEC_ID_VP8:
2635 case AV_CODEC_ID_VP9:
2636 sti->need_parsing = AVSTREAM_PARSE_FULL;
2637 break;
2638 case AV_CODEC_ID_AV1:
2639 /* field_order detection of H264 requires parsing */
2640 case AV_CODEC_ID_H264:
2641 sti->need_parsing = AVSTREAM_PARSE_HEADERS;
2642 break;
2643 default:
2644 break;
2645 }
2646 return 0;
2647 }
2648
mov_skip_multiple_stsd(MOVContext * c,AVIOContext * pb,int codec_tag,int format,int64_t size)2649 static int mov_skip_multiple_stsd(MOVContext *c, AVIOContext *pb,
2650 int codec_tag, int format,
2651 int64_t size)
2652 {
2653 if (codec_tag &&
2654 (codec_tag != format &&
2655 // AVID 1:1 samples with differing data format and codec tag exist
2656 (codec_tag != AV_RL32("AV1x") || format != AV_RL32("AVup")) &&
2657 // prores is allowed to have differing data format and codec tag
2658 codec_tag != AV_RL32("apcn") && codec_tag != AV_RL32("apch") &&
2659 // so is dv (sigh)
2660 codec_tag != AV_RL32("dvpp") && codec_tag != AV_RL32("dvcp") &&
2661 (c->fc->video_codec_id ? ff_codec_get_id(ff_codec_movvideo_tags, format) != c->fc->video_codec_id
2662 : codec_tag != MKTAG('j','p','e','g')))) {
2663 /* Multiple fourcc, we skip JPEG. This is not correct, we should
2664 * export it as a separate AVStream but this needs a few changes
2665 * in the MOV demuxer, patch welcome. */
2666
2667 av_log(c->fc, AV_LOG_WARNING, "multiple fourcc not supported\n");
2668 avio_skip(pb, size);
2669 return 1;
2670 }
2671
2672 return 0;
2673 }
2674
ff_mov_read_stsd_entries(MOVContext * c,AVIOContext * pb,int entries)2675 int ff_mov_read_stsd_entries(MOVContext *c, AVIOContext *pb, int entries)
2676 {
2677 av_log(c->fc, AV_LOG_INFO, "enter\n");
2678 AVStream *st;
2679 MOVStreamContext *sc;
2680 int pseudo_stream_id;
2681
2682 av_assert0 (c->fc->nb_streams >= 1);
2683 st = c->fc->streams[c->fc->nb_streams-1];
2684 sc = st->priv_data;
2685
2686 for (pseudo_stream_id = 0;
2687 pseudo_stream_id < entries && !pb->eof_reached;
2688 pseudo_stream_id++) {
2689 //Parsing Sample description table
2690 enum AVCodecID id;
2691 int ret, dref_id = 1;
2692 MOVAtom a = { AV_RL32("stsd") };
2693 int64_t start_pos = avio_tell(pb);
2694 int64_t size = avio_rb32(pb); /* size */
2695 uint32_t format = avio_rl32(pb); /* data format */
2696 av_log(c->fc, AV_LOG_INFO, "stsd_entries, size:%ld, format:%u\n", size, format);
2697
2698 if (size >= 16) {
2699 avio_rb32(pb); /* reserved */
2700 avio_rb16(pb); /* reserved */
2701 dref_id = avio_rb16(pb);
2702 } else if (size <= 7) {
2703 av_log(c->fc, AV_LOG_ERROR,
2704 "invalid size %"PRId64" in stsd\n", size);
2705 return AVERROR_INVALIDDATA;
2706 }
2707
2708 if (mov_skip_multiple_stsd(c, pb, st->codecpar->codec_tag, format,
2709 size - (avio_tell(pb) - start_pos))) {
2710 sc->stsd_count++;
2711 continue;
2712 }
2713
2714 sc->pseudo_stream_id = st->codecpar->codec_tag ? -1 : pseudo_stream_id;
2715 sc->dref_id = dref_id;
2716 sc->format = format;
2717
2718 id = mov_codec_id(st, format);
2719
2720 av_log(c->fc, AV_LOG_TRACE,
2721 "size=%"PRId64" 4CC=%s codec_type=%d\n", size,
2722 av_fourcc2str(format), st->codecpar->codec_type);
2723
2724 st->codecpar->codec_id = id;
2725 if (st->codecpar->codec_type==AVMEDIA_TYPE_VIDEO) {
2726 mov_parse_stsd_video(c, pb, st, sc);
2727 } else if (st->codecpar->codec_type==AVMEDIA_TYPE_AUDIO) {
2728 mov_parse_stsd_audio(c, pb, st, sc);
2729 if (st->codecpar->sample_rate < 0) {
2730 av_log(c->fc, AV_LOG_ERROR, "Invalid sample rate %d\n", st->codecpar->sample_rate);
2731 return AVERROR_INVALIDDATA;
2732 }
2733 if (st->codecpar->ch_layout.nb_channels < 0) {
2734 av_log(c->fc, AV_LOG_ERROR, "Invalid channels %d\n", st->codecpar->ch_layout.nb_channels);
2735 return AVERROR_INVALIDDATA;
2736 }
2737 } else if (st->codecpar->codec_type==AVMEDIA_TYPE_SUBTITLE){
2738 mov_parse_stsd_subtitle(c, pb, st, sc,
2739 size - (avio_tell(pb) - start_pos));
2740 } else {
2741 #ifdef OHOS_TIMED_META_TRACK
2742 if (st->codecpar->codec_type != AVMEDIA_TYPE_TIMEDMETA) {
2743 ret = mov_parse_stsd_data(c, pb, st, sc,
2744 size - (avio_tell(pb) - start_pos));
2745 } else {
2746 ret = mov_parse_mebx_data(c, pb, st,
2747 size - (avio_tell(pb) - start_pos));
2748 }
2749 if (ret < 0)
2750 return ret;
2751 #else
2752 ret = mov_parse_stsd_data(c, pb, st, sc,
2753 size - (avio_tell(pb) - start_pos));
2754 if (ret < 0)
2755 return ret;
2756 #endif
2757 }
2758 /* this will read extra atoms at the end (wave, alac, damr, avcC, hvcC, SMI ...) */
2759 a.size = size - (avio_tell(pb) - start_pos);
2760 av_log(c->fc, AV_LOG_INFO, "stsd_entries, a.size:%d\n", a.size);
2761 if (a.size > 8) {
2762 if ((ret = mov_read_default(c, pb, a)) < 0)
2763 return ret;
2764 } else if (a.size > 0)
2765 avio_skip(pb, a.size);
2766
2767 if (sc->extradata && st->codecpar->extradata) {
2768 int extra_size = st->codecpar->extradata_size;
2769
2770 /* Move the current stream extradata to the stream context one. */
2771 sc->extradata_size[pseudo_stream_id] = extra_size;
2772 sc->extradata[pseudo_stream_id] = st->codecpar->extradata;
2773 st->codecpar->extradata = NULL;
2774 st->codecpar->extradata_size = 0;
2775 }
2776 sc->stsd_count++;
2777 }
2778
2779 if (pb->eof_reached) {
2780 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSD atom\n");
2781 return AVERROR_EOF;
2782 }
2783
2784 return 0;
2785 }
2786
mov_read_stsd(MOVContext * c,AVIOContext * pb,MOVAtom atom)2787 static int mov_read_stsd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2788 {
2789 AVStream *st;
2790 MOVStreamContext *sc;
2791 int ret, entries;
2792
2793 if (c->fc->nb_streams < 1)
2794 return 0;
2795 st = c->fc->streams[c->fc->nb_streams - 1];
2796 sc = st->priv_data;
2797
2798 sc->stsd_version = avio_r8(pb);
2799 avio_rb24(pb); /* flags */
2800 entries = avio_rb32(pb);
2801
2802 /* Each entry contains a size (4 bytes) and format (4 bytes). */
2803 if (entries <= 0 || entries > atom.size / 8 || entries > 1024) {
2804 av_log(c->fc, AV_LOG_ERROR, "invalid STSD entries %d\n", entries);
2805 return AVERROR_INVALIDDATA;
2806 }
2807
2808 if (sc->extradata) {
2809 av_log(c->fc, AV_LOG_ERROR,
2810 "Duplicate stsd found in this track.\n");
2811 return AVERROR_INVALIDDATA;
2812 }
2813
2814 /* Prepare space for hosting multiple extradata. */
2815 sc->extradata = av_calloc(entries, sizeof(*sc->extradata));
2816 if (!sc->extradata)
2817 return AVERROR(ENOMEM);
2818
2819 sc->extradata_size = av_calloc(entries, sizeof(*sc->extradata_size));
2820 if (!sc->extradata_size) {
2821 ret = AVERROR(ENOMEM);
2822 goto fail;
2823 }
2824
2825 ret = ff_mov_read_stsd_entries(c, pb, entries);
2826 if (ret < 0)
2827 goto fail;
2828
2829 /* Restore back the primary extradata. */
2830 av_freep(&st->codecpar->extradata);
2831 st->codecpar->extradata_size = sc->extradata_size[0];
2832 if (sc->extradata_size[0]) {
2833 st->codecpar->extradata = av_mallocz(sc->extradata_size[0] + AV_INPUT_BUFFER_PADDING_SIZE);
2834 if (!st->codecpar->extradata)
2835 return AVERROR(ENOMEM);
2836 memcpy(st->codecpar->extradata, sc->extradata[0], sc->extradata_size[0]);
2837 }
2838
2839 return mov_finalize_stsd_codec(c, pb, st, sc);
2840 fail:
2841 if (sc->extradata) {
2842 int j;
2843 for (j = 0; j < sc->stsd_count; j++)
2844 av_freep(&sc->extradata[j]);
2845 }
2846
2847 av_freep(&sc->extradata);
2848 av_freep(&sc->extradata_size);
2849 return ret;
2850 }
2851
mov_read_stsc(MOVContext * c,AVIOContext * pb,MOVAtom atom)2852 static int mov_read_stsc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2853 {
2854 AVStream *st;
2855 MOVStreamContext *sc;
2856 unsigned int i, entries;
2857
2858 if (c->fc->nb_streams < 1)
2859 return 0;
2860 st = c->fc->streams[c->fc->nb_streams-1];
2861 sc = st->priv_data;
2862
2863 avio_r8(pb); /* version */
2864 avio_rb24(pb); /* flags */
2865
2866 entries = avio_rb32(pb);
2867 if ((uint64_t)entries * 12 + 4 > atom.size)
2868 return AVERROR_INVALIDDATA;
2869
2870 av_log(c->fc, AV_LOG_TRACE, "track[%u].stsc.entries = %u\n", c->fc->nb_streams - 1, entries);
2871
2872 if (!entries)
2873 return 0;
2874 if (sc->stsc_data) {
2875 av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicated STSC atom\n");
2876 return 0;
2877 }
2878 av_free(sc->stsc_data);
2879 sc->stsc_count = 0;
2880 sc->stsc_data = av_malloc_array(entries, sizeof(*sc->stsc_data));
2881 if (!sc->stsc_data)
2882 return AVERROR(ENOMEM);
2883
2884 for (i = 0; i < entries && !pb->eof_reached; i++) {
2885 sc->stsc_data[i].first = avio_rb32(pb);
2886 sc->stsc_data[i].count = avio_rb32(pb);
2887 sc->stsc_data[i].id = avio_rb32(pb);
2888 }
2889
2890 sc->stsc_count = i;
2891 for (i = sc->stsc_count - 1; i < UINT_MAX; i--) {
2892 int64_t first_min = i + 1;
2893 if ((i+1 < sc->stsc_count && sc->stsc_data[i].first >= sc->stsc_data[i+1].first) ||
2894 (i > 0 && sc->stsc_data[i].first <= sc->stsc_data[i-1].first) ||
2895 sc->stsc_data[i].first < first_min ||
2896 sc->stsc_data[i].count < 1 ||
2897 sc->stsc_data[i].id < 1) {
2898 av_log(c->fc, AV_LOG_WARNING, "STSC entry %d is invalid (first=%d count=%d id=%d)\n", i, sc->stsc_data[i].first, sc->stsc_data[i].count, sc->stsc_data[i].id);
2899 if (i+1 >= sc->stsc_count) {
2900 if (sc->stsc_data[i].count == 0 && i > 0) {
2901 sc->stsc_count --;
2902 continue;
2903 }
2904 sc->stsc_data[i].first = FFMAX(sc->stsc_data[i].first, first_min);
2905 if (i > 0 && sc->stsc_data[i].first <= sc->stsc_data[i-1].first)
2906 sc->stsc_data[i].first = FFMIN(sc->stsc_data[i-1].first + 1LL, INT_MAX);
2907 sc->stsc_data[i].count = FFMAX(sc->stsc_data[i].count, 1);
2908 sc->stsc_data[i].id = FFMAX(sc->stsc_data[i].id, 1);
2909 continue;
2910 }
2911 av_assert0(sc->stsc_data[i+1].first >= 2);
2912 // We replace this entry by the next valid
2913 sc->stsc_data[i].first = sc->stsc_data[i+1].first - 1;
2914 sc->stsc_data[i].count = sc->stsc_data[i+1].count;
2915 sc->stsc_data[i].id = sc->stsc_data[i+1].id;
2916 }
2917 }
2918
2919 if (pb->eof_reached) {
2920 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSC atom\n");
2921 return AVERROR_EOF;
2922 }
2923
2924 return 0;
2925 }
2926
mov_stsc_index_valid(unsigned int index,unsigned int count)2927 static inline int mov_stsc_index_valid(unsigned int index, unsigned int count)
2928 {
2929 return index < count - 1;
2930 }
2931
2932 /* Compute the samples value for the stsc entry at the given index. */
mov_get_stsc_samples(MOVStreamContext * sc,unsigned int index)2933 static inline int64_t mov_get_stsc_samples(MOVStreamContext *sc, unsigned int index)
2934 {
2935 int chunk_count;
2936
2937 if (mov_stsc_index_valid(index, sc->stsc_count))
2938 chunk_count = sc->stsc_data[index + 1].first - sc->stsc_data[index].first;
2939 else {
2940 // Validation for stsc / stco happens earlier in mov_read_stsc + mov_read_trak.
2941 av_assert0(sc->stsc_data[index].first <= sc->chunk_count);
2942 chunk_count = sc->chunk_count - (sc->stsc_data[index].first - 1);
2943 }
2944
2945 return sc->stsc_data[index].count * (int64_t)chunk_count;
2946 }
2947
mov_read_stps(MOVContext * c,AVIOContext * pb,MOVAtom atom)2948 static int mov_read_stps(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2949 {
2950 AVStream *st;
2951 MOVStreamContext *sc;
2952 unsigned i, entries;
2953
2954 if (c->fc->nb_streams < 1)
2955 return 0;
2956 st = c->fc->streams[c->fc->nb_streams-1];
2957 sc = st->priv_data;
2958
2959 avio_rb32(pb); // version + flags
2960
2961 entries = avio_rb32(pb);
2962 if (sc->stps_data)
2963 av_log(c->fc, AV_LOG_WARNING, "Duplicated STPS atom\n");
2964 av_free(sc->stps_data);
2965 sc->stps_count = 0;
2966 sc->stps_data = av_malloc_array(entries, sizeof(*sc->stps_data));
2967 if (!sc->stps_data)
2968 return AVERROR(ENOMEM);
2969
2970 for (i = 0; i < entries && !pb->eof_reached; i++) {
2971 sc->stps_data[i] = avio_rb32(pb);
2972 }
2973
2974 sc->stps_count = i;
2975
2976 if (pb->eof_reached) {
2977 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STPS atom\n");
2978 return AVERROR_EOF;
2979 }
2980
2981 return 0;
2982 }
2983
mov_read_stss(MOVContext * c,AVIOContext * pb,MOVAtom atom)2984 static int mov_read_stss(MOVContext *c, AVIOContext *pb, MOVAtom atom)
2985 {
2986 AVStream *st;
2987 FFStream *sti;
2988 MOVStreamContext *sc;
2989 unsigned int i, entries;
2990
2991 if (c->fc->nb_streams < 1)
2992 return 0;
2993 st = c->fc->streams[c->fc->nb_streams-1];
2994 sti = ffstream(st);
2995 sc = st->priv_data;
2996
2997 avio_r8(pb); /* version */
2998 avio_rb24(pb); /* flags */
2999
3000 entries = avio_rb32(pb);
3001
3002 av_log(c->fc, AV_LOG_TRACE, "keyframe_count = %u\n", entries);
3003
3004 if (!entries) {
3005 sc->keyframe_absent = 1;
3006 if (!sti->need_parsing && st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO)
3007 sti->need_parsing = AVSTREAM_PARSE_HEADERS;
3008 return 0;
3009 }
3010 if (sc->keyframes)
3011 av_log(c->fc, AV_LOG_WARNING, "Duplicated STSS atom\n");
3012 if (entries >= UINT_MAX / sizeof(int))
3013 return AVERROR_INVALIDDATA;
3014 av_freep(&sc->keyframes);
3015 sc->keyframe_count = 0;
3016 sc->keyframes = av_malloc_array(entries, sizeof(*sc->keyframes));
3017 if (!sc->keyframes)
3018 return AVERROR(ENOMEM);
3019
3020 for (i = 0; i < entries && !pb->eof_reached; i++) {
3021 sc->keyframes[i] = avio_rb32(pb);
3022 }
3023
3024 sc->keyframe_count = i;
3025
3026 if (pb->eof_reached) {
3027 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STSS atom\n");
3028 return AVERROR_EOF;
3029 }
3030
3031 return 0;
3032 }
3033
mov_read_stsz(MOVContext * c,AVIOContext * pb,MOVAtom atom)3034 static int mov_read_stsz(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3035 {
3036 AVStream *st;
3037 MOVStreamContext *sc;
3038 unsigned int i, entries, sample_size, field_size, num_bytes;
3039 GetBitContext gb;
3040 unsigned char* buf;
3041 int ret;
3042
3043 if (c->fc->nb_streams < 1)
3044 return 0;
3045 st = c->fc->streams[c->fc->nb_streams-1];
3046 sc = st->priv_data;
3047
3048 avio_r8(pb); /* version */
3049 avio_rb24(pb); /* flags */
3050
3051 if (atom.type == MKTAG('s','t','s','z')) {
3052 sample_size = avio_rb32(pb);
3053 if (!sc->sample_size) /* do not overwrite value computed in stsd */
3054 sc->sample_size = sample_size;
3055 sc->stsz_sample_size = sample_size;
3056 field_size = 32;
3057 } else {
3058 sample_size = 0;
3059 avio_rb24(pb); /* reserved */
3060 field_size = avio_r8(pb);
3061 }
3062 entries = avio_rb32(pb);
3063
3064 av_log(c->fc, AV_LOG_TRACE, "sample_size = %u sample_count = %u\n", sc->sample_size, entries);
3065
3066 sc->sample_count = entries;
3067 if (sample_size)
3068 return 0;
3069
3070 if (field_size != 4 && field_size != 8 && field_size != 16 && field_size != 32) {
3071 av_log(c->fc, AV_LOG_ERROR, "Invalid sample field size %u\n", field_size);
3072 return AVERROR_INVALIDDATA;
3073 }
3074
3075 if (!entries)
3076 return 0;
3077 if (entries >= (INT_MAX - 4 - 8 * AV_INPUT_BUFFER_PADDING_SIZE) / field_size)
3078 return AVERROR_INVALIDDATA;
3079 if (sc->sample_sizes)
3080 av_log(c->fc, AV_LOG_WARNING, "Duplicated STSZ atom\n");
3081 av_free(sc->sample_sizes);
3082 sc->sample_count = 0;
3083 sc->sample_sizes = av_malloc_array(entries, sizeof(*sc->sample_sizes));
3084 if (!sc->sample_sizes)
3085 return AVERROR(ENOMEM);
3086
3087 num_bytes = (entries*field_size+4)>>3;
3088
3089 buf = av_malloc(num_bytes+AV_INPUT_BUFFER_PADDING_SIZE);
3090 if (!buf) {
3091 av_freep(&sc->sample_sizes);
3092 return AVERROR(ENOMEM);
3093 }
3094
3095 ret = ffio_read_size(pb, buf, num_bytes);
3096 if (ret < 0) {
3097 av_freep(&sc->sample_sizes);
3098 av_free(buf);
3099 av_log(c->fc, AV_LOG_WARNING, "STSZ atom truncated\n");
3100 return 0;
3101 }
3102
3103 init_get_bits(&gb, buf, 8*num_bytes);
3104
3105 for (i = 0; i < entries; i++) {
3106 sc->sample_sizes[i] = get_bits_long(&gb, field_size);
3107 if (sc->sample_sizes[i] < 0) {
3108 av_free(buf);
3109 av_log(c->fc, AV_LOG_ERROR, "Invalid sample size %d\n", sc->sample_sizes[i]);
3110 return AVERROR_INVALIDDATA;
3111 }
3112 sc->data_size += sc->sample_sizes[i];
3113 }
3114
3115 sc->sample_count = i;
3116
3117 av_free(buf);
3118
3119 return 0;
3120 }
3121
mov_read_stts(MOVContext * c,AVIOContext * pb,MOVAtom atom)3122 static int mov_read_stts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3123 {
3124 AVStream *st;
3125 MOVStreamContext *sc;
3126 unsigned int i, entries, alloc_size = 0;
3127 int64_t duration = 0;
3128 int64_t total_sample_count = 0;
3129 int64_t current_dts = 0;
3130 int64_t corrected_dts = 0;
3131
3132 if (c->fc->nb_streams < 1)
3133 return 0;
3134 st = c->fc->streams[c->fc->nb_streams-1];
3135 sc = st->priv_data;
3136
3137 avio_r8(pb); /* version */
3138 avio_rb24(pb); /* flags */
3139 entries = avio_rb32(pb);
3140
3141 av_log(c->fc, AV_LOG_TRACE, "track[%u].stts.entries = %u\n",
3142 c->fc->nb_streams-1, entries);
3143
3144 if (sc->stts_data)
3145 av_log(c->fc, AV_LOG_WARNING, "Duplicated STTS atom\n");
3146 av_freep(&sc->stts_data);
3147 sc->stts_count = 0;
3148 if (entries >= INT_MAX / sizeof(*sc->stts_data))
3149 return AVERROR(ENOMEM);
3150
3151 for (i = 0; i < entries && !pb->eof_reached; i++) {
3152 unsigned int sample_duration;
3153 unsigned int sample_count;
3154 unsigned int min_entries = FFMIN(FFMAX(i + 1, 1024 * 1024), entries);
3155 MOVStts *stts_data = av_fast_realloc(sc->stts_data, &alloc_size,
3156 min_entries * sizeof(*sc->stts_data));
3157 if (!stts_data) {
3158 av_freep(&sc->stts_data);
3159 sc->stts_count = 0;
3160 return AVERROR(ENOMEM);
3161 }
3162 sc->stts_count = min_entries;
3163 sc->stts_data = stts_data;
3164
3165 sample_count = avio_rb32(pb);
3166 sample_duration = avio_rb32(pb);
3167
3168 sc->stts_data[i].count= sample_count;
3169 sc->stts_data[i].duration= sample_duration;
3170
3171 av_log(c->fc, AV_LOG_TRACE, "sample_count=%u, sample_duration=%u\n",
3172 sample_count, sample_duration);
3173
3174 /* STTS sample offsets are uint32 but some files store it as int32
3175 * with negative values used to correct DTS delays.
3176 There may be abnormally large values as well. */
3177 if (sample_duration > c->max_stts_delta) {
3178 // assume high delta is a correction if negative when cast as int32
3179 int32_t delta_magnitude = (int32_t)sample_duration;
3180 av_log(c->fc, AV_LOG_WARNING, "Too large sample offset %u in stts entry %u with count %u in st:%d. Clipping to 1.\n",
3181 sample_duration, i, sample_count, st->index);
3182 sc->stts_data[i].duration = 1;
3183 corrected_dts += (delta_magnitude < 0 ? (int64_t)delta_magnitude : 1) * sample_count;
3184 } else {
3185 corrected_dts += sample_duration * (int64_t)sample_count;
3186 }
3187
3188 current_dts += sc->stts_data[i].duration * (int64_t)sample_count;
3189
3190 if (current_dts > corrected_dts) {
3191 int64_t drift = (current_dts - corrected_dts)/FFMAX(sample_count, 1);
3192 uint32_t correction = (sc->stts_data[i].duration > drift) ? drift : sc->stts_data[i].duration - 1;
3193 current_dts -= correction * (uint64_t)sample_count;
3194 sc->stts_data[i].duration -= correction;
3195 }
3196
3197 duration+=(int64_t)sc->stts_data[i].duration*(uint64_t)sc->stts_data[i].count;
3198 total_sample_count+=sc->stts_data[i].count;
3199 }
3200
3201 sc->stts_count = i;
3202
3203 #ifdef OHOS_EXPAND_MP4_INFO
3204 if (sc->stts_count > 0) {
3205 st->stts_count = sc->stts_count;
3206 st->stts_data = malloc(st->stts_count * sizeof(AVMOVStts));
3207 if (st->stts_data != NULL) {
3208 memcpy(st->stts_data, sc->stts_data, st->stts_count * sizeof(AVMOVStts));
3209 } else {
3210 av_log(c->fc, AV_LOG_WARNING, "st->stts_data malloc failed\n");
3211 st->stts_count = 0;
3212 }
3213 }
3214 #endif
3215
3216 if (duration > 0 &&
3217 duration <= INT64_MAX - sc->duration_for_fps &&
3218 total_sample_count <= INT_MAX - sc->nb_frames_for_fps) {
3219 sc->duration_for_fps += duration;
3220 sc->nb_frames_for_fps += total_sample_count;
3221 }
3222
3223 if (pb->eof_reached) {
3224 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted STTS atom\n");
3225 return AVERROR_EOF;
3226 }
3227
3228 st->nb_frames= total_sample_count;
3229 if (duration)
3230 st->duration= FFMIN(st->duration, duration);
3231 sc->track_end = duration;
3232 return 0;
3233 }
3234
mov_read_sdtp(MOVContext * c,AVIOContext * pb,MOVAtom atom)3235 static int mov_read_sdtp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3236 {
3237 AVStream *st;
3238 MOVStreamContext *sc;
3239 int64_t i, entries;
3240
3241 if (c->fc->nb_streams < 1)
3242 return 0;
3243 st = c->fc->streams[c->fc->nb_streams - 1];
3244 sc = st->priv_data;
3245
3246 avio_r8(pb); /* version */
3247 avio_rb24(pb); /* flags */
3248 entries = atom.size - 4;
3249
3250 av_log(c->fc, AV_LOG_TRACE, "track[%u].sdtp.entries = %" PRId64 "\n",
3251 c->fc->nb_streams - 1, entries);
3252
3253 if (sc->sdtp_data)
3254 av_log(c->fc, AV_LOG_WARNING, "Duplicated SDTP atom\n");
3255 av_freep(&sc->sdtp_data);
3256 sc->sdtp_count = 0;
3257
3258 sc->sdtp_data = av_malloc(entries);
3259 if (!sc->sdtp_data)
3260 return AVERROR(ENOMEM);
3261
3262 for (i = 0; i < entries && !pb->eof_reached; i++)
3263 sc->sdtp_data[i] = avio_r8(pb);
3264 sc->sdtp_count = i;
3265
3266 return 0;
3267 }
3268
mov_update_dts_shift(MOVStreamContext * sc,int duration,void * logctx)3269 static void mov_update_dts_shift(MOVStreamContext *sc, int duration, void *logctx)
3270 {
3271 if (duration < 0) {
3272 if (duration == INT_MIN) {
3273 av_log(logctx, AV_LOG_WARNING, "mov_update_dts_shift(): dts_shift set to %d\n", INT_MAX);
3274 duration++;
3275 }
3276 sc->dts_shift = FFMAX(sc->dts_shift, -duration);
3277 }
3278 }
3279
mov_read_ctts(MOVContext * c,AVIOContext * pb,MOVAtom atom)3280 static int mov_read_ctts(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3281 {
3282 AVStream *st;
3283 MOVStreamContext *sc;
3284 unsigned int i, entries, ctts_count = 0;
3285
3286 if (c->fc->nb_streams < 1)
3287 return 0;
3288 st = c->fc->streams[c->fc->nb_streams-1];
3289 sc = st->priv_data;
3290
3291 avio_r8(pb); /* version */
3292 avio_rb24(pb); /* flags */
3293 entries = avio_rb32(pb);
3294
3295 av_log(c->fc, AV_LOG_TRACE, "track[%u].ctts.entries = %u\n", c->fc->nb_streams - 1, entries);
3296
3297 if (!entries)
3298 return 0;
3299 if (entries >= UINT_MAX / sizeof(*sc->ctts_data))
3300 return AVERROR_INVALIDDATA;
3301 av_freep(&sc->ctts_data);
3302 sc->ctts_data = av_fast_realloc(NULL, &sc->ctts_allocated_size, entries * sizeof(*sc->ctts_data));
3303 if (!sc->ctts_data)
3304 return AVERROR(ENOMEM);
3305
3306 for (i = 0; i < entries && !pb->eof_reached; i++) {
3307 int count = avio_rb32(pb);
3308 int duration = avio_rb32(pb);
3309
3310 if (count <= 0) {
3311 av_log(c->fc, AV_LOG_TRACE,
3312 "ignoring CTTS entry with count=%d duration=%d\n",
3313 count, duration);
3314 continue;
3315 }
3316
3317 add_ctts_entry(&sc->ctts_data, &ctts_count, &sc->ctts_allocated_size,
3318 count, duration);
3319
3320 av_log(c->fc, AV_LOG_TRACE, "count=%d, duration=%d\n",
3321 count, duration);
3322
3323 if (FFNABS(duration) < -(1<<28) && i+2<entries) {
3324 av_log(c->fc, AV_LOG_WARNING, "CTTS invalid\n");
3325 av_freep(&sc->ctts_data);
3326 sc->ctts_count = 0;
3327 return 0;
3328 }
3329
3330 if (i+2<entries)
3331 mov_update_dts_shift(sc, duration, c->fc);
3332 }
3333
3334 sc->ctts_count = ctts_count;
3335
3336 #ifdef OHOS_EXPAND_MP4_INFO
3337 if (sc->ctts_count > 0) {
3338 st->ctts_count = sc->ctts_count;
3339 st->ctts_data = malloc(st->ctts_count * sizeof(AVMOVCtts));
3340 if (st->ctts_data != NULL) {
3341 memcpy(st->ctts_data, sc->ctts_data, st->ctts_count * sizeof(AVMOVCtts));
3342 } else {
3343 av_log(c->fc, AV_LOG_WARNING, "st->ctts_data malloc failed\n");
3344 st->ctts_count = 0;
3345 }
3346 }
3347 #endif
3348
3349 if (pb->eof_reached) {
3350 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted CTTS atom\n");
3351 return AVERROR_EOF;
3352 }
3353
3354 av_log(c->fc, AV_LOG_TRACE, "dts shift %d\n", sc->dts_shift);
3355
3356 return 0;
3357 }
3358
mov_read_sgpd(MOVContext * c,AVIOContext * pb,MOVAtom atom)3359 static int mov_read_sgpd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3360 {
3361 AVStream *st;
3362 MOVStreamContext *sc;
3363 uint8_t version;
3364 uint32_t grouping_type;
3365 uint32_t default_length;
3366 av_unused uint32_t default_group_description_index;
3367 uint32_t entry_count;
3368
3369 if (c->fc->nb_streams < 1)
3370 return 0;
3371 st = c->fc->streams[c->fc->nb_streams - 1];
3372 sc = st->priv_data;
3373
3374 version = avio_r8(pb); /* version */
3375 avio_rb24(pb); /* flags */
3376 grouping_type = avio_rl32(pb);
3377
3378 /*
3379 * This function only supports "sync" boxes, but the code is able to parse
3380 * other boxes (such as "tscl", "tsas" and "stsa")
3381 */
3382 if (grouping_type != MKTAG('s','y','n','c'))
3383 return 0;
3384
3385 default_length = version >= 1 ? avio_rb32(pb) : 0;
3386 default_group_description_index = version >= 2 ? avio_rb32(pb) : 0;
3387 entry_count = avio_rb32(pb);
3388
3389 av_freep(&sc->sgpd_sync);
3390 sc->sgpd_sync_count = entry_count;
3391 sc->sgpd_sync = av_calloc(entry_count, sizeof(*sc->sgpd_sync));
3392 if (!sc->sgpd_sync)
3393 return AVERROR(ENOMEM);
3394
3395 for (uint32_t i = 0; i < entry_count && !pb->eof_reached; i++) {
3396 uint32_t description_length = default_length;
3397 if (version >= 1 && default_length == 0)
3398 description_length = avio_rb32(pb);
3399 if (grouping_type == MKTAG('s','y','n','c')) {
3400 const uint8_t nal_unit_type = avio_r8(pb) & 0x3f;
3401 sc->sgpd_sync[i] = nal_unit_type;
3402 description_length -= 1;
3403 }
3404 avio_skip(pb, description_length);
3405 }
3406
3407 if (pb->eof_reached) {
3408 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted SGPD atom\n");
3409 return AVERROR_EOF;
3410 }
3411
3412 return 0;
3413 }
3414
mov_read_sbgp(MOVContext * c,AVIOContext * pb,MOVAtom atom)3415 static int mov_read_sbgp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
3416 {
3417 AVStream *st;
3418 MOVStreamContext *sc;
3419 unsigned int i, entries;
3420 uint8_t version;
3421 uint32_t grouping_type;
3422 MOVSbgp *table, **tablep;
3423 int *table_count;
3424
3425 if (c->fc->nb_streams < 1)
3426 return 0;
3427 st = c->fc->streams[c->fc->nb_streams-1];
3428 sc = st->priv_data;
3429
3430 version = avio_r8(pb); /* version */
3431 avio_rb24(pb); /* flags */
3432 grouping_type = avio_rl32(pb);
3433
3434 if (grouping_type == MKTAG('r','a','p',' ')) {
3435 tablep = &sc->rap_group;
3436 table_count = &sc->rap_group_count;
3437 } else if (grouping_type == MKTAG('s','y','n','c')) {
3438 tablep = &sc->sync_group;
3439 table_count = &sc->sync_group_count;
3440 } else {
3441 return 0;
3442 }
3443
3444 if (version == 1)
3445 avio_rb32(pb); /* grouping_type_parameter */
3446
3447 entries = avio_rb32(pb);
3448 if (!entries)
3449 return 0;
3450 if (*tablep)
3451 av_log(c->fc, AV_LOG_WARNING, "Duplicated SBGP %s atom\n", av_fourcc2str(grouping_type));
3452 av_freep(tablep);
3453 table = av_malloc_array(entries, sizeof(*table));
3454 if (!table)
3455 return AVERROR(ENOMEM);
3456 *tablep = table;
3457
3458 for (i = 0; i < entries && !pb->eof_reached; i++) {
3459 table[i].count = avio_rb32(pb); /* sample_count */
3460 table[i].index = avio_rb32(pb); /* group_description_index */
3461 }
3462
3463 *table_count = i;
3464
3465 if (pb->eof_reached) {
3466 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted SBGP atom\n");
3467 return AVERROR_EOF;
3468 }
3469
3470 return 0;
3471 }
3472
3473 /**
3474 * Get ith edit list entry (media time, duration).
3475 */
get_edit_list_entry(MOVContext * mov,const MOVStreamContext * msc,unsigned int edit_list_index,int64_t * edit_list_media_time,int64_t * edit_list_duration,int64_t global_timescale)3476 static int get_edit_list_entry(MOVContext *mov,
3477 const MOVStreamContext *msc,
3478 unsigned int edit_list_index,
3479 int64_t *edit_list_media_time,
3480 int64_t *edit_list_duration,
3481 int64_t global_timescale)
3482 {
3483 if (edit_list_index == msc->elst_count) {
3484 return 0;
3485 }
3486 *edit_list_media_time = msc->elst_data[edit_list_index].time;
3487 *edit_list_duration = msc->elst_data[edit_list_index].duration;
3488
3489 /* duration is in global timescale units;convert to msc timescale */
3490 if (global_timescale == 0) {
3491 avpriv_request_sample(mov->fc, "Support for mvhd.timescale = 0 with editlists");
3492 return 0;
3493 }
3494 *edit_list_duration = av_rescale(*edit_list_duration, msc->time_scale,
3495 global_timescale);
3496
3497 if (*edit_list_duration + (uint64_t)*edit_list_media_time > INT64_MAX)
3498 *edit_list_duration = 0;
3499
3500 return 1;
3501 }
3502
3503 /**
3504 * Find the closest previous frame to the timestamp_pts, in e_old index
3505 * entries. Searching for just any frame / just key frames can be controlled by
3506 * last argument 'flag'.
3507 * Note that if ctts_data is not NULL, we will always search for a key frame
3508 * irrespective of the value of 'flag'. If we don't find any keyframe, we will
3509 * return the first frame of the video.
3510 *
3511 * Here the timestamp_pts is considered to be a presentation timestamp and
3512 * the timestamp of index entries are considered to be decoding timestamps.
3513 *
3514 * Returns 0 if successful in finding a frame, else returns -1.
3515 * Places the found index corresponding output arg.
3516 *
3517 * If ctts_old is not NULL, then refines the searched entry by searching
3518 * backwards from the found timestamp, to find the frame with correct PTS.
3519 *
3520 * Places the found ctts_index and ctts_sample in corresponding output args.
3521 */
find_prev_closest_index(AVStream * st,AVIndexEntry * e_old,int nb_old,MOVCtts * ctts_data,int64_t ctts_count,int64_t timestamp_pts,int flag,int64_t * index,int64_t * ctts_index,int64_t * ctts_sample)3522 static int find_prev_closest_index(AVStream *st,
3523 AVIndexEntry *e_old,
3524 int nb_old,
3525 MOVCtts* ctts_data,
3526 int64_t ctts_count,
3527 int64_t timestamp_pts,
3528 int flag,
3529 int64_t* index,
3530 int64_t* ctts_index,
3531 int64_t* ctts_sample)
3532 {
3533 MOVStreamContext *msc = st->priv_data;
3534 FFStream *const sti = ffstream(st);
3535 AVIndexEntry *e_keep = sti->index_entries;
3536 int nb_keep = sti->nb_index_entries;
3537 int64_t i = 0;
3538 int64_t index_ctts_count;
3539
3540 av_assert0(index);
3541
3542 // If dts_shift > 0, then all the index timestamps will have to be offset by
3543 // at least dts_shift amount to obtain PTS.
3544 // Hence we decrement the searched timestamp_pts by dts_shift to find the closest index element.
3545 if (msc->dts_shift > 0) {
3546 timestamp_pts -= msc->dts_shift;
3547 }
3548
3549 sti->index_entries = e_old;
3550 sti->nb_index_entries = nb_old;
3551 *index = av_index_search_timestamp(st, timestamp_pts, flag | AVSEEK_FLAG_BACKWARD);
3552
3553 // Keep going backwards in the index entries until the timestamp is the same.
3554 if (*index >= 0) {
3555 for (i = *index; i > 0 && e_old[i].timestamp == e_old[i - 1].timestamp;
3556 i--) {
3557 if ((flag & AVSEEK_FLAG_ANY) ||
3558 (e_old[i - 1].flags & AVINDEX_KEYFRAME)) {
3559 *index = i - 1;
3560 }
3561 }
3562 }
3563
3564 // If we have CTTS then refine the search, by searching backwards over PTS
3565 // computed by adding corresponding CTTS durations to index timestamps.
3566 if (ctts_data && *index >= 0) {
3567 av_assert0(ctts_index);
3568 av_assert0(ctts_sample);
3569 // Find out the ctts_index for the found frame.
3570 *ctts_index = 0;
3571 *ctts_sample = 0;
3572 for (index_ctts_count = 0; index_ctts_count < *index; index_ctts_count++) {
3573 if (*ctts_index < ctts_count) {
3574 (*ctts_sample)++;
3575 if (ctts_data[*ctts_index].count == *ctts_sample) {
3576 (*ctts_index)++;
3577 *ctts_sample = 0;
3578 }
3579 }
3580 }
3581
3582 while (*index >= 0 && (*ctts_index) >= 0 && (*ctts_index) < ctts_count) {
3583 // Find a "key frame" with PTS <= timestamp_pts (So that we can decode B-frames correctly).
3584 // No need to add dts_shift to the timestamp here becase timestamp_pts has already been
3585 // compensated by dts_shift above.
3586 if ((e_old[*index].timestamp + ctts_data[*ctts_index].duration) <= timestamp_pts &&
3587 (e_old[*index].flags & AVINDEX_KEYFRAME)) {
3588 break;
3589 }
3590
3591 (*index)--;
3592 if (*ctts_sample == 0) {
3593 (*ctts_index)--;
3594 if (*ctts_index >= 0)
3595 *ctts_sample = ctts_data[*ctts_index].count - 1;
3596 } else {
3597 (*ctts_sample)--;
3598 }
3599 }
3600 }
3601
3602 /* restore AVStream state*/
3603 sti->index_entries = e_keep;
3604 sti->nb_index_entries = nb_keep;
3605 return *index >= 0 ? 0 : -1;
3606 }
3607
3608 /**
3609 * Add index entry with the given values, to the end of ffstream(st)->index_entries.
3610 * Returns the new size ffstream(st)->index_entries if successful, else returns -1.
3611 *
3612 * This function is similar to ff_add_index_entry in libavformat/utils.c
3613 * except that here we are always unconditionally adding an index entry to
3614 * the end, instead of searching the entries list and skipping the add if
3615 * there is an existing entry with the same timestamp.
3616 * This is needed because the mov_fix_index calls this func with the same
3617 * unincremented timestamp for successive discarded frames.
3618 */
add_index_entry(AVStream * st,int64_t pos,int64_t timestamp,int size,int distance,int flags)3619 static int64_t add_index_entry(AVStream *st, int64_t pos, int64_t timestamp,
3620 int size, int distance, int flags)
3621 {
3622 FFStream *const sti = ffstream(st);
3623 AVIndexEntry *entries, *ie;
3624 int64_t index = -1;
3625 const size_t min_size_needed = (sti->nb_index_entries + 1) * sizeof(AVIndexEntry);
3626
3627 // Double the allocation each time, to lower memory fragmentation.
3628 // Another difference from ff_add_index_entry function.
3629 const size_t requested_size =
3630 min_size_needed > sti->index_entries_allocated_size ?
3631 FFMAX(min_size_needed, 2 * sti->index_entries_allocated_size) :
3632 min_size_needed;
3633
3634 if (sti->nb_index_entries + 1U >= UINT_MAX / sizeof(AVIndexEntry))
3635 return -1;
3636
3637 entries = av_fast_realloc(sti->index_entries,
3638 &sti->index_entries_allocated_size,
3639 requested_size);
3640 if (!entries)
3641 return -1;
3642
3643 sti->index_entries = entries;
3644
3645 index = sti->nb_index_entries++;
3646 ie= &entries[index];
3647
3648 ie->pos = pos;
3649 ie->timestamp = timestamp;
3650 ie->min_distance= distance;
3651 ie->size= size;
3652 ie->flags = flags;
3653 return index;
3654 }
3655
3656 /**
3657 * Rewrite timestamps of index entries in the range [end_index - frame_duration_buffer_size, end_index)
3658 * by subtracting end_ts successively by the amounts given in frame_duration_buffer.
3659 */
fix_index_entry_timestamps(AVStream * st,int end_index,int64_t end_ts,int64_t * frame_duration_buffer,int frame_duration_buffer_size)3660 static void fix_index_entry_timestamps(AVStream* st, int end_index, int64_t end_ts,
3661 int64_t* frame_duration_buffer,
3662 int frame_duration_buffer_size) {
3663 FFStream *const sti = ffstream(st);
3664 int i = 0;
3665 av_assert0(end_index >= 0 && end_index <= sti->nb_index_entries);
3666 for (i = 0; i < frame_duration_buffer_size; i++) {
3667 end_ts -= frame_duration_buffer[frame_duration_buffer_size - 1 - i];
3668 sti->index_entries[end_index - 1 - i].timestamp = end_ts;
3669 }
3670 }
3671
3672 /**
3673 * Append a new ctts entry to ctts_data.
3674 * Returns the new ctts_count if successful, else returns -1.
3675 */
add_ctts_entry(MOVCtts ** ctts_data,unsigned int * ctts_count,unsigned int * allocated_size,int count,int duration)3676 static int64_t add_ctts_entry(MOVCtts** ctts_data, unsigned int* ctts_count, unsigned int* allocated_size,
3677 int count, int duration)
3678 {
3679 MOVCtts *ctts_buf_new;
3680 const size_t min_size_needed = (*ctts_count + 1) * sizeof(MOVCtts);
3681 const size_t requested_size =
3682 min_size_needed > *allocated_size ?
3683 FFMAX(min_size_needed, 2 * (*allocated_size)) :
3684 min_size_needed;
3685
3686 if ((unsigned)(*ctts_count) >= UINT_MAX / sizeof(MOVCtts) - 1)
3687 return -1;
3688
3689 ctts_buf_new = av_fast_realloc(*ctts_data, allocated_size, requested_size);
3690
3691 if (!ctts_buf_new)
3692 return -1;
3693
3694 *ctts_data = ctts_buf_new;
3695
3696 ctts_buf_new[*ctts_count].count = count;
3697 ctts_buf_new[*ctts_count].duration = duration;
3698
3699 *ctts_count = (*ctts_count) + 1;
3700 return *ctts_count;
3701 }
3702
3703 #define MAX_REORDER_DELAY 16
mov_estimate_video_delay(MOVContext * c,AVStream * st)3704 static void mov_estimate_video_delay(MOVContext *c, AVStream* st)
3705 {
3706 MOVStreamContext *msc = st->priv_data;
3707 FFStream *const sti = ffstream(st);
3708 int ctts_ind = 0;
3709 int ctts_sample = 0;
3710 int64_t pts_buf[MAX_REORDER_DELAY + 1]; // Circular buffer to sort pts.
3711 int buf_start = 0;
3712 int j, r, num_swaps;
3713
3714 for (j = 0; j < MAX_REORDER_DELAY + 1; j++)
3715 pts_buf[j] = INT64_MIN;
3716
3717 if (st->codecpar->video_delay <= 0 && msc->ctts_data &&
3718 st->codecpar->codec_id == AV_CODEC_ID_H264) {
3719 st->codecpar->video_delay = 0;
3720 for (int ind = 0; ind < sti->nb_index_entries && ctts_ind < msc->ctts_count; ++ind) {
3721 // Point j to the last elem of the buffer and insert the current pts there.
3722 j = buf_start;
3723 buf_start = (buf_start + 1);
3724 if (buf_start == MAX_REORDER_DELAY + 1)
3725 buf_start = 0;
3726
3727 pts_buf[j] = sti->index_entries[ind].timestamp + msc->ctts_data[ctts_ind].duration;
3728
3729 // The timestamps that are already in the sorted buffer, and are greater than the
3730 // current pts, are exactly the timestamps that need to be buffered to output PTS
3731 // in correct sorted order.
3732 // Hence the video delay (which is the buffer size used to sort DTS and output PTS),
3733 // can be computed as the maximum no. of swaps any particular timestamp needs to
3734 // go through, to keep this buffer in sorted order.
3735 num_swaps = 0;
3736 while (j != buf_start) {
3737 r = j - 1;
3738 if (r < 0) r = MAX_REORDER_DELAY;
3739 if (pts_buf[j] < pts_buf[r]) {
3740 FFSWAP(int64_t, pts_buf[j], pts_buf[r]);
3741 ++num_swaps;
3742 } else {
3743 break;
3744 }
3745 j = r;
3746 }
3747 st->codecpar->video_delay = FFMAX(st->codecpar->video_delay, num_swaps);
3748
3749 ctts_sample++;
3750 if (ctts_sample == msc->ctts_data[ctts_ind].count) {
3751 ctts_ind++;
3752 ctts_sample = 0;
3753 }
3754 }
3755 av_log(c->fc, AV_LOG_DEBUG, "Setting codecpar->delay to %d for stream st: %d\n",
3756 st->codecpar->video_delay, st->index);
3757 }
3758 }
3759
mov_current_sample_inc(MOVStreamContext * sc)3760 static void mov_current_sample_inc(MOVStreamContext *sc)
3761 {
3762 sc->current_sample++;
3763 sc->current_index++;
3764 if (sc->index_ranges &&
3765 sc->current_index >= sc->current_index_range->end &&
3766 sc->current_index_range->end) {
3767 sc->current_index_range++;
3768 sc->current_index = sc->current_index_range->start;
3769 }
3770 }
3771
mov_current_sample_dec(MOVStreamContext * sc)3772 static void mov_current_sample_dec(MOVStreamContext *sc)
3773 {
3774 sc->current_sample--;
3775 sc->current_index--;
3776 if (sc->index_ranges &&
3777 sc->current_index < sc->current_index_range->start &&
3778 sc->current_index_range > sc->index_ranges) {
3779 sc->current_index_range--;
3780 sc->current_index = sc->current_index_range->end - 1;
3781 }
3782 }
3783
mov_current_sample_set(MOVStreamContext * sc,int current_sample)3784 static void mov_current_sample_set(MOVStreamContext *sc, int current_sample)
3785 {
3786 int64_t range_size;
3787
3788 sc->current_sample = current_sample;
3789 sc->current_index = current_sample;
3790 if (!sc->index_ranges) {
3791 return;
3792 }
3793
3794 for (sc->current_index_range = sc->index_ranges;
3795 sc->current_index_range->end;
3796 sc->current_index_range++) {
3797 range_size = sc->current_index_range->end - sc->current_index_range->start;
3798 if (range_size > current_sample) {
3799 sc->current_index = sc->current_index_range->start + current_sample;
3800 break;
3801 }
3802 current_sample -= range_size;
3803 }
3804 }
3805
3806 /**
3807 * Fix ffstream(st)->index_entries, so that it contains only the entries (and the entries
3808 * which are needed to decode them) that fall in the edit list time ranges.
3809 * Also fixes the timestamps of the index entries to match the timeline
3810 * specified the edit lists.
3811 */
mov_fix_index(MOVContext * mov,AVStream * st)3812 static void mov_fix_index(MOVContext *mov, AVStream *st)
3813 {
3814 MOVStreamContext *msc = st->priv_data;
3815 FFStream *const sti = ffstream(st);
3816 AVIndexEntry *e_old = sti->index_entries;
3817 int nb_old = sti->nb_index_entries;
3818 const AVIndexEntry *e_old_end = e_old + nb_old;
3819 const AVIndexEntry *current = NULL;
3820 MOVCtts *ctts_data_old = msc->ctts_data;
3821 int64_t ctts_index_old = 0;
3822 int64_t ctts_sample_old = 0;
3823 int64_t ctts_count_old = msc->ctts_count;
3824 int64_t edit_list_media_time = 0;
3825 int64_t edit_list_duration = 0;
3826 int64_t frame_duration = 0;
3827 int64_t edit_list_dts_counter = 0;
3828 int64_t edit_list_dts_entry_end = 0;
3829 int64_t edit_list_start_ctts_sample = 0;
3830 int64_t curr_cts;
3831 int64_t curr_ctts = 0;
3832 int64_t empty_edits_sum_duration = 0;
3833 int64_t edit_list_index = 0;
3834 int64_t index;
3835 int flags;
3836 int64_t start_dts = 0;
3837 int64_t edit_list_start_encountered = 0;
3838 int64_t search_timestamp = 0;
3839 int64_t* frame_duration_buffer = NULL;
3840 int num_discarded_begin = 0;
3841 int first_non_zero_audio_edit = -1;
3842 int packet_skip_samples = 0;
3843 MOVIndexRange *current_index_range;
3844 int found_keyframe_after_edit = 0;
3845 int found_non_empty_edit = 0;
3846
3847 if (!msc->elst_data || msc->elst_count <= 0 || nb_old <= 0) {
3848 return;
3849 }
3850
3851 // allocate the index ranges array
3852 msc->index_ranges = av_malloc((msc->elst_count + 1) * sizeof(msc->index_ranges[0]));
3853 if (!msc->index_ranges) {
3854 av_log(mov->fc, AV_LOG_ERROR, "Cannot allocate index ranges buffer\n");
3855 return;
3856 }
3857 msc->current_index_range = msc->index_ranges;
3858 current_index_range = msc->index_ranges - 1;
3859
3860 // Clean AVStream from traces of old index
3861 sti->index_entries = NULL;
3862 sti->index_entries_allocated_size = 0;
3863 sti->nb_index_entries = 0;
3864
3865 // Clean ctts fields of MOVStreamContext
3866 msc->ctts_data = NULL;
3867 msc->ctts_count = 0;
3868 msc->ctts_index = 0;
3869 msc->ctts_sample = 0;
3870 msc->ctts_allocated_size = 0;
3871
3872 // Reinitialize min_corrected_pts so that it can be computed again.
3873 msc->min_corrected_pts = -1;
3874
3875 // If the dts_shift is positive (in case of negative ctts values in mov),
3876 // then negate the DTS by dts_shift
3877 if (msc->dts_shift > 0) {
3878 edit_list_dts_entry_end -= msc->dts_shift;
3879 av_log(mov->fc, AV_LOG_DEBUG, "Shifting DTS by %d because of negative CTTS.\n", msc->dts_shift);
3880 }
3881
3882 start_dts = edit_list_dts_entry_end;
3883
3884 while (get_edit_list_entry(mov, msc, edit_list_index, &edit_list_media_time,
3885 &edit_list_duration, mov->time_scale)) {
3886 av_log(mov->fc, AV_LOG_DEBUG, "Processing st: %d, edit list %"PRId64" - media time: %"PRId64", duration: %"PRId64"\n",
3887 st->index, edit_list_index, edit_list_media_time, edit_list_duration);
3888 edit_list_index++;
3889 edit_list_dts_counter = edit_list_dts_entry_end;
3890 edit_list_dts_entry_end += edit_list_duration;
3891 num_discarded_begin = 0;
3892 if (!found_non_empty_edit && edit_list_media_time == -1) {
3893 empty_edits_sum_duration += edit_list_duration;
3894 continue;
3895 }
3896 found_non_empty_edit = 1;
3897
3898 // If we encounter a non-negative edit list reset the skip_samples/start_pad fields and set them
3899 // according to the edit list below.
3900 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
3901 if (first_non_zero_audio_edit < 0) {
3902 first_non_zero_audio_edit = 1;
3903 } else {
3904 first_non_zero_audio_edit = 0;
3905 }
3906
3907 if (first_non_zero_audio_edit > 0)
3908 sti->skip_samples = msc->start_pad = 0;
3909 }
3910
3911 // While reordering frame index according to edit list we must handle properly
3912 // the scenario when edit list entry starts from none key frame.
3913 // We find closest previous key frame and preserve it and consequent frames in index.
3914 // All frames which are outside edit list entry time boundaries will be dropped after decoding.
3915 search_timestamp = edit_list_media_time;
3916 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO) {
3917 // Audio decoders like AAC need need a decoder delay samples previous to the current sample,
3918 // to correctly decode this frame. Hence for audio we seek to a frame 1 sec. before the
3919 // edit_list_media_time to cover the decoder delay.
3920 search_timestamp = FFMAX(search_timestamp - msc->time_scale, e_old[0].timestamp);
3921 }
3922
3923 if (find_prev_closest_index(st, e_old, nb_old, ctts_data_old, ctts_count_old, search_timestamp, 0,
3924 &index, &ctts_index_old, &ctts_sample_old) < 0) {
3925 av_log(mov->fc, AV_LOG_WARNING,
3926 "st: %d edit list: %"PRId64" Missing key frame while searching for timestamp: %"PRId64"\n",
3927 st->index, edit_list_index, search_timestamp);
3928 if (find_prev_closest_index(st, e_old, nb_old, ctts_data_old, ctts_count_old, search_timestamp, AVSEEK_FLAG_ANY,
3929 &index, &ctts_index_old, &ctts_sample_old) < 0) {
3930 av_log(mov->fc, AV_LOG_WARNING,
3931 "st: %d edit list %"PRId64" Cannot find an index entry before timestamp: %"PRId64".\n",
3932 st->index, edit_list_index, search_timestamp);
3933 index = 0;
3934 ctts_index_old = 0;
3935 ctts_sample_old = 0;
3936 }
3937 }
3938 current = e_old + index;
3939 edit_list_start_ctts_sample = ctts_sample_old;
3940
3941 // Iterate over index and arrange it according to edit list
3942 edit_list_start_encountered = 0;
3943 found_keyframe_after_edit = 0;
3944 for (; current < e_old_end; current++, index++) {
3945 // check if frame outside edit list mark it for discard
3946 frame_duration = (current + 1 < e_old_end) ?
3947 ((current + 1)->timestamp - current->timestamp) : edit_list_duration;
3948
3949 flags = current->flags;
3950
3951 // frames (pts) before or after edit list
3952 curr_cts = current->timestamp + msc->dts_shift;
3953 curr_ctts = 0;
3954
3955 if (ctts_data_old && ctts_index_old < ctts_count_old) {
3956 curr_ctts = ctts_data_old[ctts_index_old].duration;
3957 av_log(mov->fc, AV_LOG_TRACE, "stts: %"PRId64" ctts: %"PRId64", ctts_index: %"PRId64", ctts_count: %"PRId64"\n",
3958 curr_cts, curr_ctts, ctts_index_old, ctts_count_old);
3959 curr_cts += curr_ctts;
3960 ctts_sample_old++;
3961 if (ctts_sample_old == ctts_data_old[ctts_index_old].count) {
3962 if (add_ctts_entry(&msc->ctts_data, &msc->ctts_count,
3963 &msc->ctts_allocated_size,
3964 ctts_data_old[ctts_index_old].count - edit_list_start_ctts_sample,
3965 ctts_data_old[ctts_index_old].duration) == -1) {
3966 av_log(mov->fc, AV_LOG_ERROR, "Cannot add CTTS entry %"PRId64" - {%"PRId64", %d}\n",
3967 ctts_index_old,
3968 ctts_data_old[ctts_index_old].count - edit_list_start_ctts_sample,
3969 ctts_data_old[ctts_index_old].duration);
3970 break;
3971 }
3972 ctts_index_old++;
3973 ctts_sample_old = 0;
3974 edit_list_start_ctts_sample = 0;
3975 }
3976 }
3977
3978 if (curr_cts < edit_list_media_time || curr_cts >= (edit_list_duration + edit_list_media_time)) {
3979 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO && st->codecpar->codec_id != AV_CODEC_ID_VORBIS &&
3980 curr_cts < edit_list_media_time && curr_cts + frame_duration > edit_list_media_time &&
3981 first_non_zero_audio_edit > 0) {
3982 packet_skip_samples = edit_list_media_time - curr_cts;
3983 sti->skip_samples += packet_skip_samples;
3984
3985 // Shift the index entry timestamp by packet_skip_samples to be correct.
3986 edit_list_dts_counter -= packet_skip_samples;
3987 if (edit_list_start_encountered == 0) {
3988 edit_list_start_encountered = 1;
3989 // Make timestamps strictly monotonically increasing for audio, by rewriting timestamps for
3990 // discarded packets.
3991 if (frame_duration_buffer) {
3992 fix_index_entry_timestamps(st, sti->nb_index_entries, edit_list_dts_counter,
3993 frame_duration_buffer, num_discarded_begin);
3994 av_freep(&frame_duration_buffer);
3995 }
3996 }
3997
3998 av_log(mov->fc, AV_LOG_DEBUG, "skip %d audio samples from curr_cts: %"PRId64"\n", packet_skip_samples, curr_cts);
3999 } else {
4000 flags |= AVINDEX_DISCARD_FRAME;
4001 av_log(mov->fc, AV_LOG_DEBUG, "drop a frame at curr_cts: %"PRId64" @ %"PRId64"\n", curr_cts, index);
4002
4003 if (edit_list_start_encountered == 0) {
4004 num_discarded_begin++;
4005 frame_duration_buffer = av_realloc(frame_duration_buffer,
4006 num_discarded_begin * sizeof(int64_t));
4007 if (!frame_duration_buffer) {
4008 av_log(mov->fc, AV_LOG_ERROR, "Cannot reallocate frame duration buffer\n");
4009 break;
4010 }
4011 frame_duration_buffer[num_discarded_begin - 1] = frame_duration;
4012
4013 // Increment skip_samples for the first non-zero audio edit list
4014 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
4015 first_non_zero_audio_edit > 0 && st->codecpar->codec_id != AV_CODEC_ID_VORBIS) {
4016 sti->skip_samples += frame_duration;
4017 }
4018 }
4019 }
4020 } else {
4021 if (msc->min_corrected_pts < 0) {
4022 msc->min_corrected_pts = edit_list_dts_counter + curr_ctts + msc->dts_shift;
4023 } else {
4024 msc->min_corrected_pts = FFMIN(msc->min_corrected_pts, edit_list_dts_counter + curr_ctts + msc->dts_shift);
4025 }
4026 if (edit_list_start_encountered == 0) {
4027 edit_list_start_encountered = 1;
4028 // Make timestamps strictly monotonically increasing by rewriting timestamps for
4029 // discarded packets.
4030 if (frame_duration_buffer) {
4031 fix_index_entry_timestamps(st, sti->nb_index_entries, edit_list_dts_counter,
4032 frame_duration_buffer, num_discarded_begin);
4033 av_freep(&frame_duration_buffer);
4034 }
4035 }
4036 }
4037
4038 if (add_index_entry(st, current->pos, edit_list_dts_counter, current->size,
4039 current->min_distance, flags) == -1) {
4040 av_log(mov->fc, AV_LOG_ERROR, "Cannot add index entry\n");
4041 break;
4042 }
4043
4044 // Update the index ranges array
4045 if (current_index_range < msc->index_ranges || index != current_index_range->end) {
4046 current_index_range++;
4047 current_index_range->start = index;
4048 }
4049 current_index_range->end = index + 1;
4050
4051 // Only start incrementing DTS in frame_duration amounts, when we encounter a frame in edit list.
4052 if (edit_list_start_encountered > 0) {
4053 edit_list_dts_counter = edit_list_dts_counter + frame_duration;
4054 }
4055
4056 // Break when found first key frame after edit entry completion
4057 if ((curr_cts + frame_duration >= (edit_list_duration + edit_list_media_time)) &&
4058 ((flags & AVINDEX_KEYFRAME) || ((st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO)))) {
4059 if (ctts_data_old) {
4060 // If we have CTTS and this is the first keyframe after edit elist,
4061 // wait for one more, because there might be trailing B-frames after this I-frame
4062 // that do belong to the edit.
4063 if (st->codecpar->codec_type != AVMEDIA_TYPE_AUDIO && found_keyframe_after_edit == 0) {
4064 found_keyframe_after_edit = 1;
4065 continue;
4066 }
4067 if (ctts_sample_old != 0) {
4068 if (add_ctts_entry(&msc->ctts_data, &msc->ctts_count,
4069 &msc->ctts_allocated_size,
4070 ctts_sample_old - edit_list_start_ctts_sample,
4071 ctts_data_old[ctts_index_old].duration) == -1) {
4072 av_log(mov->fc, AV_LOG_ERROR, "Cannot add CTTS entry %"PRId64" - {%"PRId64", %d}\n",
4073 ctts_index_old, ctts_sample_old - edit_list_start_ctts_sample,
4074 ctts_data_old[ctts_index_old].duration);
4075 break;
4076 }
4077 }
4078 }
4079 break;
4080 }
4081 }
4082 }
4083 // If there are empty edits, then msc->min_corrected_pts might be positive
4084 // intentionally. So we subtract the sum duration of emtpy edits here.
4085 msc->min_corrected_pts -= empty_edits_sum_duration;
4086
4087 // If the minimum pts turns out to be greater than zero after fixing the index, then we subtract the
4088 // dts by that amount to make the first pts zero.
4089 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
4090 if (msc->min_corrected_pts > 0) {
4091 av_log(mov->fc, AV_LOG_DEBUG, "Offset DTS by %"PRId64" to make first pts zero.\n", msc->min_corrected_pts);
4092 for (int i = 0; i < sti->nb_index_entries; ++i)
4093 sti->index_entries[i].timestamp -= msc->min_corrected_pts;
4094 }
4095 }
4096 // Start time should be equal to zero or the duration of any empty edits.
4097 st->start_time = empty_edits_sum_duration;
4098
4099 // Update av stream length, if it ends up shorter than the track's media duration
4100 st->duration = FFMIN(st->duration, edit_list_dts_entry_end - start_dts);
4101 msc->start_pad = sti->skip_samples;
4102
4103 // Free the old index and the old CTTS structures
4104 av_free(e_old);
4105 av_free(ctts_data_old);
4106 av_freep(&frame_duration_buffer);
4107
4108 // Null terminate the index ranges array
4109 current_index_range++;
4110 current_index_range->start = 0;
4111 current_index_range->end = 0;
4112 msc->current_index = msc->index_ranges[0].start;
4113 }
4114
get_sgpd_sync_index(const MOVStreamContext * sc,int nal_unit_type)4115 static uint32_t get_sgpd_sync_index(const MOVStreamContext *sc, int nal_unit_type)
4116 {
4117 for (uint32_t i = 0; i < sc->sgpd_sync_count; i++)
4118 if (sc->sgpd_sync[i] == HEVC_NAL_CRA_NUT)
4119 return i + 1;
4120 return 0;
4121 }
4122
build_open_gop_key_points(AVStream * st)4123 static int build_open_gop_key_points(AVStream *st)
4124 {
4125 int k;
4126 int sample_id = 0;
4127 uint32_t cra_index;
4128 MOVStreamContext *sc = st->priv_data;
4129
4130 if (st->codecpar->codec_id != AV_CODEC_ID_HEVC || !sc->sync_group_count)
4131 return 0;
4132
4133 /* Build an unrolled index of the samples */
4134 sc->sample_offsets_count = 0;
4135 for (uint32_t i = 0; i < sc->ctts_count; i++) {
4136 if (sc->ctts_data[i].count > INT_MAX - sc->sample_offsets_count)
4137 return AVERROR(ENOMEM);
4138 sc->sample_offsets_count += sc->ctts_data[i].count;
4139 }
4140 av_freep(&sc->sample_offsets);
4141 sc->sample_offsets = av_calloc(sc->sample_offsets_count, sizeof(*sc->sample_offsets));
4142 if (!sc->sample_offsets)
4143 return AVERROR(ENOMEM);
4144 k = 0;
4145 for (uint32_t i = 0; i < sc->ctts_count; i++)
4146 for (int j = 0; j < sc->ctts_data[i].count; j++)
4147 sc->sample_offsets[k++] = sc->ctts_data[i].duration;
4148
4149 /* The following HEVC NAL type reveal the use of open GOP sync points
4150 * (TODO: BLA types may also be concerned) */
4151 cra_index = get_sgpd_sync_index(sc, HEVC_NAL_CRA_NUT); /* Clean Random Access */
4152 if (!cra_index)
4153 return 0;
4154
4155 /* Build a list of open-GOP key samples */
4156 sc->open_key_samples_count = 0;
4157 for (uint32_t i = 0; i < sc->sync_group_count; i++)
4158 if (sc->sync_group[i].index == cra_index) {
4159 if (sc->sync_group[i].count > INT_MAX - sc->open_key_samples_count)
4160 return AVERROR(ENOMEM);
4161 sc->open_key_samples_count += sc->sync_group[i].count;
4162 }
4163 av_freep(&sc->open_key_samples);
4164 sc->open_key_samples = av_calloc(sc->open_key_samples_count, sizeof(*sc->open_key_samples));
4165 if (!sc->open_key_samples)
4166 return AVERROR(ENOMEM);
4167 k = 0;
4168 for (uint32_t i = 0; i < sc->sync_group_count; i++) {
4169 const MOVSbgp *sg = &sc->sync_group[i];
4170 if (sg->index == cra_index)
4171 for (uint32_t j = 0; j < sg->count; j++)
4172 sc->open_key_samples[k++] = sample_id;
4173 if (sg->count > INT_MAX - sample_id)
4174 return AVERROR_PATCHWELCOME;
4175 sample_id += sg->count;
4176 }
4177
4178 /* Identify the minimal time step between samples */
4179 sc->min_sample_duration = UINT_MAX;
4180 for (uint32_t i = 0; i < sc->stts_count; i++)
4181 sc->min_sample_duration = FFMIN(sc->min_sample_duration, sc->stts_data[i].duration);
4182
4183 return 0;
4184 }
4185
mov_build_index(MOVContext * mov,AVStream * st)4186 static void mov_build_index(MOVContext *mov, AVStream *st)
4187 {
4188 MOVStreamContext *sc = st->priv_data;
4189 FFStream *const sti = ffstream(st);
4190 int64_t current_offset;
4191 int64_t current_dts = 0;
4192 unsigned int stts_index = 0;
4193 unsigned int stsc_index = 0;
4194 unsigned int stss_index = 0;
4195 unsigned int stps_index = 0;
4196 unsigned int i, j;
4197 uint64_t stream_size = 0;
4198 MOVCtts *ctts_data_old = sc->ctts_data;
4199 unsigned int ctts_count_old = sc->ctts_count;
4200
4201 int ret = build_open_gop_key_points(st);
4202 if (ret < 0)
4203 return;
4204
4205 if (sc->elst_count) {
4206 int i, edit_start_index = 0, multiple_edits = 0;
4207 int64_t empty_duration = 0; // empty duration of the first edit list entry
4208 int64_t start_time = 0; // start time of the media
4209
4210 for (i = 0; i < sc->elst_count; i++) {
4211 const MOVElst *e = &sc->elst_data[i];
4212 if (i == 0 && e->time == -1) {
4213 /* if empty, the first entry is the start time of the stream
4214 * relative to the presentation itself */
4215 empty_duration = e->duration;
4216 edit_start_index = 1;
4217 } else if (i == edit_start_index && e->time >= 0) {
4218 start_time = e->time;
4219 } else {
4220 multiple_edits = 1;
4221 }
4222 }
4223
4224 if (multiple_edits && !mov->advanced_editlist)
4225 av_log(mov->fc, AV_LOG_WARNING, "multiple edit list entries, "
4226 "Use -advanced_editlist to correctly decode otherwise "
4227 "a/v desync might occur\n");
4228
4229 /* adjust first dts according to edit list */
4230 if ((empty_duration || start_time) && mov->time_scale > 0) {
4231 if (empty_duration)
4232 empty_duration = av_rescale(empty_duration, sc->time_scale, mov->time_scale);
4233
4234 if (av_sat_sub64(start_time, empty_duration) != start_time - (uint64_t)empty_duration)
4235 av_log(mov->fc, AV_LOG_WARNING, "start_time - empty_duration is not representable\n");
4236
4237 sc->time_offset = start_time - (uint64_t)empty_duration;
4238 sc->min_corrected_pts = start_time;
4239 if (!mov->advanced_editlist)
4240 current_dts = -sc->time_offset;
4241 }
4242
4243 if (!multiple_edits && !mov->advanced_editlist &&
4244 st->codecpar->codec_id == AV_CODEC_ID_AAC && start_time > 0)
4245 sc->start_pad = start_time;
4246 }
4247
4248 /* only use old uncompressed audio chunk demuxing when stts specifies it */
4249 if (!(st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
4250 sc->stts_count == 1 && sc->stts_data[0].duration == 1)) {
4251 unsigned int current_sample = 0;
4252 unsigned int stts_sample = 0;
4253 unsigned int sample_size;
4254 unsigned int distance = 0;
4255 unsigned int rap_group_index = 0;
4256 unsigned int rap_group_sample = 0;
4257 int rap_group_present = sc->rap_group_count && sc->rap_group;
4258 int key_off = (sc->keyframe_count && sc->keyframes[0] > 0) || (sc->stps_count && sc->stps_data[0] > 0);
4259
4260 current_dts -= sc->dts_shift;
4261
4262 if (!sc->sample_count || sti->nb_index_entries)
4263 return;
4264 if (sc->sample_count >= UINT_MAX / sizeof(*sti->index_entries) - sti->nb_index_entries)
4265 return;
4266 if (av_reallocp_array(&sti->index_entries,
4267 sti->nb_index_entries + sc->sample_count,
4268 sizeof(*sti->index_entries)) < 0) {
4269 sti->nb_index_entries = 0;
4270 return;
4271 }
4272 sti->index_entries_allocated_size = (sti->nb_index_entries + sc->sample_count) * sizeof(*sti->index_entries);
4273
4274 if (ctts_data_old) {
4275 // Expand ctts entries such that we have a 1-1 mapping with samples
4276 if (sc->sample_count >= UINT_MAX / sizeof(*sc->ctts_data))
4277 return;
4278 sc->ctts_count = 0;
4279 sc->ctts_allocated_size = 0;
4280 sc->ctts_data = av_fast_realloc(NULL, &sc->ctts_allocated_size,
4281 sc->sample_count * sizeof(*sc->ctts_data));
4282 if (!sc->ctts_data) {
4283 av_free(ctts_data_old);
4284 return;
4285 }
4286
4287 memset((uint8_t*)(sc->ctts_data), 0, sc->ctts_allocated_size);
4288
4289 for (i = 0; i < ctts_count_old &&
4290 sc->ctts_count < sc->sample_count; i++)
4291 for (j = 0; j < ctts_data_old[i].count &&
4292 sc->ctts_count < sc->sample_count; j++)
4293 add_ctts_entry(&sc->ctts_data, &sc->ctts_count,
4294 &sc->ctts_allocated_size, 1,
4295 ctts_data_old[i].duration);
4296 av_free(ctts_data_old);
4297 }
4298
4299 for (i = 0; i < sc->chunk_count; i++) {
4300 int64_t next_offset = i+1 < sc->chunk_count ? sc->chunk_offsets[i+1] : INT64_MAX;
4301 current_offset = sc->chunk_offsets[i];
4302 while (mov_stsc_index_valid(stsc_index, sc->stsc_count) &&
4303 i + 1 == sc->stsc_data[stsc_index + 1].first)
4304 stsc_index++;
4305
4306 if (next_offset > current_offset && sc->sample_size>0 && sc->sample_size < sc->stsz_sample_size &&
4307 sc->stsc_data[stsc_index].count * (int64_t)sc->stsz_sample_size > next_offset - current_offset) {
4308 av_log(mov->fc, AV_LOG_WARNING, "STSZ sample size %d invalid (too large), ignoring\n", sc->stsz_sample_size);
4309 sc->stsz_sample_size = sc->sample_size;
4310 }
4311 if (sc->stsz_sample_size>0 && sc->stsz_sample_size < sc->sample_size) {
4312 av_log(mov->fc, AV_LOG_WARNING, "STSZ sample size %d invalid (too small), ignoring\n", sc->stsz_sample_size);
4313 sc->stsz_sample_size = sc->sample_size;
4314 }
4315
4316 for (j = 0; j < sc->stsc_data[stsc_index].count; j++) {
4317 int keyframe = 0;
4318 if (current_sample >= sc->sample_count) {
4319 av_log(mov->fc, AV_LOG_ERROR, "wrong sample count\n");
4320 return;
4321 }
4322
4323 if (!sc->keyframe_absent && (!sc->keyframe_count || current_sample+key_off == sc->keyframes[stss_index])) {
4324 keyframe = 1;
4325 if (stss_index + 1 < sc->keyframe_count)
4326 stss_index++;
4327 } else if (sc->stps_count && current_sample+key_off == sc->stps_data[stps_index]) {
4328 keyframe = 1;
4329 if (stps_index + 1 < sc->stps_count)
4330 stps_index++;
4331 }
4332 if (rap_group_present && rap_group_index < sc->rap_group_count) {
4333 if (sc->rap_group[rap_group_index].index > 0)
4334 keyframe = 1;
4335 if (++rap_group_sample == sc->rap_group[rap_group_index].count) {
4336 rap_group_sample = 0;
4337 rap_group_index++;
4338 }
4339 }
4340 if (sc->keyframe_absent
4341 && !sc->stps_count
4342 && !rap_group_present
4343 && (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO || (i==0 && j==0)))
4344 keyframe = 1;
4345 if (keyframe)
4346 distance = 0;
4347 sample_size = sc->stsz_sample_size > 0 ? sc->stsz_sample_size : sc->sample_sizes[current_sample];
4348 if (current_offset > INT64_MAX - sample_size) {
4349 av_log(mov->fc, AV_LOG_ERROR, "Current offset %"PRId64" or sample size %u is too large\n",
4350 current_offset,
4351 sample_size);
4352 return;
4353 }
4354
4355 if (sc->pseudo_stream_id == -1 ||
4356 sc->stsc_data[stsc_index].id - 1 == sc->pseudo_stream_id) {
4357 AVIndexEntry *e;
4358 if (sample_size > 0x3FFFFFFF) {
4359 av_log(mov->fc, AV_LOG_ERROR, "Sample size %u is too large\n", sample_size);
4360 return;
4361 }
4362 e = &sti->index_entries[sti->nb_index_entries++];
4363 e->pos = current_offset;
4364 e->timestamp = current_dts;
4365 e->size = sample_size;
4366 e->min_distance = distance;
4367 e->flags = keyframe ? AVINDEX_KEYFRAME : 0;
4368 av_log(mov->fc, AV_LOG_TRACE, "AVIndex stream %d, sample %u, offset %"PRIx64", dts %"PRId64", "
4369 "size %u, distance %u, keyframe %d\n", st->index, current_sample,
4370 current_offset, current_dts, sample_size, distance, keyframe);
4371 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && sti->nb_index_entries < 100)
4372 ff_rfps_add_frame(mov->fc, st, current_dts);
4373 }
4374
4375 current_offset += sample_size;
4376 stream_size += sample_size;
4377
4378 current_dts += sc->stts_data[stts_index].duration;
4379
4380 distance++;
4381 stts_sample++;
4382 current_sample++;
4383 if (stts_index + 1 < sc->stts_count && stts_sample == sc->stts_data[stts_index].count) {
4384 stts_sample = 0;
4385 stts_index++;
4386 }
4387 }
4388 }
4389 if (st->duration > 0)
4390 st->codecpar->bit_rate = stream_size*8*sc->time_scale/st->duration;
4391 } else {
4392 unsigned chunk_samples, total = 0;
4393
4394 if (!sc->chunk_count)
4395 return;
4396
4397 // compute total chunk count
4398 for (i = 0; i < sc->stsc_count; i++) {
4399 unsigned count, chunk_count;
4400
4401 chunk_samples = sc->stsc_data[i].count;
4402 if (i != sc->stsc_count - 1 &&
4403 sc->samples_per_frame && chunk_samples % sc->samples_per_frame) {
4404 av_log(mov->fc, AV_LOG_ERROR, "error unaligned chunk\n");
4405 return;
4406 }
4407
4408 if (sc->samples_per_frame >= 160) { // gsm
4409 count = chunk_samples / sc->samples_per_frame;
4410 } else if (sc->samples_per_frame > 1) {
4411 unsigned samples = (1024/sc->samples_per_frame)*sc->samples_per_frame;
4412 count = (chunk_samples+samples-1) / samples;
4413 } else {
4414 count = (chunk_samples+1023) / 1024;
4415 }
4416
4417 if (mov_stsc_index_valid(i, sc->stsc_count))
4418 chunk_count = sc->stsc_data[i+1].first - sc->stsc_data[i].first;
4419 else
4420 chunk_count = sc->chunk_count - (sc->stsc_data[i].first - 1);
4421 total += chunk_count * count;
4422 }
4423
4424 av_log(mov->fc, AV_LOG_TRACE, "chunk count %u\n", total);
4425 if (total >= UINT_MAX / sizeof(*sti->index_entries) - sti->nb_index_entries)
4426 return;
4427 if (av_reallocp_array(&sti->index_entries,
4428 sti->nb_index_entries + total,
4429 sizeof(*sti->index_entries)) < 0) {
4430 sti->nb_index_entries = 0;
4431 return;
4432 }
4433 sti->index_entries_allocated_size = (sti->nb_index_entries + total) * sizeof(*sti->index_entries);
4434
4435 // populate index
4436 for (i = 0; i < sc->chunk_count; i++) {
4437 current_offset = sc->chunk_offsets[i];
4438 if (mov_stsc_index_valid(stsc_index, sc->stsc_count) &&
4439 i + 1 == sc->stsc_data[stsc_index + 1].first)
4440 stsc_index++;
4441 chunk_samples = sc->stsc_data[stsc_index].count;
4442
4443 while (chunk_samples > 0) {
4444 AVIndexEntry *e;
4445 unsigned size, samples;
4446
4447 if (sc->samples_per_frame > 1 && !sc->bytes_per_frame) {
4448 avpriv_request_sample(mov->fc,
4449 "Zero bytes per frame, but %d samples per frame",
4450 sc->samples_per_frame);
4451 return;
4452 }
4453
4454 if (sc->samples_per_frame >= 160) { // gsm
4455 samples = sc->samples_per_frame;
4456 size = sc->bytes_per_frame;
4457 } else {
4458 if (sc->samples_per_frame > 1) {
4459 samples = FFMIN((1024 / sc->samples_per_frame)*
4460 sc->samples_per_frame, chunk_samples);
4461 size = (samples / sc->samples_per_frame) * sc->bytes_per_frame;
4462 } else {
4463 samples = FFMIN(1024, chunk_samples);
4464 size = samples * sc->sample_size;
4465 }
4466 }
4467
4468 if (sti->nb_index_entries >= total) {
4469 av_log(mov->fc, AV_LOG_ERROR, "wrong chunk count %u\n", total);
4470 return;
4471 }
4472 if (size > 0x3FFFFFFF) {
4473 av_log(mov->fc, AV_LOG_ERROR, "Sample size %u is too large\n", size);
4474 return;
4475 }
4476 e = &sti->index_entries[sti->nb_index_entries++];
4477 e->pos = current_offset;
4478 e->timestamp = current_dts;
4479 e->size = size;
4480 e->min_distance = 0;
4481 e->flags = AVINDEX_KEYFRAME;
4482 av_log(mov->fc, AV_LOG_TRACE, "AVIndex stream %d, chunk %u, offset %"PRIx64", dts %"PRId64", "
4483 "size %u, duration %u\n", st->index, i, current_offset, current_dts,
4484 size, samples);
4485
4486 current_offset += size;
4487 current_dts += samples;
4488 chunk_samples -= samples;
4489 }
4490 }
4491 }
4492
4493 if (!mov->ignore_editlist && mov->advanced_editlist) {
4494 // Fix index according to edit lists.
4495 mov_fix_index(mov, st);
4496 }
4497
4498 // Update start time of the stream.
4499 if (st->start_time == AV_NOPTS_VALUE && st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && sti->nb_index_entries > 0) {
4500 st->start_time = sti->index_entries[0].timestamp + sc->dts_shift;
4501 if (sc->ctts_data) {
4502 st->start_time += sc->ctts_data[0].duration;
4503 }
4504 }
4505
4506 mov_estimate_video_delay(mov, st);
4507 }
4508
test_same_origin(const char * src,const char * ref)4509 static int test_same_origin(const char *src, const char *ref) {
4510 char src_proto[64];
4511 char ref_proto[64];
4512 char src_auth[256];
4513 char ref_auth[256];
4514 char src_host[256];
4515 char ref_host[256];
4516 int src_port=-1;
4517 int ref_port=-1;
4518
4519 av_url_split(src_proto, sizeof(src_proto), src_auth, sizeof(src_auth), src_host, sizeof(src_host), &src_port, NULL, 0, src);
4520 av_url_split(ref_proto, sizeof(ref_proto), ref_auth, sizeof(ref_auth), ref_host, sizeof(ref_host), &ref_port, NULL, 0, ref);
4521
4522 if (strlen(src) == 0) {
4523 return -1;
4524 } else if (strlen(src_auth) + 1 >= sizeof(src_auth) ||
4525 strlen(ref_auth) + 1 >= sizeof(ref_auth) ||
4526 strlen(src_host) + 1 >= sizeof(src_host) ||
4527 strlen(ref_host) + 1 >= sizeof(ref_host)) {
4528 return 0;
4529 } else if (strcmp(src_proto, ref_proto) ||
4530 strcmp(src_auth, ref_auth) ||
4531 strcmp(src_host, ref_host) ||
4532 src_port != ref_port) {
4533 return 0;
4534 } else
4535 return 1;
4536 }
4537
mov_open_dref(MOVContext * c,AVIOContext ** pb,const char * src,MOVDref * ref)4538 static int mov_open_dref(MOVContext *c, AVIOContext **pb, const char *src, MOVDref *ref)
4539 {
4540 /* try relative path, we do not try the absolute because it can leak information about our
4541 system to an attacker */
4542 if (ref->nlvl_to > 0 && ref->nlvl_from > 0) {
4543 char filename[1025];
4544 const char *src_path;
4545 int i, l;
4546
4547 /* find a source dir */
4548 src_path = strrchr(src, '/');
4549 if (src_path)
4550 src_path++;
4551 else
4552 src_path = src;
4553
4554 /* find a next level down to target */
4555 for (i = 0, l = strlen(ref->path) - 1; l >= 0; l--)
4556 if (ref->path[l] == '/') {
4557 if (i == ref->nlvl_to - 1)
4558 break;
4559 else
4560 i++;
4561 }
4562
4563 /* compose filename if next level down to target was found */
4564 if (i == ref->nlvl_to - 1 && src_path - src < sizeof(filename)) {
4565 memcpy(filename, src, src_path - src);
4566 filename[src_path - src] = 0;
4567
4568 for (i = 1; i < ref->nlvl_from; i++)
4569 av_strlcat(filename, "../", sizeof(filename));
4570
4571 av_strlcat(filename, ref->path + l + 1, sizeof(filename));
4572 if (!c->use_absolute_path) {
4573 int same_origin = test_same_origin(src, filename);
4574
4575 if (!same_origin) {
4576 av_log(c->fc, AV_LOG_ERROR,
4577 "Reference with mismatching origin, %s not tried for security reasons, "
4578 "set demuxer option use_absolute_path to allow it anyway\n",
4579 ref->path);
4580 return AVERROR(ENOENT);
4581 }
4582
4583 if (strstr(ref->path + l + 1, "..") ||
4584 strstr(ref->path + l + 1, ":") ||
4585 (ref->nlvl_from > 1 && same_origin < 0) ||
4586 (filename[0] == '/' && src_path == src))
4587 return AVERROR(ENOENT);
4588 }
4589
4590 if (strlen(filename) + 1 == sizeof(filename))
4591 return AVERROR(ENOENT);
4592 if (!c->fc->io_open(c->fc, pb, filename, AVIO_FLAG_READ, NULL))
4593 return 0;
4594 }
4595 } else if (c->use_absolute_path) {
4596 av_log(c->fc, AV_LOG_WARNING, "Using absolute path on user request, "
4597 "this is a possible security issue\n");
4598 if (!c->fc->io_open(c->fc, pb, ref->path, AVIO_FLAG_READ, NULL))
4599 return 0;
4600 } else {
4601 av_log(c->fc, AV_LOG_ERROR,
4602 "Absolute path %s not tried for security reasons, "
4603 "set demuxer option use_absolute_path to allow absolute paths\n",
4604 ref->path);
4605 }
4606
4607 return AVERROR(ENOENT);
4608 }
4609
fix_timescale(MOVContext * c,MOVStreamContext * sc)4610 static void fix_timescale(MOVContext *c, MOVStreamContext *sc)
4611 {
4612 if (sc->time_scale <= 0) {
4613 av_log(c->fc, AV_LOG_WARNING, "stream %d, timescale not set\n", sc->ffindex);
4614 sc->time_scale = c->time_scale;
4615 if (sc->time_scale <= 0)
4616 sc->time_scale = 1;
4617 }
4618 }
4619
mov_read_trak(MOVContext * c,AVIOContext * pb,MOVAtom atom)4620 static int mov_read_trak(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4621 {
4622 AVStream *st;
4623 MOVStreamContext *sc;
4624 int ret;
4625
4626 if (c->is_still_picture_avif) {
4627 return AVERROR_INVALIDDATA;
4628 }
4629
4630 st = avformat_new_stream(c->fc, NULL);
4631 if (!st) return AVERROR(ENOMEM);
4632 st->id = -1;
4633 sc = av_mallocz(sizeof(MOVStreamContext));
4634 if (!sc) return AVERROR(ENOMEM);
4635
4636 st->priv_data = sc;
4637 st->codecpar->codec_type = AVMEDIA_TYPE_DATA;
4638 sc->ffindex = st->index;
4639 c->trak_index = st->index;
4640
4641 if ((ret = mov_read_default(c, pb, atom)) < 0)
4642 return ret;
4643
4644 c->trak_index = -1;
4645
4646 // Here stsc refers to a chunk not described in stco. This is technically invalid,
4647 // but we can overlook it (clearing stsc) whenever stts_count == 0 (indicating no samples).
4648 if (!sc->chunk_count && !sc->stts_count && sc->stsc_count) {
4649 sc->stsc_count = 0;
4650 av_freep(&sc->stsc_data);
4651 }
4652
4653 /* sanity checks */
4654 if ((sc->chunk_count && (!sc->stts_count || !sc->stsc_count ||
4655 (!sc->sample_size && !sc->sample_count))) ||
4656 (!sc->chunk_count && sc->sample_count)) {
4657 av_log(c->fc, AV_LOG_ERROR, "stream %d, missing mandatory atoms, broken header\n",
4658 st->index);
4659 return 0;
4660 }
4661 if (sc->stsc_count && sc->stsc_data[ sc->stsc_count - 1 ].first > sc->chunk_count) {
4662 av_log(c->fc, AV_LOG_ERROR, "stream %d, contradictionary STSC and STCO\n",
4663 st->index);
4664 return AVERROR_INVALIDDATA;
4665 }
4666
4667 fix_timescale(c, sc);
4668
4669 avpriv_set_pts_info(st, 64, 1, sc->time_scale);
4670
4671 mov_build_index(c, st);
4672
4673 if (sc->dref_id-1 < sc->drefs_count && sc->drefs[sc->dref_id-1].path) {
4674 MOVDref *dref = &sc->drefs[sc->dref_id - 1];
4675 if (c->enable_drefs) {
4676 if (mov_open_dref(c, &sc->pb, c->fc->url, dref) < 0)
4677 av_log(c->fc, AV_LOG_ERROR,
4678 "stream %d, error opening alias: path='%s', dir='%s', "
4679 "filename='%s', volume='%s', nlvl_from=%d, nlvl_to=%d\n",
4680 st->index, dref->path, dref->dir, dref->filename,
4681 dref->volume, dref->nlvl_from, dref->nlvl_to);
4682 } else {
4683 av_log(c->fc, AV_LOG_WARNING,
4684 "Skipped opening external track: "
4685 "stream %d, alias: path='%s', dir='%s', "
4686 "filename='%s', volume='%s', nlvl_from=%d, nlvl_to=%d."
4687 "Set enable_drefs to allow this.\n",
4688 st->index, dref->path, dref->dir, dref->filename,
4689 dref->volume, dref->nlvl_from, dref->nlvl_to);
4690 }
4691 } else {
4692 sc->pb = c->fc->pb;
4693 sc->pb_is_copied = 1;
4694 }
4695
4696 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
4697 if (!st->sample_aspect_ratio.num && st->codecpar->width && st->codecpar->height &&
4698 sc->height && sc->width &&
4699 (st->codecpar->width != sc->width || st->codecpar->height != sc->height)) {
4700 st->sample_aspect_ratio = av_d2q(((double)st->codecpar->height * sc->width) /
4701 ((double)st->codecpar->width * sc->height), INT_MAX);
4702 }
4703
4704 #if FF_API_R_FRAME_RATE
4705 if (sc->stts_count == 1 || (sc->stts_count == 2 && sc->stts_data[1].count == 1))
4706 av_reduce(&st->r_frame_rate.num, &st->r_frame_rate.den,
4707 sc->time_scale, sc->stts_data[0].duration, INT_MAX);
4708 #endif
4709 }
4710
4711 // done for ai5q, ai52, ai55, ai1q, ai12 and ai15.
4712 if (!st->codecpar->extradata_size && st->codecpar->codec_id == AV_CODEC_ID_H264 &&
4713 TAG_IS_AVCI(st->codecpar->codec_tag)) {
4714 ret = ff_generate_avci_extradata(st);
4715 if (ret < 0)
4716 return ret;
4717 }
4718
4719 switch (st->codecpar->codec_id) {
4720 #if CONFIG_H261_DECODER
4721 case AV_CODEC_ID_H261:
4722 #endif
4723 #if CONFIG_H263_DECODER
4724 case AV_CODEC_ID_H263:
4725 #endif
4726 #if CONFIG_MPEG4_DECODER
4727 case AV_CODEC_ID_MPEG4:
4728 #endif
4729 st->codecpar->width = 0; /* let decoder init width/height */
4730 st->codecpar->height= 0;
4731 break;
4732 }
4733
4734 // If the duration of the mp3 packets is not constant, then they could need a parser
4735 if (st->codecpar->codec_id == AV_CODEC_ID_MP3
4736 && sc->stts_count > 3
4737 && sc->stts_count*10 > st->nb_frames
4738 && sc->time_scale == st->codecpar->sample_rate) {
4739 ffstream(st)->need_parsing = AVSTREAM_PARSE_FULL;
4740 }
4741 /* Do not need those anymore. */
4742 av_freep(&sc->chunk_offsets);
4743 av_freep(&sc->sample_sizes);
4744 av_freep(&sc->keyframes);
4745 av_freep(&sc->stts_data);
4746 av_freep(&sc->stps_data);
4747 av_freep(&sc->elst_data);
4748 av_freep(&sc->rap_group);
4749 av_freep(&sc->sync_group);
4750 av_freep(&sc->sgpd_sync);
4751
4752 return 0;
4753 }
4754
mov_read_ilst(MOVContext * c,AVIOContext * pb,MOVAtom atom)4755 static int mov_read_ilst(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4756 {
4757 int ret;
4758 c->itunes_metadata = 1;
4759 ret = mov_read_default(c, pb, atom);
4760 c->itunes_metadata = 0;
4761 return ret;
4762 }
4763
mov_read_keys(MOVContext * c,AVIOContext * pb,MOVAtom atom)4764 static int mov_read_keys(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4765 {
4766 uint32_t count;
4767 uint32_t i;
4768
4769 if (atom.size < 8)
4770 return 0;
4771
4772 avio_skip(pb, 4);
4773 count = avio_rb32(pb);
4774 if (count > UINT_MAX / sizeof(*c->meta_keys) - 1) {
4775 av_log(c->fc, AV_LOG_ERROR,
4776 "The 'keys' atom with the invalid key count: %"PRIu32"\n", count);
4777 return AVERROR_INVALIDDATA;
4778 }
4779
4780 c->meta_keys_count = count + 1;
4781 c->meta_keys = av_mallocz(c->meta_keys_count * sizeof(*c->meta_keys));
4782 if (!c->meta_keys)
4783 return AVERROR(ENOMEM);
4784
4785 for (i = 1; i <= count; ++i) {
4786 uint32_t key_size = avio_rb32(pb);
4787 uint32_t type = avio_rl32(pb);
4788 if (key_size < 8) {
4789 av_log(c->fc, AV_LOG_ERROR,
4790 "The key# %"PRIu32" in meta has invalid size:"
4791 "%"PRIu32"\n", i, key_size);
4792 return AVERROR_INVALIDDATA;
4793 }
4794 key_size -= 8;
4795 if (type != MKTAG('m','d','t','a')) {
4796 avio_skip(pb, key_size);
4797 }
4798 #ifdef OHOS_MOOV_LEVEL_META
4799 char* tempKey = av_mallocz(key_size + 1);
4800 if (!tempKey) {
4801 return AVERROR(ENOMEM);
4802 }
4803 avio_read(pb, tempKey, key_size);
4804 c->meta_keys[i] = av_asprintf("%s%s", "moov_level_meta_key_", tempKey);
4805 av_freep(&tempKey);
4806 #else
4807 c->meta_keys[i] = av_mallocz(key_size + 1);
4808 if (!c->meta_keys[i])
4809 return AVERROR(ENOMEM);
4810 avio_read(pb, c->meta_keys[i], key_size);
4811 #endif
4812 }
4813
4814 return 0;
4815 }
4816
mov_read_custom(MOVContext * c,AVIOContext * pb,MOVAtom atom)4817 static int mov_read_custom(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4818 {
4819 int64_t end = av_sat_add64(avio_tell(pb), atom.size);
4820 uint8_t *key = NULL, *val = NULL, *mean = NULL;
4821 int i;
4822 int ret = 0;
4823 AVStream *st;
4824 MOVStreamContext *sc;
4825
4826 if (c->fc->nb_streams < 1)
4827 return 0;
4828 st = c->fc->streams[c->fc->nb_streams-1];
4829 sc = st->priv_data;
4830
4831 for (i = 0; i < 3; i++) {
4832 uint8_t **p;
4833 uint32_t len, tag;
4834
4835 if (end - avio_tell(pb) <= 12)
4836 break;
4837
4838 len = avio_rb32(pb);
4839 tag = avio_rl32(pb);
4840 avio_skip(pb, 4); // flags
4841
4842 if (len < 12 || len - 12 > end - avio_tell(pb))
4843 break;
4844 len -= 12;
4845
4846 if (tag == MKTAG('m', 'e', 'a', 'n'))
4847 p = &mean;
4848 else if (tag == MKTAG('n', 'a', 'm', 'e'))
4849 p = &key;
4850 else if (tag == MKTAG('d', 'a', 't', 'a') && len > 4) {
4851 avio_skip(pb, 4);
4852 len -= 4;
4853 p = &val;
4854 } else
4855 break;
4856
4857 if (*p)
4858 break;
4859
4860 *p = av_malloc(len + 1);
4861 if (!*p) {
4862 ret = AVERROR(ENOMEM);
4863 break;
4864 }
4865 ret = ffio_read_size(pb, *p, len);
4866 if (ret < 0) {
4867 av_freep(p);
4868 break;
4869 }
4870 (*p)[len] = 0;
4871 }
4872
4873 if (mean && key && val) {
4874 if (strcmp(key, "iTunSMPB") == 0) {
4875 int priming, remainder, samples;
4876 if(sscanf(val, "%*X %X %X %X", &priming, &remainder, &samples) == 3){
4877 if(priming>0 && priming<16384)
4878 sc->start_pad = priming;
4879 }
4880 }
4881 if (strcmp(key, "cdec") != 0) {
4882 av_dict_set(&c->fc->metadata, key, val,
4883 AV_DICT_DONT_STRDUP_KEY | AV_DICT_DONT_STRDUP_VAL);
4884 key = val = NULL;
4885 }
4886 } else {
4887 av_log(c->fc, AV_LOG_VERBOSE,
4888 "Unhandled or malformed custom metadata of size %"PRId64"\n", atom.size);
4889 }
4890
4891 avio_seek(pb, end, SEEK_SET);
4892 av_freep(&key);
4893 av_freep(&val);
4894 av_freep(&mean);
4895 return ret;
4896 }
4897
mov_read_meta(MOVContext * c,AVIOContext * pb,MOVAtom atom)4898 static int mov_read_meta(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4899 {
4900 while (atom.size > 8) {
4901 uint32_t tag;
4902 if (avio_feof(pb))
4903 return AVERROR_EOF;
4904 tag = avio_rl32(pb);
4905 atom.size -= 4;
4906 if (tag == MKTAG('h','d','l','r')) {
4907 avio_seek(pb, -8, SEEK_CUR);
4908 atom.size += 8;
4909 return mov_read_default(c, pb, atom);
4910 }
4911 }
4912 return 0;
4913 }
4914
4915 // return 1 when matrix is identity, 0 otherwise
4916 #define IS_MATRIX_IDENT(matrix) \
4917 ( (matrix)[0][0] == (1 << 16) && \
4918 (matrix)[1][1] == (1 << 16) && \
4919 (matrix)[2][2] == (1 << 30) && \
4920 !(matrix)[0][1] && !(matrix)[0][2] && \
4921 !(matrix)[1][0] && !(matrix)[1][2] && \
4922 !(matrix)[2][0] && !(matrix)[2][1])
4923
mov_read_tkhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)4924 static int mov_read_tkhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
4925 {
4926 int i, j, e;
4927 int width;
4928 int height;
4929 int display_matrix[3][3];
4930 int res_display_matrix[3][3] = { { 0 } };
4931 AVStream *st;
4932 MOVStreamContext *sc;
4933 int version;
4934 int flags;
4935
4936 if (c->fc->nb_streams < 1)
4937 return 0;
4938 st = c->fc->streams[c->fc->nb_streams-1];
4939 sc = st->priv_data;
4940
4941 // Each stream (trak) should have exactly 1 tkhd. This catches bad files and
4942 // avoids corrupting AVStreams mapped to an earlier tkhd.
4943 if (st->id != -1)
4944 return AVERROR_INVALIDDATA;
4945
4946 version = avio_r8(pb);
4947 flags = avio_rb24(pb);
4948 st->disposition |= (flags & MOV_TKHD_FLAG_ENABLED) ? AV_DISPOSITION_DEFAULT : 0;
4949
4950 if (version == 1) {
4951 avio_rb64(pb);
4952 avio_rb64(pb);
4953 } else {
4954 avio_rb32(pb); /* creation time */
4955 avio_rb32(pb); /* modification time */
4956 }
4957 st->id = (int)avio_rb32(pb); /* track id (NOT 0 !)*/
4958 avio_rb32(pb); /* reserved */
4959
4960 /* highlevel (considering edits) duration in movie timebase */
4961 (version == 1) ? avio_rb64(pb) : avio_rb32(pb);
4962 avio_rb32(pb); /* reserved */
4963 avio_rb32(pb); /* reserved */
4964
4965 avio_rb16(pb); /* layer */
4966 avio_rb16(pb); /* alternate group */
4967 avio_rb16(pb); /* volume */
4968 avio_rb16(pb); /* reserved */
4969
4970 //read in the display matrix (outlined in ISO 14496-12, Section 6.2.2)
4971 // they're kept in fixed point format through all calculations
4972 // save u,v,z to store the whole matrix in the AV_PKT_DATA_DISPLAYMATRIX
4973 // side data, but the scale factor is not needed to calculate aspect ratio
4974 for (i = 0; i < 3; i++) {
4975 display_matrix[i][0] = avio_rb32(pb); // 16.16 fixed point
4976 display_matrix[i][1] = avio_rb32(pb); // 16.16 fixed point
4977 display_matrix[i][2] = avio_rb32(pb); // 2.30 fixed point
4978 }
4979
4980 width = avio_rb32(pb); // 16.16 fixed point track width
4981 height = avio_rb32(pb); // 16.16 fixed point track height
4982 sc->width = width >> 16;
4983 sc->height = height >> 16;
4984
4985 // apply the moov display matrix (after the tkhd one)
4986 for (i = 0; i < 3; i++) {
4987 const int sh[3] = { 16, 16, 30 };
4988 for (j = 0; j < 3; j++) {
4989 for (e = 0; e < 3; e++) {
4990 res_display_matrix[i][j] +=
4991 ((int64_t) display_matrix[i][e] *
4992 c->movie_display_matrix[e][j]) >> sh[e];
4993 }
4994 }
4995 }
4996
4997 // save the matrix when it is not the default identity
4998 if (!IS_MATRIX_IDENT(res_display_matrix)) {
4999 av_freep(&sc->display_matrix);
5000 sc->display_matrix = av_malloc(sizeof(int32_t) * 9);
5001 if (!sc->display_matrix)
5002 return AVERROR(ENOMEM);
5003
5004 for (i = 0; i < 3; i++)
5005 for (j = 0; j < 3; j++)
5006 sc->display_matrix[i * 3 + j] = res_display_matrix[i][j];
5007 }
5008
5009 // transform the display width/height according to the matrix
5010 // to keep the same scale, use [width height 1<<16]
5011 if (width && height && sc->display_matrix) {
5012 double disp_transform[2];
5013
5014 for (i = 0; i < 2; i++)
5015 disp_transform[i] = hypot(sc->display_matrix[0 + i],
5016 sc->display_matrix[3 + i]);
5017
5018 if (disp_transform[0] > 1 && disp_transform[1] > 1 &&
5019 disp_transform[0] < (1<<24) && disp_transform[1] < (1<<24) &&
5020 fabs((disp_transform[0] / disp_transform[1]) - 1.0) > 0.01)
5021 st->sample_aspect_ratio = av_d2q(
5022 disp_transform[0] / disp_transform[1],
5023 INT_MAX);
5024 }
5025 return 0;
5026 }
5027
mov_read_tfhd(MOVContext * c,AVIOContext * pb,MOVAtom atom)5028 static int mov_read_tfhd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5029 {
5030 MOVFragment *frag = &c->fragment;
5031 MOVTrackExt *trex = NULL;
5032 int flags, track_id, i;
5033 MOVFragmentStreamInfo * frag_stream_info;
5034
5035 avio_r8(pb); /* version */
5036 flags = avio_rb24(pb);
5037
5038 track_id = avio_rb32(pb);
5039 if (!track_id)
5040 return AVERROR_INVALIDDATA;
5041 for (i = 0; i < c->trex_count; i++)
5042 if (c->trex_data[i].track_id == track_id) {
5043 trex = &c->trex_data[i];
5044 break;
5045 }
5046 if (!trex) {
5047 av_log(c->fc, AV_LOG_WARNING, "could not find corresponding trex (id %u)\n", track_id);
5048 return 0;
5049 }
5050 c->fragment.found_tfhd = 1;
5051 frag->track_id = track_id;
5052 set_frag_stream(&c->frag_index, track_id);
5053
5054 frag->base_data_offset = flags & MOV_TFHD_BASE_DATA_OFFSET ?
5055 avio_rb64(pb) : flags & MOV_TFHD_DEFAULT_BASE_IS_MOOF ?
5056 frag->moof_offset : frag->implicit_offset;
5057 frag->stsd_id = flags & MOV_TFHD_STSD_ID ? avio_rb32(pb) : trex->stsd_id;
5058
5059 frag->duration = flags & MOV_TFHD_DEFAULT_DURATION ?
5060 avio_rb32(pb) : trex->duration;
5061 frag->size = flags & MOV_TFHD_DEFAULT_SIZE ?
5062 avio_rb32(pb) : trex->size;
5063 frag->flags = flags & MOV_TFHD_DEFAULT_FLAGS ?
5064 avio_rb32(pb) : trex->flags;
5065 av_log(c->fc, AV_LOG_TRACE, "frag flags 0x%x\n", frag->flags);
5066
5067 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
5068 if (frag_stream_info)
5069 frag_stream_info->next_trun_dts = AV_NOPTS_VALUE;
5070
5071 return 0;
5072 }
5073
mov_read_chap(MOVContext * c,AVIOContext * pb,MOVAtom atom)5074 static int mov_read_chap(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5075 {
5076 unsigned i, num;
5077 void *new_tracks;
5078
5079 num = atom.size / 4;
5080 if (!(new_tracks = av_malloc_array(num, sizeof(int))))
5081 return AVERROR(ENOMEM);
5082
5083 av_free(c->chapter_tracks);
5084 c->chapter_tracks = new_tracks;
5085 c->nb_chapter_tracks = num;
5086
5087 for (i = 0; i < num && !pb->eof_reached; i++)
5088 c->chapter_tracks[i] = avio_rb32(pb);
5089
5090 c->nb_chapter_tracks = i;
5091
5092 return 0;
5093 }
5094
mov_read_trex(MOVContext * c,AVIOContext * pb,MOVAtom atom)5095 static int mov_read_trex(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5096 {
5097 MOVTrackExt *trex;
5098 int err;
5099
5100 if ((uint64_t)c->trex_count+1 >= UINT_MAX / sizeof(*c->trex_data))
5101 return AVERROR_INVALIDDATA;
5102 if ((err = av_reallocp_array(&c->trex_data, c->trex_count + 1,
5103 sizeof(*c->trex_data))) < 0) {
5104 c->trex_count = 0;
5105 return err;
5106 }
5107
5108 c->fc->duration = AV_NOPTS_VALUE; // the duration from mvhd is not representing the whole file when fragments are used.
5109
5110 trex = &c->trex_data[c->trex_count++];
5111 avio_r8(pb); /* version */
5112 avio_rb24(pb); /* flags */
5113 trex->track_id = avio_rb32(pb);
5114 trex->stsd_id = avio_rb32(pb);
5115 trex->duration = avio_rb32(pb);
5116 trex->size = avio_rb32(pb);
5117 trex->flags = avio_rb32(pb);
5118 return 0;
5119 }
5120
mov_read_tfdt(MOVContext * c,AVIOContext * pb,MOVAtom atom)5121 static int mov_read_tfdt(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5122 {
5123 MOVFragment *frag = &c->fragment;
5124 AVStream *st = NULL;
5125 MOVStreamContext *sc;
5126 int version, i;
5127 MOVFragmentStreamInfo * frag_stream_info;
5128 int64_t base_media_decode_time;
5129
5130 for (i = 0; i < c->fc->nb_streams; i++) {
5131 if (c->fc->streams[i]->id == frag->track_id) {
5132 st = c->fc->streams[i];
5133 break;
5134 }
5135 }
5136 if (!st) {
5137 av_log(c->fc, AV_LOG_WARNING, "could not find corresponding track id %u\n", frag->track_id);
5138 return 0;
5139 }
5140 sc = st->priv_data;
5141 if (sc->pseudo_stream_id + 1 != frag->stsd_id && sc->pseudo_stream_id != -1)
5142 return 0;
5143 version = avio_r8(pb);
5144 avio_rb24(pb); /* flags */
5145 if (version) {
5146 base_media_decode_time = avio_rb64(pb);
5147 } else {
5148 base_media_decode_time = avio_rb32(pb);
5149 }
5150
5151 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
5152 if (frag_stream_info)
5153 frag_stream_info->tfdt_dts = base_media_decode_time;
5154 sc->track_end = base_media_decode_time;
5155
5156 return 0;
5157 }
5158
mov_read_trun(MOVContext * c,AVIOContext * pb,MOVAtom atom)5159 static int mov_read_trun(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5160 {
5161 MOVFragment *frag = &c->fragment;
5162 AVStream *st = NULL;
5163 FFStream *sti = NULL;
5164 MOVStreamContext *sc;
5165 MOVCtts *ctts_data;
5166 uint64_t offset;
5167 int64_t dts, pts = AV_NOPTS_VALUE;
5168 int data_offset = 0;
5169 unsigned entries, first_sample_flags = frag->flags;
5170 int flags, distance, i;
5171 int64_t prev_dts = AV_NOPTS_VALUE;
5172 int next_frag_index = -1, index_entry_pos;
5173 size_t requested_size;
5174 size_t old_ctts_allocated_size;
5175 AVIndexEntry *new_entries;
5176 MOVFragmentStreamInfo * frag_stream_info;
5177
5178 if (!frag->found_tfhd) {
5179 av_log(c->fc, AV_LOG_ERROR, "trun track id unknown, no tfhd was found\n");
5180 return AVERROR_INVALIDDATA;
5181 }
5182
5183 for (i = 0; i < c->fc->nb_streams; i++) {
5184 if (c->fc->streams[i]->id == frag->track_id) {
5185 st = c->fc->streams[i];
5186 sti = ffstream(st);
5187 break;
5188 }
5189 }
5190 if (!st) {
5191 av_log(c->fc, AV_LOG_WARNING, "could not find corresponding track id %u\n", frag->track_id);
5192 return 0;
5193 }
5194 sc = st->priv_data;
5195 if (sc->pseudo_stream_id+1 != frag->stsd_id && sc->pseudo_stream_id != -1)
5196 return 0;
5197
5198 // Find the next frag_index index that has a valid index_entry for
5199 // the current track_id.
5200 //
5201 // A valid index_entry means the trun for the fragment was read
5202 // and it's samples are in index_entries at the given position.
5203 // New index entries will be inserted before the index_entry found.
5204 index_entry_pos = sti->nb_index_entries;
5205 for (i = c->frag_index.current + 1; i < c->frag_index.nb_items; i++) {
5206 frag_stream_info = get_frag_stream_info(&c->frag_index, i, frag->track_id);
5207 if (frag_stream_info && frag_stream_info->index_entry >= 0) {
5208 next_frag_index = i;
5209 index_entry_pos = frag_stream_info->index_entry;
5210 break;
5211 }
5212 }
5213 av_assert0(index_entry_pos <= sti->nb_index_entries);
5214
5215 avio_r8(pb); /* version */
5216 flags = avio_rb24(pb);
5217 entries = avio_rb32(pb);
5218 av_log(c->fc, AV_LOG_TRACE, "flags 0x%x entries %u\n", flags, entries);
5219
5220 if ((uint64_t)entries+sc->ctts_count >= UINT_MAX/sizeof(*sc->ctts_data))
5221 return AVERROR_INVALIDDATA;
5222 if (flags & MOV_TRUN_DATA_OFFSET) data_offset = avio_rb32(pb);
5223 if (flags & MOV_TRUN_FIRST_SAMPLE_FLAGS) first_sample_flags = avio_rb32(pb);
5224
5225 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
5226 if (frag_stream_info) {
5227 if (frag_stream_info->next_trun_dts != AV_NOPTS_VALUE) {
5228 dts = frag_stream_info->next_trun_dts - sc->time_offset;
5229 } else if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE &&
5230 c->use_mfra_for == FF_MOV_FLAG_MFRA_PTS) {
5231 pts = frag_stream_info->first_tfra_pts;
5232 av_log(c->fc, AV_LOG_DEBUG, "found mfra time %"PRId64
5233 ", using it for pts\n", pts);
5234 } else if (frag_stream_info->first_tfra_pts != AV_NOPTS_VALUE &&
5235 c->use_mfra_for == FF_MOV_FLAG_MFRA_DTS) {
5236 dts = frag_stream_info->first_tfra_pts;
5237 av_log(c->fc, AV_LOG_DEBUG, "found mfra time %"PRId64
5238 ", using it for dts\n", pts);
5239 } else {
5240 int has_tfdt = frag_stream_info->tfdt_dts != AV_NOPTS_VALUE;
5241 int has_sidx = frag_stream_info->sidx_pts != AV_NOPTS_VALUE;
5242 int fallback_tfdt = !c->use_tfdt && !has_sidx && has_tfdt;
5243 int fallback_sidx = c->use_tfdt && !has_tfdt && has_sidx;
5244
5245 if (fallback_sidx) {
5246 av_log(c->fc, AV_LOG_DEBUG, "use_tfdt set but no tfdt found, using sidx instead\n");
5247 }
5248 if (fallback_tfdt) {
5249 av_log(c->fc, AV_LOG_DEBUG, "use_tfdt not set but no sidx found, using tfdt instead\n");
5250 }
5251
5252 if (has_tfdt && c->use_tfdt || fallback_tfdt) {
5253 dts = frag_stream_info->tfdt_dts - sc->time_offset;
5254 av_log(c->fc, AV_LOG_DEBUG, "found tfdt time %"PRId64
5255 ", using it for dts\n", dts);
5256 } else if (has_sidx && !c->use_tfdt || fallback_sidx) {
5257 // FIXME: sidx earliest_presentation_time is *PTS*, s.b.
5258 // pts = frag_stream_info->sidx_pts;
5259 dts = frag_stream_info->sidx_pts - sc->time_offset;
5260 av_log(c->fc, AV_LOG_DEBUG, "found sidx time %"PRId64
5261 ", using it for dts\n", frag_stream_info->sidx_pts);
5262 } else {
5263 dts = sc->track_end - sc->time_offset;
5264 av_log(c->fc, AV_LOG_DEBUG, "found track end time %"PRId64
5265 ", using it for dts\n", dts);
5266 }
5267 }
5268 } else {
5269 dts = sc->track_end - sc->time_offset;
5270 av_log(c->fc, AV_LOG_DEBUG, "found track end time %"PRId64
5271 ", using it for dts\n", dts);
5272 }
5273 offset = frag->base_data_offset + data_offset;
5274 distance = 0;
5275 av_log(c->fc, AV_LOG_TRACE, "first sample flags 0x%x\n", first_sample_flags);
5276
5277 // realloc space for new index entries
5278 if ((uint64_t)sti->nb_index_entries + entries >= UINT_MAX / sizeof(AVIndexEntry)) {
5279 entries = UINT_MAX / sizeof(AVIndexEntry) - sti->nb_index_entries;
5280 av_log(c->fc, AV_LOG_ERROR, "Failed to add index entry\n");
5281 }
5282 if (entries == 0)
5283 return 0;
5284
5285 requested_size = (sti->nb_index_entries + entries) * sizeof(AVIndexEntry);
5286 new_entries = av_fast_realloc(sti->index_entries,
5287 &sti->index_entries_allocated_size,
5288 requested_size);
5289 if (!new_entries)
5290 return AVERROR(ENOMEM);
5291 sti->index_entries= new_entries;
5292
5293 requested_size = (sti->nb_index_entries + entries) * sizeof(*sc->ctts_data);
5294 old_ctts_allocated_size = sc->ctts_allocated_size;
5295 ctts_data = av_fast_realloc(sc->ctts_data, &sc->ctts_allocated_size,
5296 requested_size);
5297 if (!ctts_data)
5298 return AVERROR(ENOMEM);
5299 sc->ctts_data = ctts_data;
5300
5301 // In case there were samples without ctts entries, ensure they get
5302 // zero valued entries. This ensures clips which mix boxes with and
5303 // without ctts entries don't pickup uninitialized data.
5304 memset((uint8_t*)(sc->ctts_data) + old_ctts_allocated_size, 0,
5305 sc->ctts_allocated_size - old_ctts_allocated_size);
5306
5307 if (index_entry_pos < sti->nb_index_entries) {
5308 // Make hole in index_entries and ctts_data for new samples
5309 memmove(sti->index_entries + index_entry_pos + entries,
5310 sti->index_entries + index_entry_pos,
5311 sizeof(*sti->index_entries) *
5312 (sti->nb_index_entries - index_entry_pos));
5313 memmove(sc->ctts_data + index_entry_pos + entries,
5314 sc->ctts_data + index_entry_pos,
5315 sizeof(*sc->ctts_data) * (sc->ctts_count - index_entry_pos));
5316 if (index_entry_pos < sc->current_sample) {
5317 sc->current_sample += entries;
5318 }
5319 }
5320
5321 sti->nb_index_entries += entries;
5322 sc->ctts_count = sti->nb_index_entries;
5323
5324 // Record the index_entry position in frag_index of this fragment
5325 if (frag_stream_info)
5326 frag_stream_info->index_entry = index_entry_pos;
5327
5328 if (index_entry_pos > 0)
5329 prev_dts = sti->index_entries[index_entry_pos-1].timestamp;
5330
5331 for (i = 0; i < entries && !pb->eof_reached; i++) {
5332 unsigned sample_size = frag->size;
5333 int sample_flags = i ? frag->flags : first_sample_flags;
5334 unsigned sample_duration = frag->duration;
5335 unsigned ctts_duration = 0;
5336 int keyframe = 0;
5337 int index_entry_flags = 0;
5338
5339 if (flags & MOV_TRUN_SAMPLE_DURATION) sample_duration = avio_rb32(pb);
5340 if (flags & MOV_TRUN_SAMPLE_SIZE) sample_size = avio_rb32(pb);
5341 if (flags & MOV_TRUN_SAMPLE_FLAGS) sample_flags = avio_rb32(pb);
5342 if (flags & MOV_TRUN_SAMPLE_CTS) ctts_duration = avio_rb32(pb);
5343
5344 mov_update_dts_shift(sc, ctts_duration, c->fc);
5345 if (pts != AV_NOPTS_VALUE) {
5346 dts = pts - sc->dts_shift;
5347 if (flags & MOV_TRUN_SAMPLE_CTS) {
5348 dts -= ctts_duration;
5349 } else {
5350 dts -= sc->time_offset;
5351 }
5352 av_log(c->fc, AV_LOG_DEBUG,
5353 "pts %"PRId64" calculated dts %"PRId64
5354 " sc->dts_shift %d ctts.duration %d"
5355 " sc->time_offset %"PRId64
5356 " flags & MOV_TRUN_SAMPLE_CTS %d\n",
5357 pts, dts,
5358 sc->dts_shift, ctts_duration,
5359 sc->time_offset, flags & MOV_TRUN_SAMPLE_CTS);
5360 pts = AV_NOPTS_VALUE;
5361 }
5362
5363 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO)
5364 keyframe = 1;
5365 else
5366 keyframe =
5367 !(sample_flags & (MOV_FRAG_SAMPLE_FLAG_IS_NON_SYNC |
5368 MOV_FRAG_SAMPLE_FLAG_DEPENDS_YES));
5369 if (keyframe) {
5370 distance = 0;
5371 index_entry_flags |= AVINDEX_KEYFRAME;
5372 }
5373 // Fragments can overlap in time. Discard overlapping frames after
5374 // decoding.
5375 if (prev_dts >= dts)
5376 index_entry_flags |= AVINDEX_DISCARD_FRAME;
5377
5378 sti->index_entries[index_entry_pos].pos = offset;
5379 sti->index_entries[index_entry_pos].timestamp = dts;
5380 sti->index_entries[index_entry_pos].size = sample_size;
5381 sti->index_entries[index_entry_pos].min_distance = distance;
5382 sti->index_entries[index_entry_pos].flags = index_entry_flags;
5383
5384 sc->ctts_data[index_entry_pos].count = 1;
5385 sc->ctts_data[index_entry_pos].duration = ctts_duration;
5386 index_entry_pos++;
5387
5388 av_log(c->fc, AV_LOG_TRACE, "AVIndex stream %d, sample %d, offset %"PRIx64", dts %"PRId64", "
5389 "size %u, distance %d, keyframe %d\n", st->index,
5390 index_entry_pos, offset, dts, sample_size, distance, keyframe);
5391 distance++;
5392 if (av_sat_add64(dts, sample_duration) != dts + (uint64_t)sample_duration)
5393 return AVERROR_INVALIDDATA;
5394 if (!sample_size)
5395 return AVERROR_INVALIDDATA;
5396 dts += sample_duration;
5397 offset += sample_size;
5398 sc->data_size += sample_size;
5399
5400 if (sample_duration <= INT64_MAX - sc->duration_for_fps &&
5401 1 <= INT_MAX - sc->nb_frames_for_fps
5402 ) {
5403 sc->duration_for_fps += sample_duration;
5404 sc->nb_frames_for_fps ++;
5405 }
5406 }
5407 if (frag_stream_info)
5408 frag_stream_info->next_trun_dts = dts + sc->time_offset;
5409 if (i < entries) {
5410 // EOF found before reading all entries. Fix the hole this would
5411 // leave in index_entries and ctts_data
5412 int gap = entries - i;
5413 memmove(sti->index_entries + index_entry_pos,
5414 sti->index_entries + index_entry_pos + gap,
5415 sizeof(*sti->index_entries) *
5416 (sti->nb_index_entries - (index_entry_pos + gap)));
5417 memmove(sc->ctts_data + index_entry_pos,
5418 sc->ctts_data + index_entry_pos + gap,
5419 sizeof(*sc->ctts_data) *
5420 (sc->ctts_count - (index_entry_pos + gap)));
5421
5422 sti->nb_index_entries -= gap;
5423 sc->ctts_count -= gap;
5424 if (index_entry_pos < sc->current_sample) {
5425 sc->current_sample -= gap;
5426 }
5427 entries = i;
5428 }
5429
5430 // The end of this new fragment may overlap in time with the start
5431 // of the next fragment in index_entries. Mark the samples in the next
5432 // fragment that overlap with AVINDEX_DISCARD_FRAME
5433 prev_dts = AV_NOPTS_VALUE;
5434 if (index_entry_pos > 0)
5435 prev_dts = sti->index_entries[index_entry_pos-1].timestamp;
5436 for (int i = index_entry_pos; i < sti->nb_index_entries; i++) {
5437 if (prev_dts < sti->index_entries[i].timestamp)
5438 break;
5439 sti->index_entries[i].flags |= AVINDEX_DISCARD_FRAME;
5440 }
5441
5442 // If a hole was created to insert the new index_entries into,
5443 // the index_entry recorded for all subsequent moof must
5444 // be incremented by the number of entries inserted.
5445 fix_frag_index_entries(&c->frag_index, next_frag_index,
5446 frag->track_id, entries);
5447
5448 if (pb->eof_reached) {
5449 av_log(c->fc, AV_LOG_WARNING, "reached eof, corrupted TRUN atom\n");
5450 return AVERROR_EOF;
5451 }
5452
5453 frag->implicit_offset = offset;
5454
5455 sc->track_end = dts + sc->time_offset;
5456 if (st->duration < sc->track_end)
5457 st->duration = sc->track_end;
5458
5459 return 0;
5460 }
5461
mov_read_sidx(MOVContext * c,AVIOContext * pb,MOVAtom atom)5462 static int mov_read_sidx(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5463 {
5464 int64_t stream_size = avio_size(pb);
5465 int64_t offset = av_sat_add64(avio_tell(pb), atom.size), pts, timestamp;
5466 uint8_t version, is_complete;
5467 int64_t offadd;
5468 unsigned i, j, track_id, item_count;
5469 AVStream *st = NULL;
5470 AVStream *ref_st = NULL;
5471 MOVStreamContext *sc, *ref_sc = NULL;
5472 AVRational timescale;
5473
5474 version = avio_r8(pb);
5475 if (version > 1) {
5476 avpriv_request_sample(c->fc, "sidx version %u", version);
5477 return 0;
5478 }
5479
5480 avio_rb24(pb); // flags
5481
5482 track_id = avio_rb32(pb); // Reference ID
5483 for (i = 0; i < c->fc->nb_streams; i++) {
5484 if (c->fc->streams[i]->id == track_id) {
5485 st = c->fc->streams[i];
5486 break;
5487 }
5488 }
5489 if (!st) {
5490 av_log(c->fc, AV_LOG_WARNING, "could not find corresponding track id %d\n", track_id);
5491 return 0;
5492 }
5493
5494 sc = st->priv_data;
5495
5496 timescale = av_make_q(1, avio_rb32(pb));
5497
5498 if (timescale.den <= 0) {
5499 av_log(c->fc, AV_LOG_ERROR, "Invalid sidx timescale 1/%d\n", timescale.den);
5500 return AVERROR_INVALIDDATA;
5501 }
5502
5503 if (version == 0) {
5504 pts = avio_rb32(pb);
5505 offadd= avio_rb32(pb);
5506 } else {
5507 pts = avio_rb64(pb);
5508 offadd= avio_rb64(pb);
5509 }
5510 if (av_sat_add64(offset, offadd) != offset + (uint64_t)offadd)
5511 return AVERROR_INVALIDDATA;
5512
5513 offset += (uint64_t)offadd;
5514
5515 avio_rb16(pb); // reserved
5516
5517 item_count = avio_rb16(pb);
5518 if (item_count == 0)
5519 return AVERROR_INVALIDDATA;
5520 #ifdef OHOS_CAL_DASH_BITRATE
5521 sc->referenced_size = 0;
5522 #endif
5523 for (i = 0; i < item_count; i++) {
5524 int index;
5525 MOVFragmentStreamInfo * frag_stream_info;
5526 uint32_t size = avio_rb32(pb);
5527 uint32_t duration = avio_rb32(pb);
5528 if (size & 0x80000000) {
5529 avpriv_request_sample(c->fc, "sidx reference_type 1");
5530 return AVERROR_PATCHWELCOME;
5531 }
5532 avio_rb32(pb); // sap_flags
5533 timestamp = av_rescale_q(pts, timescale, st->time_base);
5534
5535 index = update_frag_index(c, offset);
5536 frag_stream_info = get_frag_stream_info(&c->frag_index, index, track_id);
5537 if (frag_stream_info)
5538 frag_stream_info->sidx_pts = timestamp;
5539
5540 if (av_sat_add64(offset, size) != offset + (uint64_t)size ||
5541 av_sat_add64(pts, duration) != pts + (uint64_t)duration
5542 )
5543 return AVERROR_INVALIDDATA;
5544 offset += size;
5545 pts += duration;
5546 #ifdef OHOS_CAL_DASH_BITRATE
5547 sc->referenced_size += size;
5548 #endif
5549 }
5550
5551 st->duration = sc->track_end = pts;
5552
5553 sc->has_sidx = 1;
5554
5555 // See if the remaining bytes are just an mfra which we can ignore.
5556 is_complete = offset == stream_size;
5557 if (!is_complete && (pb->seekable & AVIO_SEEKABLE_NORMAL) && stream_size > 0 ) {
5558 int64_t ret;
5559 int64_t original_pos = avio_tell(pb);
5560 if (!c->have_read_mfra_size) {
5561 if ((ret = avio_seek(pb, stream_size - 4, SEEK_SET)) < 0)
5562 return ret;
5563 c->mfra_size = avio_rb32(pb);
5564 c->have_read_mfra_size = 1;
5565 if ((ret = avio_seek(pb, original_pos, SEEK_SET)) < 0)
5566 return ret;
5567 }
5568 if (offset == stream_size - c->mfra_size)
5569 is_complete = 1;
5570 }
5571
5572 if (is_complete) {
5573 // Find first entry in fragment index that came from an sidx.
5574 // This will pretty much always be the first entry.
5575 for (i = 0; i < c->frag_index.nb_items; i++) {
5576 MOVFragmentIndexItem * item = &c->frag_index.item[i];
5577 for (j = 0; ref_st == NULL && j < item->nb_stream_info; j++) {
5578 MOVFragmentStreamInfo * si;
5579 si = &item->stream_info[j];
5580 if (si->sidx_pts != AV_NOPTS_VALUE) {
5581 ref_st = c->fc->streams[j];
5582 ref_sc = ref_st->priv_data;
5583 break;
5584 }
5585 }
5586 }
5587 if (ref_st) for (i = 0; i < c->fc->nb_streams; i++) {
5588 st = c->fc->streams[i];
5589 sc = st->priv_data;
5590 if (!sc->has_sidx) {
5591 st->duration = sc->track_end = av_rescale(ref_st->duration, sc->time_scale, ref_sc->time_scale);
5592 }
5593 }
5594
5595 c->frag_index.complete = 1;
5596 }
5597
5598 return 0;
5599 }
5600
5601 /* this atom should be null (from specs), but some buggy files put the 'moov' atom inside it... */
5602 /* like the files created with Adobe Premiere 5.0, for samples see */
5603 /* http://graphics.tudelft.nl/~wouter/publications/soundtests/ */
mov_read_wide(MOVContext * c,AVIOContext * pb,MOVAtom atom)5604 static int mov_read_wide(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5605 {
5606 int err;
5607
5608 if (atom.size < 8)
5609 return 0; /* continue */
5610 if (avio_rb32(pb) != 0) { /* 0 sized mdat atom... use the 'wide' atom size */
5611 avio_skip(pb, atom.size - 4);
5612 return 0;
5613 }
5614 atom.type = avio_rl32(pb);
5615 atom.size -= 8;
5616 if (atom.type != MKTAG('m','d','a','t')) {
5617 avio_skip(pb, atom.size);
5618 return 0;
5619 }
5620 err = mov_read_mdat(c, pb, atom);
5621 return err;
5622 }
5623
mov_read_cmov(MOVContext * c,AVIOContext * pb,MOVAtom atom)5624 static int mov_read_cmov(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5625 {
5626 #if CONFIG_ZLIB
5627 FFIOContext ctx;
5628 uint8_t *cmov_data;
5629 uint8_t *moov_data; /* uncompressed data */
5630 long cmov_len, moov_len;
5631 int ret = -1;
5632
5633 avio_rb32(pb); /* dcom atom */
5634 if (avio_rl32(pb) != MKTAG('d','c','o','m'))
5635 return AVERROR_INVALIDDATA;
5636 if (avio_rl32(pb) != MKTAG('z','l','i','b')) {
5637 av_log(c->fc, AV_LOG_ERROR, "unknown compression for cmov atom !\n");
5638 return AVERROR_INVALIDDATA;
5639 }
5640 avio_rb32(pb); /* cmvd atom */
5641 if (avio_rl32(pb) != MKTAG('c','m','v','d'))
5642 return AVERROR_INVALIDDATA;
5643 moov_len = avio_rb32(pb); /* uncompressed size */
5644 cmov_len = atom.size - 6 * 4;
5645
5646 cmov_data = av_malloc(cmov_len);
5647 if (!cmov_data)
5648 return AVERROR(ENOMEM);
5649 moov_data = av_malloc(moov_len);
5650 if (!moov_data) {
5651 av_free(cmov_data);
5652 return AVERROR(ENOMEM);
5653 }
5654 ret = ffio_read_size(pb, cmov_data, cmov_len);
5655 if (ret < 0)
5656 goto free_and_return;
5657
5658 ret = AVERROR_INVALIDDATA;
5659 if (uncompress (moov_data, (uLongf *) &moov_len, (const Bytef *)cmov_data, cmov_len) != Z_OK)
5660 goto free_and_return;
5661 ffio_init_context(&ctx, moov_data, moov_len, 0, NULL, NULL, NULL, NULL);
5662 ctx.pub.seekable = AVIO_SEEKABLE_NORMAL;
5663 atom.type = MKTAG('m','o','o','v');
5664 atom.size = moov_len;
5665 ret = mov_read_default(c, &ctx.pub, atom);
5666 free_and_return:
5667 av_free(moov_data);
5668 av_free(cmov_data);
5669 return ret;
5670 #else
5671 av_log(c->fc, AV_LOG_ERROR, "this file requires zlib support compiled in\n");
5672 return AVERROR(ENOSYS);
5673 #endif
5674 }
5675
5676 /* edit list atom */
mov_read_elst(MOVContext * c,AVIOContext * pb,MOVAtom atom)5677 static int mov_read_elst(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5678 {
5679 MOVStreamContext *sc;
5680 int i, edit_count, version;
5681 int64_t elst_entry_size;
5682
5683 if (c->fc->nb_streams < 1 || c->ignore_editlist)
5684 return 0;
5685 sc = c->fc->streams[c->fc->nb_streams-1]->priv_data;
5686
5687 version = avio_r8(pb); /* version */
5688 avio_rb24(pb); /* flags */
5689 edit_count = avio_rb32(pb); /* entries */
5690 atom.size -= 8;
5691
5692 elst_entry_size = version == 1 ? 20 : 12;
5693 if (atom.size != edit_count * elst_entry_size) {
5694 if (c->fc->strict_std_compliance >= FF_COMPLIANCE_STRICT) {
5695 av_log(c->fc, AV_LOG_ERROR, "Invalid edit list entry_count: %d for elst atom of size: %"PRId64" bytes.\n",
5696 edit_count, atom.size + 8);
5697 return AVERROR_INVALIDDATA;
5698 } else {
5699 edit_count = atom.size / elst_entry_size;
5700 if (edit_count * elst_entry_size != atom.size) {
5701 av_log(c->fc, AV_LOG_WARNING, "ELST atom of %"PRId64" bytes, bigger than %d entries.\n", atom.size, edit_count);
5702 }
5703 }
5704 }
5705
5706 if (!edit_count)
5707 return 0;
5708 if (sc->elst_data)
5709 av_log(c->fc, AV_LOG_WARNING, "Duplicated ELST atom\n");
5710 av_free(sc->elst_data);
5711 sc->elst_count = 0;
5712 sc->elst_data = av_malloc_array(edit_count, sizeof(*sc->elst_data));
5713 if (!sc->elst_data)
5714 return AVERROR(ENOMEM);
5715
5716 av_log(c->fc, AV_LOG_TRACE, "track[%u].edit_count = %i\n", c->fc->nb_streams - 1, edit_count);
5717 for (i = 0; i < edit_count && atom.size > 0 && !pb->eof_reached; i++) {
5718 MOVElst *e = &sc->elst_data[i];
5719
5720 if (version == 1) {
5721 e->duration = avio_rb64(pb);
5722 e->time = avio_rb64(pb);
5723 atom.size -= 16;
5724 } else {
5725 e->duration = avio_rb32(pb); /* segment duration */
5726 e->time = (int32_t)avio_rb32(pb); /* media time */
5727 atom.size -= 8;
5728 }
5729 e->rate = avio_rb32(pb) / 65536.0;
5730 atom.size -= 4;
5731 av_log(c->fc, AV_LOG_TRACE, "duration=%"PRId64" time=%"PRId64" rate=%f\n",
5732 e->duration, e->time, e->rate);
5733
5734 if (e->time < 0 && e->time != -1 &&
5735 c->fc->strict_std_compliance >= FF_COMPLIANCE_STRICT) {
5736 av_log(c->fc, AV_LOG_ERROR, "Track %d, edit %d: Invalid edit list media time=%"PRId64"\n",
5737 c->fc->nb_streams-1, i, e->time);
5738 return AVERROR_INVALIDDATA;
5739 }
5740 }
5741 sc->elst_count = i;
5742
5743 return 0;
5744 }
5745
mov_read_tmcd(MOVContext * c,AVIOContext * pb,MOVAtom atom)5746 static int mov_read_tmcd(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5747 {
5748 MOVStreamContext *sc;
5749
5750 if (c->fc->nb_streams < 1)
5751 return AVERROR_INVALIDDATA;
5752 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5753 sc->timecode_track = avio_rb32(pb);
5754 return 0;
5755 }
5756
mov_read_vpcc(MOVContext * c,AVIOContext * pb,MOVAtom atom)5757 static int mov_read_vpcc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5758 {
5759 AVStream *st;
5760 int version, color_range, color_primaries, color_trc, color_space;
5761
5762 if (c->fc->nb_streams < 1)
5763 return 0;
5764 st = c->fc->streams[c->fc->nb_streams - 1];
5765
5766 if (atom.size < 5) {
5767 av_log(c->fc, AV_LOG_ERROR, "Empty VP Codec Configuration box\n");
5768 return AVERROR_INVALIDDATA;
5769 }
5770
5771 version = avio_r8(pb);
5772 if (version != 1) {
5773 av_log(c->fc, AV_LOG_WARNING, "Unsupported VP Codec Configuration box version %d\n", version);
5774 return 0;
5775 }
5776 avio_skip(pb, 3); /* flags */
5777
5778 avio_skip(pb, 2); /* profile + level */
5779 color_range = avio_r8(pb); /* bitDepth, chromaSubsampling, videoFullRangeFlag */
5780 color_primaries = avio_r8(pb);
5781 color_trc = avio_r8(pb);
5782 color_space = avio_r8(pb);
5783 if (avio_rb16(pb)) /* codecIntializationDataSize */
5784 return AVERROR_INVALIDDATA;
5785
5786 if (!av_color_primaries_name(color_primaries))
5787 color_primaries = AVCOL_PRI_UNSPECIFIED;
5788 if (!av_color_transfer_name(color_trc))
5789 color_trc = AVCOL_TRC_UNSPECIFIED;
5790 if (!av_color_space_name(color_space))
5791 color_space = AVCOL_SPC_UNSPECIFIED;
5792
5793 st->codecpar->color_range = (color_range & 1) ? AVCOL_RANGE_JPEG : AVCOL_RANGE_MPEG;
5794 st->codecpar->color_primaries = color_primaries;
5795 st->codecpar->color_trc = color_trc;
5796 st->codecpar->color_space = color_space;
5797
5798 return 0;
5799 }
5800
mov_read_smdm(MOVContext * c,AVIOContext * pb,MOVAtom atom)5801 static int mov_read_smdm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5802 {
5803 MOVStreamContext *sc;
5804 int i, version;
5805
5806 if (c->fc->nb_streams < 1)
5807 return AVERROR_INVALIDDATA;
5808
5809 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5810
5811 if (atom.size < 5) {
5812 av_log(c->fc, AV_LOG_ERROR, "Empty Mastering Display Metadata box\n");
5813 return AVERROR_INVALIDDATA;
5814 }
5815
5816 version = avio_r8(pb);
5817 if (version) {
5818 av_log(c->fc, AV_LOG_WARNING, "Unsupported Mastering Display Metadata box version %d\n", version);
5819 return 0;
5820 }
5821 if (sc->mastering)
5822 return AVERROR_INVALIDDATA;
5823
5824 avio_skip(pb, 3); /* flags */
5825
5826 sc->mastering = av_mastering_display_metadata_alloc();
5827 if (!sc->mastering)
5828 return AVERROR(ENOMEM);
5829
5830 for (i = 0; i < 3; i++) {
5831 sc->mastering->display_primaries[i][0] = av_make_q(avio_rb16(pb), 1 << 16);
5832 sc->mastering->display_primaries[i][1] = av_make_q(avio_rb16(pb), 1 << 16);
5833 }
5834 sc->mastering->white_point[0] = av_make_q(avio_rb16(pb), 1 << 16);
5835 sc->mastering->white_point[1] = av_make_q(avio_rb16(pb), 1 << 16);
5836
5837 sc->mastering->max_luminance = av_make_q(avio_rb32(pb), 1 << 8);
5838 sc->mastering->min_luminance = av_make_q(avio_rb32(pb), 1 << 14);
5839
5840 sc->mastering->has_primaries = 1;
5841 sc->mastering->has_luminance = 1;
5842
5843 return 0;
5844 }
5845
mov_read_mdcv(MOVContext * c,AVIOContext * pb,MOVAtom atom)5846 static int mov_read_mdcv(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5847 {
5848 MOVStreamContext *sc;
5849 const int mapping[3] = {1, 2, 0};
5850 const int chroma_den = 50000;
5851 const int luma_den = 10000;
5852 int i;
5853
5854 if (c->fc->nb_streams < 1)
5855 return AVERROR_INVALIDDATA;
5856
5857 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5858
5859 if (atom.size < 24 || sc->mastering) {
5860 av_log(c->fc, AV_LOG_ERROR, "Invalid Mastering Display Color Volume box\n");
5861 return AVERROR_INVALIDDATA;
5862 }
5863
5864 sc->mastering = av_mastering_display_metadata_alloc();
5865 if (!sc->mastering)
5866 return AVERROR(ENOMEM);
5867
5868 for (i = 0; i < 3; i++) {
5869 const int j = mapping[i];
5870 sc->mastering->display_primaries[j][0] = av_make_q(avio_rb16(pb), chroma_den);
5871 sc->mastering->display_primaries[j][1] = av_make_q(avio_rb16(pb), chroma_den);
5872 }
5873 sc->mastering->white_point[0] = av_make_q(avio_rb16(pb), chroma_den);
5874 sc->mastering->white_point[1] = av_make_q(avio_rb16(pb), chroma_den);
5875
5876 sc->mastering->max_luminance = av_make_q(avio_rb32(pb), luma_den);
5877 sc->mastering->min_luminance = av_make_q(avio_rb32(pb), luma_den);
5878
5879 sc->mastering->has_luminance = 1;
5880 sc->mastering->has_primaries = 1;
5881
5882 return 0;
5883 }
5884
mov_read_coll(MOVContext * c,AVIOContext * pb,MOVAtom atom)5885 static int mov_read_coll(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5886 {
5887 MOVStreamContext *sc;
5888 int version;
5889
5890 if (c->fc->nb_streams < 1)
5891 return AVERROR_INVALIDDATA;
5892
5893 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5894
5895 if (atom.size < 5) {
5896 av_log(c->fc, AV_LOG_ERROR, "Empty Content Light Level box\n");
5897 return AVERROR_INVALIDDATA;
5898 }
5899
5900 version = avio_r8(pb);
5901 if (version) {
5902 av_log(c->fc, AV_LOG_WARNING, "Unsupported Content Light Level box version %d\n", version);
5903 return 0;
5904 }
5905 avio_skip(pb, 3); /* flags */
5906
5907 if (sc->coll){
5908 av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicate COLL\n");
5909 return 0;
5910 }
5911
5912 sc->coll = av_content_light_metadata_alloc(&sc->coll_size);
5913 if (!sc->coll)
5914 return AVERROR(ENOMEM);
5915
5916 sc->coll->MaxCLL = avio_rb16(pb);
5917 sc->coll->MaxFALL = avio_rb16(pb);
5918
5919 return 0;
5920 }
5921
mov_read_clli(MOVContext * c,AVIOContext * pb,MOVAtom atom)5922 static int mov_read_clli(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5923 {
5924 MOVStreamContext *sc;
5925
5926 if (c->fc->nb_streams < 1)
5927 return AVERROR_INVALIDDATA;
5928
5929 sc = c->fc->streams[c->fc->nb_streams - 1]->priv_data;
5930
5931 if (atom.size < 4) {
5932 av_log(c->fc, AV_LOG_ERROR, "Empty Content Light Level Info box\n");
5933 return AVERROR_INVALIDDATA;
5934 }
5935
5936 if (sc->coll){
5937 av_log(c->fc, AV_LOG_WARNING, "Ignoring duplicate CLLI/COLL\n");
5938 return 0;
5939 }
5940
5941 sc->coll = av_content_light_metadata_alloc(&sc->coll_size);
5942 if (!sc->coll)
5943 return AVERROR(ENOMEM);
5944
5945 sc->coll->MaxCLL = avio_rb16(pb);
5946 sc->coll->MaxFALL = avio_rb16(pb);
5947
5948 return 0;
5949 }
5950
mov_read_st3d(MOVContext * c,AVIOContext * pb,MOVAtom atom)5951 static int mov_read_st3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5952 {
5953 AVStream *st;
5954 MOVStreamContext *sc;
5955 enum AVStereo3DType type;
5956 int mode;
5957
5958 if (c->fc->nb_streams < 1)
5959 return 0;
5960
5961 st = c->fc->streams[c->fc->nb_streams - 1];
5962 sc = st->priv_data;
5963
5964 if (atom.size < 5) {
5965 av_log(c->fc, AV_LOG_ERROR, "Empty stereoscopic video box\n");
5966 return AVERROR_INVALIDDATA;
5967 }
5968
5969 if (sc->stereo3d)
5970 return AVERROR_INVALIDDATA;
5971
5972 avio_skip(pb, 4); /* version + flags */
5973
5974 mode = avio_r8(pb);
5975 switch (mode) {
5976 case 0:
5977 type = AV_STEREO3D_2D;
5978 break;
5979 case 1:
5980 type = AV_STEREO3D_TOPBOTTOM;
5981 break;
5982 case 2:
5983 type = AV_STEREO3D_SIDEBYSIDE;
5984 break;
5985 default:
5986 av_log(c->fc, AV_LOG_WARNING, "Unknown st3d mode value %d\n", mode);
5987 return 0;
5988 }
5989
5990 sc->stereo3d = av_stereo3d_alloc();
5991 if (!sc->stereo3d)
5992 return AVERROR(ENOMEM);
5993
5994 sc->stereo3d->type = type;
5995 return 0;
5996 }
5997
mov_read_sv3d(MOVContext * c,AVIOContext * pb,MOVAtom atom)5998 static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
5999 {
6000 AVStream *st;
6001 MOVStreamContext *sc;
6002 int size, version, layout;
6003 int32_t yaw, pitch, roll;
6004 uint32_t l = 0, t = 0, r = 0, b = 0;
6005 uint32_t tag, padding = 0;
6006 enum AVSphericalProjection projection;
6007
6008 if (c->fc->nb_streams < 1)
6009 return 0;
6010
6011 st = c->fc->streams[c->fc->nb_streams - 1];
6012 sc = st->priv_data;
6013
6014 if (atom.size < 8) {
6015 av_log(c->fc, AV_LOG_ERROR, "Empty spherical video box\n");
6016 return AVERROR_INVALIDDATA;
6017 }
6018
6019 size = avio_rb32(pb);
6020 if (size <= 12 || size > atom.size)
6021 return AVERROR_INVALIDDATA;
6022
6023 tag = avio_rl32(pb);
6024 if (tag != MKTAG('s','v','h','d')) {
6025 av_log(c->fc, AV_LOG_ERROR, "Missing spherical video header\n");
6026 return 0;
6027 }
6028 version = avio_r8(pb);
6029 if (version != 0) {
6030 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
6031 version);
6032 return 0;
6033 }
6034 avio_skip(pb, 3); /* flags */
6035 avio_skip(pb, size - 12); /* metadata_source */
6036
6037 size = avio_rb32(pb);
6038 if (size > atom.size)
6039 return AVERROR_INVALIDDATA;
6040
6041 tag = avio_rl32(pb);
6042 if (tag != MKTAG('p','r','o','j')) {
6043 av_log(c->fc, AV_LOG_ERROR, "Missing projection box\n");
6044 return 0;
6045 }
6046
6047 size = avio_rb32(pb);
6048 if (size > atom.size)
6049 return AVERROR_INVALIDDATA;
6050
6051 tag = avio_rl32(pb);
6052 if (tag != MKTAG('p','r','h','d')) {
6053 av_log(c->fc, AV_LOG_ERROR, "Missing projection header box\n");
6054 return 0;
6055 }
6056 version = avio_r8(pb);
6057 if (version != 0) {
6058 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
6059 version);
6060 return 0;
6061 }
6062 avio_skip(pb, 3); /* flags */
6063
6064 /* 16.16 fixed point */
6065 yaw = avio_rb32(pb);
6066 pitch = avio_rb32(pb);
6067 roll = avio_rb32(pb);
6068
6069 size = avio_rb32(pb);
6070 if (size > atom.size)
6071 return AVERROR_INVALIDDATA;
6072
6073 tag = avio_rl32(pb);
6074 version = avio_r8(pb);
6075 if (version != 0) {
6076 av_log(c->fc, AV_LOG_WARNING, "Unknown spherical version %d\n",
6077 version);
6078 return 0;
6079 }
6080 avio_skip(pb, 3); /* flags */
6081 switch (tag) {
6082 case MKTAG('c','b','m','p'):
6083 layout = avio_rb32(pb);
6084 if (layout) {
6085 av_log(c->fc, AV_LOG_WARNING,
6086 "Unsupported cubemap layout %d\n", layout);
6087 return 0;
6088 }
6089 projection = AV_SPHERICAL_CUBEMAP;
6090 padding = avio_rb32(pb);
6091 break;
6092 case MKTAG('e','q','u','i'):
6093 t = avio_rb32(pb);
6094 b = avio_rb32(pb);
6095 l = avio_rb32(pb);
6096 r = avio_rb32(pb);
6097
6098 if (b >= UINT_MAX - t || r >= UINT_MAX - l) {
6099 av_log(c->fc, AV_LOG_ERROR,
6100 "Invalid bounding rectangle coordinates "
6101 "%"PRIu32",%"PRIu32",%"PRIu32",%"PRIu32"\n", l, t, r, b);
6102 return AVERROR_INVALIDDATA;
6103 }
6104
6105 if (l || t || r || b)
6106 projection = AV_SPHERICAL_EQUIRECTANGULAR_TILE;
6107 else
6108 projection = AV_SPHERICAL_EQUIRECTANGULAR;
6109 break;
6110 default:
6111 av_log(c->fc, AV_LOG_ERROR, "Unknown projection type: %s\n", av_fourcc2str(tag));
6112 return 0;
6113 }
6114
6115 sc->spherical = av_spherical_alloc(&sc->spherical_size);
6116 if (!sc->spherical)
6117 return AVERROR(ENOMEM);
6118
6119 sc->spherical->projection = projection;
6120
6121 sc->spherical->yaw = yaw;
6122 sc->spherical->pitch = pitch;
6123 sc->spherical->roll = roll;
6124
6125 sc->spherical->padding = padding;
6126
6127 sc->spherical->bound_left = l;
6128 sc->spherical->bound_top = t;
6129 sc->spherical->bound_right = r;
6130 sc->spherical->bound_bottom = b;
6131
6132 return 0;
6133 }
6134
mov_parse_uuid_spherical(MOVStreamContext * sc,AVIOContext * pb,size_t len)6135 static int mov_parse_uuid_spherical(MOVStreamContext *sc, AVIOContext *pb, size_t len)
6136 {
6137 int ret = 0;
6138 uint8_t *buffer = av_malloc(len + 1);
6139 const char *val;
6140
6141 if (!buffer)
6142 return AVERROR(ENOMEM);
6143 buffer[len] = '\0';
6144
6145 ret = ffio_read_size(pb, buffer, len);
6146 if (ret < 0)
6147 goto out;
6148
6149 /* Check for mandatory keys and values, try to support XML as best-effort */
6150 if (!sc->spherical &&
6151 av_stristr(buffer, "<GSpherical:StitchingSoftware>") &&
6152 (val = av_stristr(buffer, "<GSpherical:Spherical>")) &&
6153 av_stristr(val, "true") &&
6154 (val = av_stristr(buffer, "<GSpherical:Stitched>")) &&
6155 av_stristr(val, "true") &&
6156 (val = av_stristr(buffer, "<GSpherical:ProjectionType>")) &&
6157 av_stristr(val, "equirectangular")) {
6158 sc->spherical = av_spherical_alloc(&sc->spherical_size);
6159 if (!sc->spherical)
6160 goto out;
6161
6162 sc->spherical->projection = AV_SPHERICAL_EQUIRECTANGULAR;
6163
6164 if (av_stristr(buffer, "<GSpherical:StereoMode>") && !sc->stereo3d) {
6165 enum AVStereo3DType mode;
6166
6167 if (av_stristr(buffer, "left-right"))
6168 mode = AV_STEREO3D_SIDEBYSIDE;
6169 else if (av_stristr(buffer, "top-bottom"))
6170 mode = AV_STEREO3D_TOPBOTTOM;
6171 else
6172 mode = AV_STEREO3D_2D;
6173
6174 sc->stereo3d = av_stereo3d_alloc();
6175 if (!sc->stereo3d)
6176 goto out;
6177
6178 sc->stereo3d->type = mode;
6179 }
6180
6181 /* orientation */
6182 val = av_stristr(buffer, "<GSpherical:InitialViewHeadingDegrees>");
6183 if (val)
6184 sc->spherical->yaw = strtol(val, NULL, 10) * (1 << 16);
6185 val = av_stristr(buffer, "<GSpherical:InitialViewPitchDegrees>");
6186 if (val)
6187 sc->spherical->pitch = strtol(val, NULL, 10) * (1 << 16);
6188 val = av_stristr(buffer, "<GSpherical:InitialViewRollDegrees>");
6189 if (val)
6190 sc->spherical->roll = strtol(val, NULL, 10) * (1 << 16);
6191 }
6192
6193 out:
6194 av_free(buffer);
6195 return ret;
6196 }
6197
mov_read_uuid(MOVContext * c,AVIOContext * pb,MOVAtom atom)6198 static int mov_read_uuid(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6199 {
6200 AVStream *st;
6201 MOVStreamContext *sc;
6202 int64_t ret;
6203 AVUUID uuid;
6204 static const AVUUID uuid_isml_manifest = {
6205 0xa5, 0xd4, 0x0b, 0x30, 0xe8, 0x14, 0x11, 0xdd,
6206 0xba, 0x2f, 0x08, 0x00, 0x20, 0x0c, 0x9a, 0x66
6207 };
6208 static const AVUUID uuid_xmp = {
6209 0xbe, 0x7a, 0xcf, 0xcb, 0x97, 0xa9, 0x42, 0xe8,
6210 0x9c, 0x71, 0x99, 0x94, 0x91, 0xe3, 0xaf, 0xac
6211 };
6212 static const AVUUID uuid_spherical = {
6213 0xff, 0xcc, 0x82, 0x63, 0xf8, 0x55, 0x4a, 0x93,
6214 0x88, 0x14, 0x58, 0x7a, 0x02, 0x52, 0x1f, 0xdd,
6215 };
6216
6217 if (atom.size < AV_UUID_LEN || atom.size >= FFMIN(INT_MAX, SIZE_MAX))
6218 return AVERROR_INVALIDDATA;
6219
6220 if (c->fc->nb_streams < 1)
6221 return 0;
6222 st = c->fc->streams[c->fc->nb_streams - 1];
6223 sc = st->priv_data;
6224
6225 ret = ffio_read_size(pb, uuid, AV_UUID_LEN);
6226 if (ret < 0)
6227 return ret;
6228 if (av_uuid_equal(uuid, uuid_isml_manifest)) {
6229 uint8_t *buffer, *ptr;
6230 char *endptr;
6231 size_t len = atom.size - AV_UUID_LEN;
6232
6233 if (len < 4) {
6234 return AVERROR_INVALIDDATA;
6235 }
6236 ret = avio_skip(pb, 4); // zeroes
6237 len -= 4;
6238
6239 buffer = av_mallocz(len + 1);
6240 if (!buffer) {
6241 return AVERROR(ENOMEM);
6242 }
6243 ret = ffio_read_size(pb, buffer, len);
6244 if (ret < 0) {
6245 av_free(buffer);
6246 return ret;
6247 }
6248
6249 ptr = buffer;
6250 while ((ptr = av_stristr(ptr, "systemBitrate=\""))) {
6251 ptr += sizeof("systemBitrate=\"") - 1;
6252 c->bitrates_count++;
6253 c->bitrates = av_realloc_f(c->bitrates, c->bitrates_count, sizeof(*c->bitrates));
6254 if (!c->bitrates) {
6255 c->bitrates_count = 0;
6256 av_free(buffer);
6257 return AVERROR(ENOMEM);
6258 }
6259 errno = 0;
6260 ret = strtol(ptr, &endptr, 10);
6261 if (ret < 0 || errno || *endptr != '"') {
6262 c->bitrates[c->bitrates_count - 1] = 0;
6263 } else {
6264 c->bitrates[c->bitrates_count - 1] = ret;
6265 }
6266 }
6267
6268 av_free(buffer);
6269 } else if (av_uuid_equal(uuid, uuid_xmp)) {
6270 uint8_t *buffer;
6271 size_t len = atom.size - AV_UUID_LEN;
6272 if (c->export_xmp) {
6273 buffer = av_mallocz(len + 1);
6274 if (!buffer) {
6275 return AVERROR(ENOMEM);
6276 }
6277 ret = ffio_read_size(pb, buffer, len);
6278 if (ret < 0) {
6279 av_free(buffer);
6280 return ret;
6281 }
6282 buffer[len] = '\0';
6283 av_dict_set(&c->fc->metadata, "xmp",
6284 buffer, AV_DICT_DONT_STRDUP_VAL);
6285 } else {
6286 // skip all uuid atom, which makes it fast for long uuid-xmp file
6287 ret = avio_skip(pb, len);
6288 if (ret < 0)
6289 return ret;
6290 }
6291 } else if (av_uuid_equal(uuid, uuid_spherical)) {
6292 size_t len = atom.size - AV_UUID_LEN;
6293 ret = mov_parse_uuid_spherical(sc, pb, len);
6294 if (ret < 0)
6295 return ret;
6296 if (!sc->spherical)
6297 av_log(c->fc, AV_LOG_WARNING, "Invalid spherical metadata found\n");
6298 }
6299
6300 return 0;
6301 }
6302
mov_read_free(MOVContext * c,AVIOContext * pb,MOVAtom atom)6303 static int mov_read_free(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6304 {
6305 int ret;
6306 uint8_t content[16];
6307
6308 if (atom.size < 8)
6309 return 0;
6310
6311 ret = ffio_read_size(pb, content, FFMIN(sizeof(content), atom.size));
6312 if (ret < 0)
6313 return ret;
6314
6315 if ( !c->found_moov
6316 && !c->found_mdat
6317 && !memcmp(content, "Anevia\x1A\x1A", 8)
6318 && c->use_mfra_for == FF_MOV_FLAG_MFRA_AUTO) {
6319 c->use_mfra_for = FF_MOV_FLAG_MFRA_PTS;
6320 }
6321
6322 return 0;
6323 }
6324
mov_read_frma(MOVContext * c,AVIOContext * pb,MOVAtom atom)6325 static int mov_read_frma(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6326 {
6327 uint32_t format = avio_rl32(pb);
6328 MOVStreamContext *sc;
6329 enum AVCodecID id;
6330 AVStream *st;
6331
6332 if (c->fc->nb_streams < 1)
6333 return 0;
6334 st = c->fc->streams[c->fc->nb_streams - 1];
6335 sc = st->priv_data;
6336
6337 switch (sc->format)
6338 {
6339 case MKTAG('e','n','c','v'): // encrypted video
6340 case MKTAG('e','n','c','a'): // encrypted audio
6341 id = mov_codec_id(st, format);
6342 if (st->codecpar->codec_id != AV_CODEC_ID_NONE &&
6343 st->codecpar->codec_id != id) {
6344 av_log(c->fc, AV_LOG_WARNING,
6345 "ignoring 'frma' atom of '%.4s', stream has codec id %d\n",
6346 (char*)&format, st->codecpar->codec_id);
6347 break;
6348 }
6349
6350 st->codecpar->codec_id = id;
6351 sc->format = format;
6352 break;
6353
6354 default:
6355 if (format != sc->format) {
6356 av_log(c->fc, AV_LOG_WARNING,
6357 "ignoring 'frma' atom of '%.4s', stream format is '%.4s'\n",
6358 (char*)&format, (char*)&sc->format);
6359 }
6360 break;
6361 }
6362
6363 return 0;
6364 }
6365
6366 /**
6367 * Gets the current encryption info and associated current stream context. If
6368 * we are parsing a track fragment, this will return the specific encryption
6369 * info for this fragment; otherwise this will return the global encryption
6370 * info for the current stream.
6371 */
get_current_encryption_info(MOVContext * c,MOVEncryptionIndex ** encryption_index,MOVStreamContext ** sc)6372 static int get_current_encryption_info(MOVContext *c, MOVEncryptionIndex **encryption_index, MOVStreamContext **sc)
6373 {
6374 MOVFragmentStreamInfo *frag_stream_info;
6375 AVStream *st;
6376 int i;
6377
6378 frag_stream_info = get_current_frag_stream_info(&c->frag_index);
6379 if (frag_stream_info) {
6380 for (i = 0; i < c->fc->nb_streams; i++) {
6381 if (c->fc->streams[i]->id == frag_stream_info->id) {
6382 st = c->fc->streams[i];
6383 break;
6384 }
6385 }
6386 if (i == c->fc->nb_streams)
6387 return 0;
6388 *sc = st->priv_data;
6389
6390 if (!frag_stream_info->encryption_index) {
6391 // If this stream isn't encrypted, don't create the index.
6392 if (!(*sc)->cenc.default_encrypted_sample)
6393 return 0;
6394 frag_stream_info->encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index));
6395 if (!frag_stream_info->encryption_index)
6396 return AVERROR(ENOMEM);
6397 }
6398 *encryption_index = frag_stream_info->encryption_index;
6399 return 1;
6400 } else {
6401 // No current track fragment, using stream level encryption info.
6402
6403 if (c->fc->nb_streams < 1)
6404 return 0;
6405 st = c->fc->streams[c->fc->nb_streams - 1];
6406 *sc = st->priv_data;
6407
6408 if (!(*sc)->cenc.encryption_index) {
6409 // If this stream isn't encrypted, don't create the index.
6410 if (!(*sc)->cenc.default_encrypted_sample)
6411 return 0;
6412 (*sc)->cenc.encryption_index = av_mallocz(sizeof(*frag_stream_info->encryption_index));
6413 if (!(*sc)->cenc.encryption_index)
6414 return AVERROR(ENOMEM);
6415 }
6416
6417 *encryption_index = (*sc)->cenc.encryption_index;
6418 return 1;
6419 }
6420 }
6421
mov_read_sample_encryption_info(MOVContext * c,AVIOContext * pb,MOVStreamContext * sc,AVEncryptionInfo ** sample,int use_subsamples)6422 static int mov_read_sample_encryption_info(MOVContext *c, AVIOContext *pb, MOVStreamContext *sc, AVEncryptionInfo **sample, int use_subsamples)
6423 {
6424 int i, ret;
6425 unsigned int subsample_count;
6426 AVSubsampleEncryptionInfo *subsamples;
6427
6428 if (!sc->cenc.default_encrypted_sample) {
6429 av_log(c->fc, AV_LOG_ERROR, "Missing schm or tenc\n");
6430 return AVERROR_INVALIDDATA;
6431 }
6432
6433 *sample = av_encryption_info_clone(sc->cenc.default_encrypted_sample);
6434 if (!*sample)
6435 return AVERROR(ENOMEM);
6436
6437 if (sc->cenc.per_sample_iv_size != 0) {
6438 if ((ret = ffio_read_size(pb, (*sample)->iv, sc->cenc.per_sample_iv_size)) < 0) {
6439 av_log(c->fc, AV_LOG_ERROR, "failed to read the initialization vector\n");
6440 av_encryption_info_free(*sample);
6441 *sample = NULL;
6442 return ret;
6443 }
6444 }
6445
6446 if (use_subsamples) {
6447 subsample_count = avio_rb16(pb);
6448 av_free((*sample)->subsamples);
6449 (*sample)->subsamples = av_calloc(subsample_count, sizeof(*subsamples));
6450 if (!(*sample)->subsamples) {
6451 av_encryption_info_free(*sample);
6452 *sample = NULL;
6453 return AVERROR(ENOMEM);
6454 }
6455
6456 for (i = 0; i < subsample_count && !pb->eof_reached; i++) {
6457 (*sample)->subsamples[i].bytes_of_clear_data = avio_rb16(pb);
6458 (*sample)->subsamples[i].bytes_of_protected_data = avio_rb32(pb);
6459 }
6460
6461 if (pb->eof_reached) {
6462 av_log(c->fc, AV_LOG_ERROR, "hit EOF while reading sub-sample encryption info\n");
6463 av_encryption_info_free(*sample);
6464 *sample = NULL;
6465 return AVERROR_INVALIDDATA;
6466 }
6467 (*sample)->subsample_count = subsample_count;
6468 }
6469
6470 return 0;
6471 }
6472
mov_read_senc(MOVContext * c,AVIOContext * pb,MOVAtom atom)6473 static int mov_read_senc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6474 {
6475 AVEncryptionInfo **encrypted_samples;
6476 MOVEncryptionIndex *encryption_index;
6477 MOVStreamContext *sc;
6478 int use_subsamples, ret;
6479 unsigned int sample_count, i, alloc_size = 0;
6480
6481 ret = get_current_encryption_info(c, &encryption_index, &sc);
6482 if (ret != 1)
6483 return ret;
6484
6485 if (encryption_index->nb_encrypted_samples) {
6486 // This can happen if we have both saio/saiz and senc atoms.
6487 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in senc\n");
6488 return 0;
6489 }
6490
6491 avio_r8(pb); /* version */
6492 use_subsamples = avio_rb24(pb) & 0x02; /* flags */
6493
6494 sample_count = avio_rb32(pb);
6495 if (sample_count >= INT_MAX / sizeof(*encrypted_samples))
6496 return AVERROR(ENOMEM);
6497
6498 for (i = 0; i < sample_count; i++) {
6499 unsigned int min_samples = FFMIN(FFMAX(i + 1, 1024 * 1024), sample_count);
6500 encrypted_samples = av_fast_realloc(encryption_index->encrypted_samples, &alloc_size,
6501 min_samples * sizeof(*encrypted_samples));
6502 if (encrypted_samples) {
6503 encryption_index->encrypted_samples = encrypted_samples;
6504
6505 ret = mov_read_sample_encryption_info(
6506 c, pb, sc, &encryption_index->encrypted_samples[i], use_subsamples);
6507 } else {
6508 ret = AVERROR(ENOMEM);
6509 }
6510 if (pb->eof_reached) {
6511 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading senc\n");
6512 if (ret >= 0)
6513 av_encryption_info_free(encryption_index->encrypted_samples[i]);
6514 ret = AVERROR_INVALIDDATA;
6515 }
6516
6517 if (ret < 0) {
6518 for (; i > 0; i--)
6519 av_encryption_info_free(encryption_index->encrypted_samples[i - 1]);
6520 av_freep(&encryption_index->encrypted_samples);
6521 return ret;
6522 }
6523 }
6524 encryption_index->nb_encrypted_samples = sample_count;
6525
6526 return 0;
6527 }
6528
mov_parse_auxiliary_info(MOVContext * c,MOVStreamContext * sc,AVIOContext * pb,MOVEncryptionIndex * encryption_index)6529 static int mov_parse_auxiliary_info(MOVContext *c, MOVStreamContext *sc, AVIOContext *pb, MOVEncryptionIndex *encryption_index)
6530 {
6531 AVEncryptionInfo **sample, **encrypted_samples;
6532 int64_t prev_pos;
6533 size_t sample_count, sample_info_size, i;
6534 int ret = 0;
6535 unsigned int alloc_size = 0;
6536
6537 if (encryption_index->nb_encrypted_samples)
6538 return 0;
6539 sample_count = encryption_index->auxiliary_info_sample_count;
6540 if (encryption_index->auxiliary_offsets_count != 1) {
6541 av_log(c->fc, AV_LOG_ERROR, "Multiple auxiliary info chunks are not supported\n");
6542 return AVERROR_PATCHWELCOME;
6543 }
6544 if (sample_count >= INT_MAX / sizeof(*encrypted_samples))
6545 return AVERROR(ENOMEM);
6546
6547 prev_pos = avio_tell(pb);
6548 if (!(pb->seekable & AVIO_SEEKABLE_NORMAL) ||
6549 avio_seek(pb, encryption_index->auxiliary_offsets[0], SEEK_SET) != encryption_index->auxiliary_offsets[0]) {
6550 av_log(c->fc, AV_LOG_INFO, "Failed to seek for auxiliary info, will only parse senc atoms for encryption info\n");
6551 goto finish;
6552 }
6553
6554 for (i = 0; i < sample_count && !pb->eof_reached; i++) {
6555 unsigned int min_samples = FFMIN(FFMAX(i + 1, 1024 * 1024), sample_count);
6556 encrypted_samples = av_fast_realloc(encryption_index->encrypted_samples, &alloc_size,
6557 min_samples * sizeof(*encrypted_samples));
6558 if (!encrypted_samples) {
6559 ret = AVERROR(ENOMEM);
6560 goto finish;
6561 }
6562 encryption_index->encrypted_samples = encrypted_samples;
6563
6564 sample = &encryption_index->encrypted_samples[i];
6565 sample_info_size = encryption_index->auxiliary_info_default_size
6566 ? encryption_index->auxiliary_info_default_size
6567 : encryption_index->auxiliary_info_sizes[i];
6568
6569 ret = mov_read_sample_encryption_info(c, pb, sc, sample, sample_info_size > sc->cenc.per_sample_iv_size);
6570 if (ret < 0)
6571 goto finish;
6572 }
6573 if (pb->eof_reached) {
6574 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading auxiliary info\n");
6575 ret = AVERROR_INVALIDDATA;
6576 } else {
6577 encryption_index->nb_encrypted_samples = sample_count;
6578 }
6579
6580 finish:
6581 avio_seek(pb, prev_pos, SEEK_SET);
6582 if (ret < 0) {
6583 for (; i > 0; i--) {
6584 av_encryption_info_free(encryption_index->encrypted_samples[i - 1]);
6585 }
6586 av_freep(&encryption_index->encrypted_samples);
6587 }
6588 return ret;
6589 }
6590
6591 /**
6592 * Tries to read the given number of bytes from the stream and puts it in a
6593 * newly allocated buffer. This reads in small chunks to avoid allocating large
6594 * memory if the file contains an invalid/malicious size value.
6595 */
mov_try_read_block(AVIOContext * pb,size_t size,uint8_t ** data)6596 static int mov_try_read_block(AVIOContext *pb, size_t size, uint8_t **data)
6597 {
6598 const unsigned int block_size = 1024 * 1024;
6599 uint8_t *buffer = NULL;
6600 unsigned int alloc_size = 0, offset = 0;
6601 while (offset < size) {
6602 unsigned int new_size =
6603 alloc_size >= INT_MAX - block_size ? INT_MAX : alloc_size + block_size;
6604 uint8_t *new_buffer = av_fast_realloc(buffer, &alloc_size, new_size);
6605 unsigned int to_read = FFMIN(size, alloc_size) - offset;
6606 if (!new_buffer) {
6607 av_free(buffer);
6608 return AVERROR(ENOMEM);
6609 }
6610 buffer = new_buffer;
6611
6612 if (avio_read(pb, buffer + offset, to_read) != to_read) {
6613 av_free(buffer);
6614 return AVERROR_INVALIDDATA;
6615 }
6616 offset += to_read;
6617 }
6618
6619 *data = buffer;
6620 return 0;
6621 }
6622
mov_read_saiz(MOVContext * c,AVIOContext * pb,MOVAtom atom)6623 static int mov_read_saiz(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6624 {
6625 MOVEncryptionIndex *encryption_index;
6626 MOVStreamContext *sc;
6627 int ret;
6628 unsigned int sample_count, aux_info_type, aux_info_param;
6629
6630 ret = get_current_encryption_info(c, &encryption_index, &sc);
6631 if (ret != 1)
6632 return ret;
6633
6634 if (encryption_index->nb_encrypted_samples) {
6635 // This can happen if we have both saio/saiz and senc atoms.
6636 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saiz\n");
6637 return 0;
6638 }
6639
6640 if (encryption_index->auxiliary_info_sample_count) {
6641 av_log(c->fc, AV_LOG_ERROR, "Duplicate saiz atom\n");
6642 return AVERROR_INVALIDDATA;
6643 }
6644
6645 avio_r8(pb); /* version */
6646 if (avio_rb24(pb) & 0x01) { /* flags */
6647 aux_info_type = avio_rb32(pb);
6648 aux_info_param = avio_rb32(pb);
6649 if (sc->cenc.default_encrypted_sample) {
6650 if (aux_info_type != sc->cenc.default_encrypted_sample->scheme) {
6651 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saiz box with non-zero aux_info_type\n");
6652 return 0;
6653 }
6654 if (aux_info_param != 0) {
6655 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saiz box with non-zero aux_info_type_parameter\n");
6656 return 0;
6657 }
6658 } else {
6659 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6660 if ((aux_info_type == MKBETAG('c','e','n','c') ||
6661 aux_info_type == MKBETAG('c','e','n','s') ||
6662 aux_info_type == MKBETAG('c','b','c','1') ||
6663 aux_info_type == MKBETAG('c','b','c','s')) &&
6664 aux_info_param == 0) {
6665 av_log(c->fc, AV_LOG_ERROR, "Saw encrypted saiz without schm/tenc\n");
6666 return AVERROR_INVALIDDATA;
6667 } else {
6668 return 0;
6669 }
6670 }
6671 } else if (!sc->cenc.default_encrypted_sample) {
6672 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6673 return 0;
6674 }
6675
6676 encryption_index->auxiliary_info_default_size = avio_r8(pb);
6677 sample_count = avio_rb32(pb);
6678 encryption_index->auxiliary_info_sample_count = sample_count;
6679
6680 if (encryption_index->auxiliary_info_default_size == 0) {
6681 ret = mov_try_read_block(pb, sample_count, &encryption_index->auxiliary_info_sizes);
6682 if (ret < 0) {
6683 av_log(c->fc, AV_LOG_ERROR, "Failed to read the auxiliary info\n");
6684 return ret;
6685 }
6686 }
6687
6688 if (encryption_index->auxiliary_offsets_count) {
6689 return mov_parse_auxiliary_info(c, sc, pb, encryption_index);
6690 }
6691
6692 return 0;
6693 }
6694
mov_read_saio(MOVContext * c,AVIOContext * pb,MOVAtom atom)6695 static int mov_read_saio(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6696 {
6697 uint64_t *auxiliary_offsets;
6698 MOVEncryptionIndex *encryption_index;
6699 MOVStreamContext *sc;
6700 int i, ret;
6701 unsigned int version, entry_count, aux_info_type, aux_info_param;
6702 unsigned int alloc_size = 0;
6703
6704 ret = get_current_encryption_info(c, &encryption_index, &sc);
6705 if (ret != 1)
6706 return ret;
6707
6708 if (encryption_index->nb_encrypted_samples) {
6709 // This can happen if we have both saio/saiz and senc atoms.
6710 av_log(c->fc, AV_LOG_DEBUG, "Ignoring duplicate encryption info in saio\n");
6711 return 0;
6712 }
6713
6714 if (encryption_index->auxiliary_offsets_count) {
6715 av_log(c->fc, AV_LOG_ERROR, "Duplicate saio atom\n");
6716 return AVERROR_INVALIDDATA;
6717 }
6718
6719 version = avio_r8(pb); /* version */
6720 if (avio_rb24(pb) & 0x01) { /* flags */
6721 aux_info_type = avio_rb32(pb);
6722 aux_info_param = avio_rb32(pb);
6723 if (sc->cenc.default_encrypted_sample) {
6724 if (aux_info_type != sc->cenc.default_encrypted_sample->scheme) {
6725 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saio box with non-zero aux_info_type\n");
6726 return 0;
6727 }
6728 if (aux_info_param != 0) {
6729 av_log(c->fc, AV_LOG_DEBUG, "Ignoring saio box with non-zero aux_info_type_parameter\n");
6730 return 0;
6731 }
6732 } else {
6733 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6734 if ((aux_info_type == MKBETAG('c','e','n','c') ||
6735 aux_info_type == MKBETAG('c','e','n','s') ||
6736 aux_info_type == MKBETAG('c','b','c','1') ||
6737 aux_info_type == MKBETAG('c','b','c','s')) &&
6738 aux_info_param == 0) {
6739 av_log(c->fc, AV_LOG_ERROR, "Saw encrypted saio without schm/tenc\n");
6740 return AVERROR_INVALIDDATA;
6741 } else {
6742 return 0;
6743 }
6744 }
6745 } else if (!sc->cenc.default_encrypted_sample) {
6746 // Didn't see 'schm' or 'tenc', so this isn't encrypted.
6747 return 0;
6748 }
6749
6750 entry_count = avio_rb32(pb);
6751 if (entry_count >= INT_MAX / sizeof(*auxiliary_offsets))
6752 return AVERROR(ENOMEM);
6753
6754 for (i = 0; i < entry_count && !pb->eof_reached; i++) {
6755 unsigned int min_offsets = FFMIN(FFMAX(i + 1, 1024), entry_count);
6756 auxiliary_offsets = av_fast_realloc(
6757 encryption_index->auxiliary_offsets, &alloc_size,
6758 min_offsets * sizeof(*auxiliary_offsets));
6759 if (!auxiliary_offsets) {
6760 av_freep(&encryption_index->auxiliary_offsets);
6761 return AVERROR(ENOMEM);
6762 }
6763 encryption_index->auxiliary_offsets = auxiliary_offsets;
6764
6765 if (version == 0) {
6766 encryption_index->auxiliary_offsets[i] = avio_rb32(pb);
6767 } else {
6768 encryption_index->auxiliary_offsets[i] = avio_rb64(pb);
6769 }
6770 if (c->frag_index.current >= 0) {
6771 encryption_index->auxiliary_offsets[i] += c->fragment.base_data_offset;
6772 }
6773 }
6774
6775 if (pb->eof_reached) {
6776 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading saio\n");
6777 av_freep(&encryption_index->auxiliary_offsets);
6778 return AVERROR_INVALIDDATA;
6779 }
6780
6781 encryption_index->auxiliary_offsets_count = entry_count;
6782
6783 if (encryption_index->auxiliary_info_sample_count) {
6784 return mov_parse_auxiliary_info(c, sc, pb, encryption_index);
6785 }
6786
6787 return 0;
6788 }
6789
6790 #ifdef OHOS_DRM
mov_set_drm_info(const uint8_t * pssh_buf,uint32_t pssh_buf_size,AV_DrmInfo * side_data)6791 static int mov_set_drm_info(const uint8_t *pssh_buf, uint32_t pssh_buf_size, AV_DrmInfo *side_data)
6792 {
6793 if (pssh_buf_size < (AV_DRM_UUID_OFFSET + AV_DRM_MAX_DRM_UUID_LEN)) {
6794 return AVERROR_INVALIDDATA;
6795 }
6796 side_data->uuid_len = AV_DRM_MAX_DRM_UUID_LEN;
6797 memcpy(side_data->uuid, pssh_buf + AV_DRM_UUID_OFFSET, AV_DRM_MAX_DRM_UUID_LEN);
6798 side_data->pssh_len = pssh_buf_size;
6799 memcpy(side_data->pssh, pssh_buf, pssh_buf_size);
6800 return 0;
6801 }
6802
mov_is_exist_pssh(const AV_DrmInfo * old_side_data,uint32_t count,AV_DrmInfo side_data_node)6803 static int mov_is_exist_pssh(const AV_DrmInfo *old_side_data, uint32_t count, AV_DrmInfo side_data_node)
6804 {
6805 uint32_t i = 0;
6806 if (count == 0) {
6807 return 0;
6808 }
6809 for (; i < count; i++) {
6810 if ((old_side_data[i].pssh_len == side_data_node.pssh_len) &&
6811 (old_side_data[i].uuid_len == side_data_node.uuid_len)) {
6812 if ((memcmp(old_side_data[i].pssh, side_data_node.pssh, old_side_data[i].pssh_len) == 0) &&
6813 (memcmp(old_side_data[i].uuid, side_data_node.uuid, old_side_data[i].uuid_len) == 0)) {
6814 return 1;
6815 }
6816 }
6817 }
6818 return 0;
6819 }
6820
mov_copy_drm_info(AV_DrmInfo * new_side_data,const AV_DrmInfo * old_side_data,uint32_t old_side_data_count,AV_DrmInfo side_data_node)6821 static void mov_copy_drm_info(AV_DrmInfo *new_side_data, const AV_DrmInfo *old_side_data,
6822 uint32_t old_side_data_count, AV_DrmInfo side_data_node)
6823 {
6824 uint32_t i = 0;
6825 for (; i < old_side_data_count; i++) {
6826 new_side_data[i].uuid_len = old_side_data[i].uuid_len;
6827 memcpy(new_side_data[i].uuid, old_side_data[i].uuid, old_side_data[i].uuid_len);
6828 new_side_data[i].pssh_len = old_side_data[i].pssh_len;
6829 memcpy(new_side_data[i].pssh, old_side_data[i].pssh, old_side_data[i].pssh_len);
6830 }
6831 new_side_data[i].uuid_len = side_data_node.uuid_len;
6832 memcpy(new_side_data[i].uuid, side_data_node.uuid, side_data_node.uuid_len);
6833 new_side_data[i].pssh_len = side_data_node.pssh_len;
6834 memcpy(new_side_data[i].pssh, side_data_node.pssh, side_data_node.pssh_len);
6835 return;
6836 }
6837
mov_read_pssh_ex(MOVContext * c,AVIOContext * pb,MOVAtom atom)6838 static int mov_read_pssh_ex(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6839 {
6840 int ret = 0;
6841 AVStream *st;
6842 AV_DrmInfo side_data_node;
6843 AV_DrmInfo *old_side_data = NULL;
6844 AV_DrmInfo *new_side_data = NULL;
6845 uint8_t pssh_buf[AV_DRM_MAX_DRM_PSSH_LEN];
6846 size_t old_side_data_size = 0;
6847 uint32_t old_side_data_count = 0;
6848 int pssh_exist_flag = 0;
6849 if ((c == NULL) || (c->fc == NULL) || (c->fc->nb_streams < 1) || (c->fc->streams == NULL) || (pb == NULL) ||
6850 (atom.size > (AV_DRM_MAX_DRM_PSSH_LEN - MOV_DRM_PSSH_TITLE_LEN)) || (atom.size <= 0)) {
6851 return 0;
6852 }
6853 st = c->fc->streams[c->fc->nb_streams-1];
6854 if (st == NULL) {
6855 return 0;
6856 }
6857
6858 memset(pssh_buf, 0, sizeof(pssh_buf));
6859 AV_WB32(pssh_buf, (atom.size + MOV_DRM_PSSH_TITLE_LEN));
6860 memcpy(pssh_buf + sizeof(uint32_t), g_pssh_title_buf, sizeof(g_pssh_title_buf));
6861
6862 if ((ret = ffio_read_size(pb, pssh_buf + MOV_DRM_PSSH_TITLE_LEN, atom.size)) < 0) {
6863 av_log(c->fc, AV_LOG_ERROR, "Failed to read the pssh data\n");
6864 return 0;
6865 }
6866 if ((ret = mov_set_drm_info(pssh_buf, (uint32_t)(atom.size + MOV_DRM_PSSH_TITLE_LEN), &side_data_node)) != 0) {
6867 av_log(c->fc, AV_LOG_ERROR, "Failed to set drm info\n");
6868 return 0;
6869 }
6870
6871 old_side_data = (AV_DrmInfo *)av_stream_get_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO, &old_side_data_size);
6872 if ((old_side_data != NULL) && (old_side_data_size != 0)) {
6873 old_side_data_count = old_side_data_size / sizeof(AV_DrmInfo);
6874 pssh_exist_flag = mov_is_exist_pssh(old_side_data, old_side_data_count, side_data_node);
6875 }
6876 if (pssh_exist_flag == 0) {
6877 new_side_data = (AV_DrmInfo *)av_mallocz(sizeof(AV_DrmInfo) * (old_side_data_count + 1));
6878 if (new_side_data != NULL) {
6879 mov_copy_drm_info(new_side_data, old_side_data, old_side_data_count, side_data_node);
6880 ret = av_stream_add_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO, (uint8_t *)new_side_data,
6881 (size_t)(sizeof(AV_DrmInfo) * (old_side_data_count + 1)));
6882 if (ret < 0)
6883 av_free(new_side_data);
6884 }
6885 }
6886 return 0;
6887 }
6888 #endif
6889
mov_read_pssh(MOVContext * c,AVIOContext * pb,MOVAtom atom)6890 static int mov_read_pssh(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6891 {
6892 AVEncryptionInitInfo *info, *old_init_info;
6893 uint8_t **key_ids;
6894 AVStream *st;
6895 uint8_t *side_data, *extra_data, *old_side_data;
6896 size_t side_data_size, old_side_data_size;
6897 int ret = 0;
6898 unsigned int version, kid_count, extra_data_size, alloc_size = 0;
6899
6900 if (c->fc->nb_streams < 1)
6901 return 0;
6902 st = c->fc->streams[c->fc->nb_streams-1];
6903
6904 version = avio_r8(pb); /* version */
6905 avio_rb24(pb); /* flags */
6906
6907 info = av_encryption_init_info_alloc(/* system_id_size */ 16, /* num_key_ids */ 0,
6908 /* key_id_size */ 16, /* data_size */ 0);
6909 if (!info)
6910 return AVERROR(ENOMEM);
6911
6912 if ((ret = ffio_read_size(pb, info->system_id, 16)) < 0) {
6913 av_log(c->fc, AV_LOG_ERROR, "Failed to read the system id\n");
6914 goto finish;
6915 }
6916
6917 if (version > 0) {
6918 kid_count = avio_rb32(pb);
6919 if (kid_count >= INT_MAX / sizeof(*key_ids)) {
6920 ret = AVERROR(ENOMEM);
6921 goto finish;
6922 }
6923
6924 for (unsigned int i = 0; i < kid_count && !pb->eof_reached; i++) {
6925 unsigned int min_kid_count = FFMIN(FFMAX(i + 1, 1024), kid_count);
6926 key_ids = av_fast_realloc(info->key_ids, &alloc_size,
6927 min_kid_count * sizeof(*key_ids));
6928 if (!key_ids) {
6929 ret = AVERROR(ENOMEM);
6930 goto finish;
6931 }
6932 info->key_ids = key_ids;
6933
6934 info->key_ids[i] = av_mallocz(16);
6935 if (!info->key_ids[i]) {
6936 ret = AVERROR(ENOMEM);
6937 goto finish;
6938 }
6939 info->num_key_ids = i + 1;
6940
6941 if ((ret = ffio_read_size(pb, info->key_ids[i], 16)) < 0) {
6942 av_log(c->fc, AV_LOG_ERROR, "Failed to read the key id\n");
6943 goto finish;
6944 }
6945 }
6946
6947 if (pb->eof_reached) {
6948 av_log(c->fc, AV_LOG_ERROR, "Hit EOF while reading pssh\n");
6949 ret = AVERROR_INVALIDDATA;
6950 goto finish;
6951 }
6952 }
6953
6954 extra_data_size = avio_rb32(pb);
6955 ret = mov_try_read_block(pb, extra_data_size, &extra_data);
6956 if (ret < 0)
6957 goto finish;
6958
6959 av_freep(&info->data); // malloc(0) may still allocate something.
6960 info->data = extra_data;
6961 info->data_size = extra_data_size;
6962
6963 // If there is existing initialization data, append to the list.
6964 old_side_data = av_stream_get_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO, &old_side_data_size);
6965 if (old_side_data) {
6966 old_init_info = av_encryption_init_info_get_side_data(old_side_data, old_side_data_size);
6967 if (old_init_info) {
6968 // Append to the end of the list.
6969 for (AVEncryptionInitInfo *cur = old_init_info;; cur = cur->next) {
6970 if (!cur->next) {
6971 cur->next = info;
6972 break;
6973 }
6974 }
6975 info = old_init_info;
6976 } else {
6977 // Assume existing side-data will be valid, so the only error we could get is OOM.
6978 ret = AVERROR(ENOMEM);
6979 goto finish;
6980 }
6981 }
6982
6983 side_data = av_encryption_init_info_add_side_data(info, &side_data_size);
6984 if (!side_data) {
6985 ret = AVERROR(ENOMEM);
6986 goto finish;
6987 }
6988 ret = av_stream_add_side_data(st, AV_PKT_DATA_ENCRYPTION_INIT_INFO,
6989 side_data, side_data_size);
6990 if (ret < 0)
6991 av_free(side_data);
6992
6993 finish:
6994 av_encryption_init_info_free(info);
6995 return ret;
6996 }
6997
mov_read_schm(MOVContext * c,AVIOContext * pb,MOVAtom atom)6998 static int mov_read_schm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
6999 {
7000 AVStream *st;
7001 MOVStreamContext *sc;
7002
7003 if (c->fc->nb_streams < 1)
7004 return 0;
7005 st = c->fc->streams[c->fc->nb_streams-1];
7006 sc = st->priv_data;
7007
7008 if (sc->pseudo_stream_id != 0) {
7009 av_log(c->fc, AV_LOG_ERROR, "schm boxes are only supported in first sample descriptor\n");
7010 return AVERROR_PATCHWELCOME;
7011 }
7012
7013 if (atom.size < 8)
7014 return AVERROR_INVALIDDATA;
7015
7016 avio_rb32(pb); /* version and flags */
7017
7018 if (!sc->cenc.default_encrypted_sample) {
7019 sc->cenc.default_encrypted_sample = av_encryption_info_alloc(0, 16, 16);
7020 if (!sc->cenc.default_encrypted_sample) {
7021 return AVERROR(ENOMEM);
7022 }
7023 }
7024
7025 sc->cenc.default_encrypted_sample->scheme = avio_rb32(pb);
7026 return 0;
7027 }
7028
mov_read_tenc(MOVContext * c,AVIOContext * pb,MOVAtom atom)7029 static int mov_read_tenc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7030 {
7031 AVStream *st;
7032 MOVStreamContext *sc;
7033 unsigned int version, pattern, is_protected, iv_size;
7034
7035 if (c->fc->nb_streams < 1)
7036 return 0;
7037 st = c->fc->streams[c->fc->nb_streams-1];
7038 sc = st->priv_data;
7039
7040 if (sc->pseudo_stream_id != 0) {
7041 av_log(c->fc, AV_LOG_ERROR, "tenc atom are only supported in first sample descriptor\n");
7042 return AVERROR_PATCHWELCOME;
7043 }
7044
7045 if (!sc->cenc.default_encrypted_sample) {
7046 sc->cenc.default_encrypted_sample = av_encryption_info_alloc(0, 16, 16);
7047 if (!sc->cenc.default_encrypted_sample) {
7048 return AVERROR(ENOMEM);
7049 }
7050 }
7051
7052 if (atom.size < 20)
7053 return AVERROR_INVALIDDATA;
7054
7055 version = avio_r8(pb); /* version */
7056 avio_rb24(pb); /* flags */
7057
7058 avio_r8(pb); /* reserved */
7059 pattern = avio_r8(pb);
7060
7061 if (version > 0) {
7062 sc->cenc.default_encrypted_sample->crypt_byte_block = pattern >> 4;
7063 sc->cenc.default_encrypted_sample->skip_byte_block = pattern & 0xf;
7064 }
7065
7066 is_protected = avio_r8(pb);
7067 if (is_protected && !sc->cenc.encryption_index) {
7068 // The whole stream should be by-default encrypted.
7069 sc->cenc.encryption_index = av_mallocz(sizeof(MOVEncryptionIndex));
7070 if (!sc->cenc.encryption_index)
7071 return AVERROR(ENOMEM);
7072 }
7073 sc->cenc.per_sample_iv_size = avio_r8(pb);
7074 if (sc->cenc.per_sample_iv_size != 0 && sc->cenc.per_sample_iv_size != 8 &&
7075 sc->cenc.per_sample_iv_size != 16) {
7076 av_log(c->fc, AV_LOG_ERROR, "invalid per-sample IV size value\n");
7077 return AVERROR_INVALIDDATA;
7078 }
7079 if (avio_read(pb, sc->cenc.default_encrypted_sample->key_id, 16) != 16) {
7080 av_log(c->fc, AV_LOG_ERROR, "failed to read the default key ID\n");
7081 return AVERROR_INVALIDDATA;
7082 }
7083
7084 if (is_protected && !sc->cenc.per_sample_iv_size) {
7085 iv_size = avio_r8(pb);
7086 if (iv_size != 8 && iv_size != 16) {
7087 av_log(c->fc, AV_LOG_ERROR, "invalid default_constant_IV_size in tenc atom\n");
7088 return AVERROR_INVALIDDATA;
7089 }
7090
7091 if (avio_read(pb, sc->cenc.default_encrypted_sample->iv, iv_size) != iv_size) {
7092 av_log(c->fc, AV_LOG_ERROR, "failed to read the default IV\n");
7093 return AVERROR_INVALIDDATA;
7094 }
7095 }
7096
7097 return 0;
7098 }
7099
mov_read_dfla(MOVContext * c,AVIOContext * pb,MOVAtom atom)7100 static int mov_read_dfla(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7101 {
7102 AVStream *st;
7103 int last, type, size, ret;
7104 uint8_t buf[4];
7105
7106 if (c->fc->nb_streams < 1)
7107 return 0;
7108 st = c->fc->streams[c->fc->nb_streams-1];
7109
7110 if ((uint64_t)atom.size > (1<<30) || atom.size < 42)
7111 return AVERROR_INVALIDDATA;
7112
7113 /* Check FlacSpecificBox version. */
7114 if (avio_r8(pb) != 0)
7115 return AVERROR_INVALIDDATA;
7116
7117 avio_rb24(pb); /* Flags */
7118
7119 if (avio_read(pb, buf, sizeof(buf)) != sizeof(buf)) {
7120 av_log(c->fc, AV_LOG_ERROR, "failed to read FLAC metadata block header\n");
7121 return pb->error < 0 ? pb->error : AVERROR_INVALIDDATA;
7122 }
7123 flac_parse_block_header(buf, &last, &type, &size);
7124
7125 if (type != FLAC_METADATA_TYPE_STREAMINFO || size != FLAC_STREAMINFO_SIZE) {
7126 av_log(c->fc, AV_LOG_ERROR, "STREAMINFO must be first FLACMetadataBlock\n");
7127 return AVERROR_INVALIDDATA;
7128 }
7129
7130 ret = ff_get_extradata(c->fc, st->codecpar, pb, size);
7131 if (ret < 0)
7132 return ret;
7133
7134 if (!last)
7135 av_log(c->fc, AV_LOG_WARNING, "non-STREAMINFO FLACMetadataBlock(s) ignored\n");
7136
7137 return 0;
7138 }
7139
cenc_scheme_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)7140 static int cenc_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
7141 {
7142 int i, ret;
7143 int bytes_of_protected_data;
7144
7145 if (!sc->cenc.aes_ctr) {
7146 /* initialize the cipher */
7147 sc->cenc.aes_ctr = av_aes_ctr_alloc();
7148 if (!sc->cenc.aes_ctr) {
7149 return AVERROR(ENOMEM);
7150 }
7151
7152 ret = av_aes_ctr_init(sc->cenc.aes_ctr, c->decryption_key);
7153 if (ret < 0) {
7154 return ret;
7155 }
7156 }
7157
7158 av_aes_ctr_set_full_iv(sc->cenc.aes_ctr, sample->iv);
7159
7160 if (!sample->subsample_count) {
7161 /* decrypt the whole packet */
7162 av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, size);
7163 return 0;
7164 }
7165
7166 for (i = 0; i < sample->subsample_count; i++) {
7167 if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
7168 av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
7169 return AVERROR_INVALIDDATA;
7170 }
7171
7172 /* skip the clear bytes */
7173 input += sample->subsamples[i].bytes_of_clear_data;
7174 size -= sample->subsamples[i].bytes_of_clear_data;
7175
7176 /* decrypt the encrypted bytes */
7177
7178 bytes_of_protected_data = sample->subsamples[i].bytes_of_protected_data;
7179 av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, bytes_of_protected_data);
7180
7181 input += bytes_of_protected_data;
7182 size -= bytes_of_protected_data;
7183 }
7184
7185 if (size > 0) {
7186 av_log(c->fc, AV_LOG_ERROR, "leftover packet bytes after subsample processing\n");
7187 return AVERROR_INVALIDDATA;
7188 }
7189
7190 return 0;
7191 }
7192
cbc1_scheme_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)7193 static int cbc1_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
7194 {
7195 int i, ret;
7196 int num_of_encrypted_blocks;
7197 uint8_t iv[16];
7198
7199 if (!sc->cenc.aes_ctx) {
7200 /* initialize the cipher */
7201 sc->cenc.aes_ctx = av_aes_alloc();
7202 if (!sc->cenc.aes_ctx) {
7203 return AVERROR(ENOMEM);
7204 }
7205
7206 ret = av_aes_init(sc->cenc.aes_ctx, c->decryption_key, 16 * 8, 1);
7207 if (ret < 0) {
7208 return ret;
7209 }
7210 }
7211
7212 memcpy(iv, sample->iv, 16);
7213
7214 /* whole-block full sample encryption */
7215 if (!sample->subsample_count) {
7216 /* decrypt the whole packet */
7217 av_aes_crypt(sc->cenc.aes_ctx, input, input, size/16, iv, 1);
7218 return 0;
7219 }
7220
7221 for (i = 0; i < sample->subsample_count; i++) {
7222 if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
7223 av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
7224 return AVERROR_INVALIDDATA;
7225 }
7226
7227 if (sample->subsamples[i].bytes_of_protected_data % 16) {
7228 av_log(c->fc, AV_LOG_ERROR, "subsample BytesOfProtectedData is not a multiple of 16\n");
7229 return AVERROR_INVALIDDATA;
7230 }
7231
7232 /* skip the clear bytes */
7233 input += sample->subsamples[i].bytes_of_clear_data;
7234 size -= sample->subsamples[i].bytes_of_clear_data;
7235
7236 /* decrypt the encrypted bytes */
7237 num_of_encrypted_blocks = sample->subsamples[i].bytes_of_protected_data/16;
7238 if (num_of_encrypted_blocks > 0) {
7239 av_aes_crypt(sc->cenc.aes_ctx, input, input, num_of_encrypted_blocks, iv, 1);
7240 }
7241 input += sample->subsamples[i].bytes_of_protected_data;
7242 size -= sample->subsamples[i].bytes_of_protected_data;
7243 }
7244
7245 if (size > 0) {
7246 av_log(c->fc, AV_LOG_ERROR, "leftover packet bytes after subsample processing\n");
7247 return AVERROR_INVALIDDATA;
7248 }
7249
7250 return 0;
7251 }
7252
cens_scheme_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)7253 static int cens_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
7254 {
7255 int i, ret, rem_bytes;
7256 uint8_t *data;
7257
7258 if (!sc->cenc.aes_ctr) {
7259 /* initialize the cipher */
7260 sc->cenc.aes_ctr = av_aes_ctr_alloc();
7261 if (!sc->cenc.aes_ctr) {
7262 return AVERROR(ENOMEM);
7263 }
7264
7265 ret = av_aes_ctr_init(sc->cenc.aes_ctr, c->decryption_key);
7266 if (ret < 0) {
7267 return ret;
7268 }
7269 }
7270
7271 av_aes_ctr_set_full_iv(sc->cenc.aes_ctr, sample->iv);
7272
7273 /* whole-block full sample encryption */
7274 if (!sample->subsample_count) {
7275 /* decrypt the whole packet */
7276 av_aes_ctr_crypt(sc->cenc.aes_ctr, input, input, size);
7277 return 0;
7278 } else if (!sample->crypt_byte_block && !sample->skip_byte_block) {
7279 av_log(c->fc, AV_LOG_ERROR, "pattern encryption is not present in 'cens' scheme\n");
7280 return AVERROR_INVALIDDATA;
7281 }
7282
7283 for (i = 0; i < sample->subsample_count; i++) {
7284 if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
7285 av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
7286 return AVERROR_INVALIDDATA;
7287 }
7288
7289 /* skip the clear bytes */
7290 input += sample->subsamples[i].bytes_of_clear_data;
7291 size -= sample->subsamples[i].bytes_of_clear_data;
7292
7293 /* decrypt the encrypted bytes */
7294 data = input;
7295 rem_bytes = sample->subsamples[i].bytes_of_protected_data;
7296 while (rem_bytes > 0) {
7297 if (rem_bytes < 16*sample->crypt_byte_block) {
7298 break;
7299 }
7300 av_aes_ctr_crypt(sc->cenc.aes_ctr, data, data, 16*sample->crypt_byte_block);
7301 data += 16*sample->crypt_byte_block;
7302 rem_bytes -= 16*sample->crypt_byte_block;
7303 data += FFMIN(16*sample->skip_byte_block, rem_bytes);
7304 rem_bytes -= FFMIN(16*sample->skip_byte_block, rem_bytes);
7305 }
7306 input += sample->subsamples[i].bytes_of_protected_data;
7307 size -= sample->subsamples[i].bytes_of_protected_data;
7308 }
7309
7310 if (size > 0) {
7311 av_log(c->fc, AV_LOG_ERROR, "leftover packet bytes after subsample processing\n");
7312 return AVERROR_INVALIDDATA;
7313 }
7314
7315 return 0;
7316 }
7317
cbcs_scheme_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)7318 static int cbcs_scheme_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
7319 {
7320 int i, ret, rem_bytes;
7321 uint8_t iv[16];
7322 uint8_t *data;
7323
7324 if (!sc->cenc.aes_ctx) {
7325 /* initialize the cipher */
7326 sc->cenc.aes_ctx = av_aes_alloc();
7327 if (!sc->cenc.aes_ctx) {
7328 return AVERROR(ENOMEM);
7329 }
7330
7331 ret = av_aes_init(sc->cenc.aes_ctx, c->decryption_key, 16 * 8, 1);
7332 if (ret < 0) {
7333 return ret;
7334 }
7335 }
7336
7337 /* whole-block full sample encryption */
7338 if (!sample->subsample_count) {
7339 /* decrypt the whole packet */
7340 memcpy(iv, sample->iv, 16);
7341 av_aes_crypt(sc->cenc.aes_ctx, input, input, size/16, iv, 1);
7342 return 0;
7343 } else if (!sample->crypt_byte_block && !sample->skip_byte_block) {
7344 av_log(c->fc, AV_LOG_ERROR, "pattern encryption is not present in 'cbcs' scheme\n");
7345 return AVERROR_INVALIDDATA;
7346 }
7347
7348 for (i = 0; i < sample->subsample_count; i++) {
7349 if (sample->subsamples[i].bytes_of_clear_data + sample->subsamples[i].bytes_of_protected_data > size) {
7350 av_log(c->fc, AV_LOG_ERROR, "subsample size exceeds the packet size left\n");
7351 return AVERROR_INVALIDDATA;
7352 }
7353
7354 /* skip the clear bytes */
7355 input += sample->subsamples[i].bytes_of_clear_data;
7356 size -= sample->subsamples[i].bytes_of_clear_data;
7357
7358 /* decrypt the encrypted bytes */
7359 memcpy(iv, sample->iv, 16);
7360 data = input;
7361 rem_bytes = sample->subsamples[i].bytes_of_protected_data;
7362 while (rem_bytes > 0) {
7363 if (rem_bytes < 16*sample->crypt_byte_block) {
7364 break;
7365 }
7366 av_aes_crypt(sc->cenc.aes_ctx, data, data, sample->crypt_byte_block, iv, 1);
7367 data += 16*sample->crypt_byte_block;
7368 rem_bytes -= 16*sample->crypt_byte_block;
7369 data += FFMIN(16*sample->skip_byte_block, rem_bytes);
7370 rem_bytes -= FFMIN(16*sample->skip_byte_block, rem_bytes);
7371 }
7372 input += sample->subsamples[i].bytes_of_protected_data;
7373 size -= sample->subsamples[i].bytes_of_protected_data;
7374 }
7375
7376 if (size > 0) {
7377 av_log(c->fc, AV_LOG_ERROR, "leftover packet bytes after subsample processing\n");
7378 return AVERROR_INVALIDDATA;
7379 }
7380
7381 return 0;
7382 }
7383
cenc_decrypt(MOVContext * c,MOVStreamContext * sc,AVEncryptionInfo * sample,uint8_t * input,int size)7384 static int cenc_decrypt(MOVContext *c, MOVStreamContext *sc, AVEncryptionInfo *sample, uint8_t *input, int size)
7385 {
7386 if (sample->scheme == MKBETAG('c','e','n','c') && !sample->crypt_byte_block && !sample->skip_byte_block) {
7387 return cenc_scheme_decrypt(c, sc, sample, input, size);
7388 } else if (sample->scheme == MKBETAG('c','b','c','1') && !sample->crypt_byte_block && !sample->skip_byte_block) {
7389 return cbc1_scheme_decrypt(c, sc, sample, input, size);
7390 } else if (sample->scheme == MKBETAG('c','e','n','s')) {
7391 return cens_scheme_decrypt(c, sc, sample, input, size);
7392 } else if (sample->scheme == MKBETAG('c','b','c','s')) {
7393 return cbcs_scheme_decrypt(c, sc, sample, input, size);
7394 } else {
7395 av_log(c->fc, AV_LOG_ERROR, "invalid encryption scheme\n");
7396 return AVERROR_INVALIDDATA;
7397 }
7398 }
7399
cenc_filter(MOVContext * mov,AVStream * st,MOVStreamContext * sc,AVPacket * pkt,int current_index)7400 static int cenc_filter(MOVContext *mov, AVStream* st, MOVStreamContext *sc, AVPacket *pkt, int current_index)
7401 {
7402 MOVFragmentStreamInfo *frag_stream_info;
7403 MOVEncryptionIndex *encryption_index;
7404 AVEncryptionInfo *encrypted_sample;
7405 int encrypted_index, ret;
7406
7407 frag_stream_info = get_frag_stream_info(&mov->frag_index, mov->frag_index.current, st->id);
7408 encrypted_index = current_index;
7409 encryption_index = NULL;
7410 if (frag_stream_info) {
7411 // Note this only supports encryption info in the first sample descriptor.
7412 if (mov->fragment.stsd_id == 1) {
7413 if (frag_stream_info->encryption_index) {
7414 if (!current_index && frag_stream_info->index_entry)
7415 sc->cenc.frag_index_entry_base = frag_stream_info->index_entry;
7416 encrypted_index = current_index - (frag_stream_info->index_entry - sc->cenc.frag_index_entry_base);
7417 encryption_index = frag_stream_info->encryption_index;
7418 } else {
7419 encryption_index = sc->cenc.encryption_index;
7420 }
7421 }
7422 } else {
7423 encryption_index = sc->cenc.encryption_index;
7424 }
7425
7426 if (encryption_index) {
7427 if (encryption_index->auxiliary_info_sample_count &&
7428 !encryption_index->nb_encrypted_samples) {
7429 av_log(mov->fc, AV_LOG_ERROR, "saiz atom found without saio\n");
7430 return AVERROR_INVALIDDATA;
7431 }
7432 if (encryption_index->auxiliary_offsets_count &&
7433 !encryption_index->nb_encrypted_samples) {
7434 av_log(mov->fc, AV_LOG_ERROR, "saio atom found without saiz\n");
7435 return AVERROR_INVALIDDATA;
7436 }
7437
7438 if (!encryption_index->nb_encrypted_samples) {
7439 // Full-sample encryption with default settings.
7440 encrypted_sample = sc->cenc.default_encrypted_sample;
7441 } else if (encrypted_index >= 0 && encrypted_index < encryption_index->nb_encrypted_samples) {
7442 // Per-sample setting override.
7443 encrypted_sample = encryption_index->encrypted_samples[encrypted_index];
7444 } else {
7445 av_log(mov->fc, AV_LOG_ERROR, "Incorrect number of samples in encryption info\n");
7446 return AVERROR_INVALIDDATA;
7447 }
7448
7449 if (mov->decryption_key) {
7450 return cenc_decrypt(mov, sc, encrypted_sample, pkt->data, pkt->size);
7451 } else {
7452 size_t size;
7453 #ifdef OHOS_DRM
7454 AV_DrmCencInfo *side_data = NULL;
7455 side_data = av_encryption_info_add_side_data_ex(encrypted_sample, &size, side_data, pkt->size);
7456 #else
7457 uint8_t *side_data = av_encryption_info_add_side_data(encrypted_sample, &size);
7458 #endif
7459 if (!side_data)
7460 return AVERROR(ENOMEM);
7461 #ifdef OHOS_DRM
7462 ret = av_packet_add_side_data(pkt, AV_PKT_DATA_ENCRYPTION_INFO, (uint8_t *)side_data, size);
7463 #else
7464 ret = av_packet_add_side_data(pkt, AV_PKT_DATA_ENCRYPTION_INFO, side_data, size);
7465 #endif
7466 if (ret < 0)
7467 av_free(side_data);
7468 return ret;
7469 }
7470 }
7471
7472 return 0;
7473 }
7474
mov_read_dops(MOVContext * c,AVIOContext * pb,MOVAtom atom)7475 static int mov_read_dops(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7476 {
7477 const int OPUS_SEEK_PREROLL_MS = 80;
7478 int ret;
7479 AVStream *st;
7480 size_t size;
7481 uint16_t pre_skip;
7482
7483 if (c->fc->nb_streams < 1)
7484 return 0;
7485 st = c->fc->streams[c->fc->nb_streams-1];
7486
7487 if ((uint64_t)atom.size > (1<<30) || atom.size < 11)
7488 return AVERROR_INVALIDDATA;
7489
7490 /* Check OpusSpecificBox version. */
7491 if (avio_r8(pb) != 0) {
7492 av_log(c->fc, AV_LOG_ERROR, "unsupported OpusSpecificBox version\n");
7493 return AVERROR_INVALIDDATA;
7494 }
7495
7496 /* OpusSpecificBox size plus magic for Ogg OpusHead header. */
7497 size = atom.size + 8;
7498
7499 if ((ret = ff_alloc_extradata(st->codecpar, size)) < 0)
7500 return ret;
7501
7502 AV_WL32(st->codecpar->extradata, MKTAG('O','p','u','s'));
7503 AV_WL32(st->codecpar->extradata + 4, MKTAG('H','e','a','d'));
7504 AV_WB8(st->codecpar->extradata + 8, 1); /* OpusHead version */
7505 avio_read(pb, st->codecpar->extradata + 9, size - 9);
7506
7507 /* OpusSpecificBox is stored in big-endian, but OpusHead is
7508 little-endian; aside from the preceeding magic and version they're
7509 otherwise currently identical. Data after output gain at offset 16
7510 doesn't need to be bytewapped. */
7511 pre_skip = AV_RB16(st->codecpar->extradata + 10);
7512 AV_WL16(st->codecpar->extradata + 10, pre_skip);
7513 AV_WL32(st->codecpar->extradata + 12, AV_RB32(st->codecpar->extradata + 12));
7514 AV_WL16(st->codecpar->extradata + 16, AV_RB16(st->codecpar->extradata + 16));
7515
7516 st->codecpar->initial_padding = pre_skip;
7517 st->codecpar->seek_preroll = av_rescale_q(OPUS_SEEK_PREROLL_MS,
7518 (AVRational){1, 1000},
7519 (AVRational){1, 48000});
7520
7521 return 0;
7522 }
7523
mov_read_dmlp(MOVContext * c,AVIOContext * pb,MOVAtom atom)7524 static int mov_read_dmlp(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7525 {
7526 AVStream *st;
7527 unsigned format_info;
7528 int channel_assignment, channel_assignment1, channel_assignment2;
7529 int ratebits;
7530 uint64_t chmask;
7531
7532 if (c->fc->nb_streams < 1)
7533 return 0;
7534 st = c->fc->streams[c->fc->nb_streams-1];
7535
7536 if (atom.size < 10)
7537 return AVERROR_INVALIDDATA;
7538
7539 format_info = avio_rb32(pb);
7540
7541 ratebits = (format_info >> 28) & 0xF;
7542 channel_assignment1 = (format_info >> 15) & 0x1F;
7543 channel_assignment2 = format_info & 0x1FFF;
7544 if (channel_assignment2)
7545 channel_assignment = channel_assignment2;
7546 else
7547 channel_assignment = channel_assignment1;
7548
7549 st->codecpar->frame_size = 40 << (ratebits & 0x7);
7550 st->codecpar->sample_rate = mlp_samplerate(ratebits);
7551
7552 av_channel_layout_uninit(&st->codecpar->ch_layout);
7553 chmask = truehd_layout(channel_assignment);
7554 av_channel_layout_from_mask(&st->codecpar->ch_layout, chmask);
7555
7556 return 0;
7557 }
7558
mov_read_dvcc_dvvc(MOVContext * c,AVIOContext * pb,MOVAtom atom)7559 static int mov_read_dvcc_dvvc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7560 {
7561 AVStream *st;
7562 uint8_t buf[ISOM_DVCC_DVVC_SIZE];
7563 int ret;
7564 int64_t read_size = atom.size;
7565
7566 if (c->fc->nb_streams < 1)
7567 return 0;
7568 st = c->fc->streams[c->fc->nb_streams-1];
7569
7570 // At most 24 bytes
7571 read_size = FFMIN(read_size, ISOM_DVCC_DVVC_SIZE);
7572
7573 if ((ret = ffio_read_size(pb, buf, read_size)) < 0)
7574 return ret;
7575
7576 return ff_isom_parse_dvcc_dvvc(c->fc, st, buf, read_size);
7577 }
7578
mov_read_kind(MOVContext * c,AVIOContext * pb,MOVAtom atom)7579 static int mov_read_kind(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7580 {
7581 AVFormatContext *ctx = c->fc;
7582 AVStream *st = NULL;
7583 AVBPrint scheme_buf, value_buf;
7584 int64_t scheme_str_len = 0, value_str_len = 0;
7585 int version, flags, ret = AVERROR_BUG;
7586 int64_t size = atom.size;
7587
7588 if (atom.size < 6)
7589 // 4 bytes for version + flags, 2x 1 byte for null
7590 return AVERROR_INVALIDDATA;
7591
7592 if (c->fc->nb_streams < 1)
7593 return 0;
7594 st = c->fc->streams[c->fc->nb_streams-1];
7595
7596 version = avio_r8(pb);
7597 flags = avio_rb24(pb);
7598 size -= 4;
7599
7600 if (version != 0 || flags != 0) {
7601 av_log(ctx, AV_LOG_ERROR,
7602 "Unsupported 'kind' box with version %d, flags: %x",
7603 version, flags);
7604 return AVERROR_INVALIDDATA;
7605 }
7606
7607 av_bprint_init(&scheme_buf, 0, AV_BPRINT_SIZE_UNLIMITED);
7608 av_bprint_init(&value_buf, 0, AV_BPRINT_SIZE_UNLIMITED);
7609
7610 if ((scheme_str_len = ff_read_string_to_bprint_overwrite(pb, &scheme_buf,
7611 size)) < 0) {
7612 ret = scheme_str_len;
7613 goto cleanup;
7614 }
7615
7616 if (scheme_str_len + 1 >= size) {
7617 // we need to have another string, even if nullptr.
7618 // we check with + 1 since we expect that if size was not hit,
7619 // an additional null was read.
7620 ret = AVERROR_INVALIDDATA;
7621 goto cleanup;
7622 }
7623
7624 size -= scheme_str_len + 1;
7625
7626 if ((value_str_len = ff_read_string_to_bprint_overwrite(pb, &value_buf,
7627 size)) < 0) {
7628 ret = value_str_len;
7629 goto cleanup;
7630 }
7631
7632 if (value_str_len == size) {
7633 // in case of no trailing null, box is not valid.
7634 ret = AVERROR_INVALIDDATA;
7635 goto cleanup;
7636 }
7637
7638 av_log(ctx, AV_LOG_TRACE,
7639 "%s stream %d KindBox(scheme: %s, value: %s)\n",
7640 av_get_media_type_string(st->codecpar->codec_type),
7641 st->index,
7642 scheme_buf.str, value_buf.str);
7643
7644 for (int i = 0; ff_mov_track_kind_table[i].scheme_uri; i++) {
7645 const struct MP4TrackKindMapping map = ff_mov_track_kind_table[i];
7646 if (!av_strstart(scheme_buf.str, map.scheme_uri, NULL))
7647 continue;
7648
7649 for (int j = 0; map.value_maps[j].disposition; j++) {
7650 const struct MP4TrackKindValueMapping value_map = map.value_maps[j];
7651 if (!av_strstart(value_buf.str, value_map.value, NULL))
7652 continue;
7653
7654 st->disposition |= value_map.disposition;
7655 }
7656 }
7657
7658 ret = 0;
7659
7660 cleanup:
7661
7662 av_bprint_finalize(&scheme_buf, NULL);
7663 av_bprint_finalize(&value_buf, NULL);
7664
7665 return ret;
7666 }
7667
mov_read_SA3D(MOVContext * c,AVIOContext * pb,MOVAtom atom)7668 static int mov_read_SA3D(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7669 {
7670 AVStream *st;
7671 int i, version, type;
7672 int ambisonic_order, channel_order, normalization, channel_count;
7673
7674 if (c->fc->nb_streams < 1)
7675 return 0;
7676
7677 st = c->fc->streams[c->fc->nb_streams - 1];
7678
7679 if (atom.size < 16) {
7680 av_log(c->fc, AV_LOG_ERROR, "SA3D audio box too small\n");
7681 return AVERROR_INVALIDDATA;
7682 }
7683
7684 version = avio_r8(pb);
7685 if (version) {
7686 av_log(c->fc, AV_LOG_WARNING, "Unsupported SA3D box version %d\n", version);
7687 return 0;
7688 }
7689
7690 type = avio_r8(pb);
7691 if (type) {
7692 av_log(c->fc, AV_LOG_WARNING,
7693 "Unsupported ambisonic type %d\n", type);
7694 return 0;
7695 }
7696
7697 ambisonic_order = avio_rb32(pb);
7698
7699 channel_order = avio_r8(pb);
7700 if (channel_order) {
7701 av_log(c->fc, AV_LOG_WARNING,
7702 "Unsupported channel_order %d\n", channel_order);
7703 return 0;
7704 }
7705
7706 normalization = avio_r8(pb);
7707 if (normalization) {
7708 av_log(c->fc, AV_LOG_WARNING,
7709 "Unsupported normalization %d\n", normalization);
7710 return 0;
7711 }
7712
7713 channel_count = avio_rb32(pb);
7714 if (ambisonic_order < 0 || channel_count != (ambisonic_order + 1LL) * (ambisonic_order + 1LL)) {
7715 av_log(c->fc, AV_LOG_ERROR,
7716 "Invalid number of channels (%d / %d)\n",
7717 channel_count, ambisonic_order);
7718 return 0;
7719 }
7720
7721 for (i = 0; i < channel_count; i++) {
7722 if (i != avio_rb32(pb)) {
7723 av_log(c->fc, AV_LOG_WARNING,
7724 "Ambisonic channel reordering is not supported\n");
7725 return 0;
7726 }
7727 }
7728
7729 av_channel_layout_uninit(&st->codecpar->ch_layout);
7730 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_AMBISONIC;
7731 st->codecpar->ch_layout.nb_channels = channel_count;
7732
7733 return 0;
7734 }
7735
mov_read_SAND(MOVContext * c,AVIOContext * pb,MOVAtom atom)7736 static int mov_read_SAND(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7737 {
7738 AVStream *st;
7739 int version;
7740
7741 if (c->fc->nb_streams < 1)
7742 return 0;
7743
7744 st = c->fc->streams[c->fc->nb_streams - 1];
7745
7746 if (atom.size < 5) {
7747 av_log(c->fc, AV_LOG_ERROR, "Empty SAND audio box\n");
7748 return AVERROR_INVALIDDATA;
7749 }
7750
7751 version = avio_r8(pb);
7752 if (version) {
7753 av_log(c->fc, AV_LOG_WARNING, "Unsupported SAND box version %d\n", version);
7754 return 0;
7755 }
7756
7757 st->disposition |= AV_DISPOSITION_NON_DIEGETIC;
7758
7759 return 0;
7760 }
7761
rb_size(AVIOContext * pb,uint64_t * value,int size)7762 static int rb_size(AVIOContext *pb, uint64_t* value, int size)
7763 {
7764 if (size == 0)
7765 *value = 0;
7766 else if (size == 1)
7767 *value = avio_r8(pb);
7768 else if (size == 2)
7769 *value = avio_rb16(pb);
7770 else if (size == 4)
7771 *value = avio_rb32(pb);
7772 else if (size == 8)
7773 *value = avio_rb64(pb);
7774 else
7775 return -1;
7776 return size;
7777 }
7778
mov_read_pitm(MOVContext * c,AVIOContext * pb,MOVAtom atom)7779 static int mov_read_pitm(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7780 {
7781 avio_rb32(pb); // version & flags.
7782 c->primary_item_id = avio_rb16(pb);
7783 return atom.size;
7784 }
7785
mov_read_iloc(MOVContext * c,AVIOContext * pb,MOVAtom atom)7786 static int mov_read_iloc(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7787 {
7788 int version, offset_size, length_size, base_offset_size, index_size;
7789 int item_count, extent_count;
7790 uint64_t base_offset, extent_offset, extent_length;
7791 uint8_t value;
7792 AVStream *st;
7793 MOVStreamContext *sc;
7794
7795 if (!c->is_still_picture_avif) {
7796 // * For non-avif, we simply ignore the iloc box.
7797 // * For animated avif, we don't care about the iloc box as all the
7798 // necessary information can be found in the moov box.
7799 return 0;
7800 }
7801
7802 if (c->fc->nb_streams) {
7803 av_log(c->fc, AV_LOG_INFO, "Duplicate iloc box found\n");
7804 return 0;
7805 }
7806
7807 st = avformat_new_stream(c->fc, NULL);
7808 if (!st)
7809 return AVERROR(ENOMEM);
7810 st->id = c->fc->nb_streams;
7811 sc = av_mallocz(sizeof(MOVStreamContext));
7812 if (!sc)
7813 return AVERROR(ENOMEM);
7814
7815 st->priv_data = sc;
7816 st->codecpar->codec_type = AVMEDIA_TYPE_VIDEO;
7817 st->codecpar->codec_id = AV_CODEC_ID_AV1;
7818 sc->ffindex = st->index;
7819 c->trak_index = st->index;
7820 st->avg_frame_rate.num = st->avg_frame_rate.den = 1;
7821 st->time_base.num = st->time_base.den = 1;
7822 st->nb_frames = 1;
7823 sc->time_scale = 1;
7824 sc = st->priv_data;
7825 sc->pb = c->fc->pb;
7826 sc->pb_is_copied = 1;
7827
7828 version = avio_r8(pb);
7829 avio_rb24(pb); // flags.
7830
7831 value = avio_r8(pb);
7832 offset_size = (value >> 4) & 0xF;
7833 length_size = value & 0xF;
7834 value = avio_r8(pb);
7835 base_offset_size = (value >> 4) & 0xF;
7836 index_size = !version ? 0 : (value & 0xF);
7837 if (index_size) {
7838 av_log(c->fc, AV_LOG_ERROR, "iloc: index_size != 0 not supported.\n");
7839 return AVERROR_PATCHWELCOME;
7840 }
7841 item_count = (version < 2) ? avio_rb16(pb) : avio_rb32(pb);
7842
7843 // Populate the necessary fields used by mov_build_index.
7844 sc->stsc_count = 1;
7845 sc->stsc_data = av_malloc_array(1, sizeof(*sc->stsc_data));
7846 if (!sc->stsc_data)
7847 return AVERROR(ENOMEM);
7848 sc->stsc_data[0].first = 1;
7849 sc->stsc_data[0].count = 1;
7850 sc->stsc_data[0].id = 1;
7851 sc->chunk_count = 1;
7852 sc->chunk_offsets = av_malloc_array(1, sizeof(*sc->chunk_offsets));
7853 if (!sc->chunk_offsets)
7854 return AVERROR(ENOMEM);
7855 sc->sample_count = 1;
7856 sc->sample_sizes = av_malloc_array(1, sizeof(*sc->sample_sizes));
7857 if (!sc->sample_sizes)
7858 return AVERROR(ENOMEM);
7859 sc->stts_count = 1;
7860 sc->stts_data = av_malloc_array(1, sizeof(*sc->stts_data));
7861 if (!sc->stts_data)
7862 return AVERROR(ENOMEM);
7863 sc->stts_data[0].count = 1;
7864 // Not used for still images. But needed by mov_build_index.
7865 sc->stts_data[0].duration = 0;
7866
7867 for (int i = 0; i < item_count; i++) {
7868 int item_id = (version < 2) ? avio_rb16(pb) : avio_rb32(pb);
7869 if (avio_feof(pb))
7870 return AVERROR_INVALIDDATA;
7871 if (version > 0)
7872 avio_rb16(pb); // construction_method.
7873 avio_rb16(pb); // data_reference_index.
7874 if (rb_size(pb, &base_offset, base_offset_size) < 0)
7875 return AVERROR_INVALIDDATA;
7876 extent_count = avio_rb16(pb);
7877 if (extent_count > 1) {
7878 // For still AVIF images, we only support one extent item.
7879 av_log(c->fc, AV_LOG_ERROR, "iloc: extent_count > 1 not supported.\n");
7880 return AVERROR_PATCHWELCOME;
7881 }
7882 for (int j = 0; j < extent_count; j++) {
7883 if (rb_size(pb, &extent_offset, offset_size) < 0 ||
7884 rb_size(pb, &extent_length, length_size) < 0 ||
7885 base_offset > INT64_MAX - extent_offset)
7886 return AVERROR_INVALIDDATA;
7887 if (item_id == c->primary_item_id) {
7888 sc->sample_sizes[0] = extent_length;
7889 sc->chunk_offsets[0] = base_offset + extent_offset;
7890 }
7891 }
7892 }
7893
7894 mov_build_index(c, st);
7895
7896 // For still AVIF images, the iloc box contains all the necessary
7897 // information that would generally be provided by the moov box. So simply
7898 // mark that we have found the moov box so that parsing can continue.
7899 c->found_moov = 1;
7900
7901 return atom.size;
7902 }
7903
7904
7905 #ifdef OHOS_MOOV_LEVEL_META
mov_read_gnre(MOVContext * c,AVIOContext * pb,MOVAtom atom)7906 static int mov_read_gnre(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7907 {
7908 int32_t i = 0;
7909 if (atom.size > 0) {
7910 if (atom.size > FFMIN(INT_MAX, SIZE_MAX - 1))
7911 return AVERROR_INVALIDDATA;
7912 char* genre = av_mallocz(atom.size + 1); /* Add null terminator */
7913 if (!genre)
7914 return AVERROR(ENOMEM);
7915
7916 int ret = ffio_read_size(pb, genre, atom.size);
7917 if (ret < 0) {
7918 av_freep(&genre);
7919 return ret;
7920 }
7921 /* skip zero at head of genre from dual frame video */
7922 for (i = 0; i < atom.size; ++i) {
7923 if (genre[i] != 0) {
7924 break;
7925 }
7926 }
7927 av_dict_set(&c->fc->metadata, "genre", genre + i, AV_DICT_DONT_OVERWRITE);
7928 av_freep(&genre);
7929 }
7930 return 0;
7931 }
7932 #endif
7933
7934 #ifdef OHOS_AV3A_DEMUXER
mov_read_dca3(MOVContext * c,AVIOContext * pb,MOVAtom atom)7935 static int mov_read_dca3(MOVContext *c, AVIOContext *pb, MOVAtom atom)
7936 {
7937 int ret = 0;
7938 int i = 0;
7939 int nb_channels = 0;
7940 int nb_objects = 0;
7941 int buff_size = 0;
7942 AVStream *st = NULL;
7943 GetBitContext gb;
7944 uint8_t buffer[(AV3A_DCA3_BOX_MAX_SIZE + 1) + AV_INPUT_BUFFER_PADDING_SIZE];
7945 int audio_codec_id, sampling_frequency_index;
7946 int nn_type, content_type, channel_number_index, number_objects;
7947 int hoa_order, resolution_index, reserved;
7948 int bitrate_kbps;
7949
7950 if ((atom.size < AV3A_DCA3_BOX_MIN_SIZE) || (atom.size > AV3A_DCA3_BOX_MAX_SIZE)) {
7951 return AVERROR_INVALIDDATA;
7952 }
7953 buff_size = (int)(atom.size);
7954
7955 if ((ret = init_get_bits8(&gb, buffer, (AV3A_DCA3_BOX_MAX_SIZE + 1))) < 0) {
7956 return ret;
7957 }
7958
7959 if (c->fc->nb_streams < 1) {
7960 return 0;
7961 }
7962 st = c->fc->streams[c->fc->nb_streams - 1];
7963
7964 if ((ret = avio_read(pb, buffer, buff_size)) < 0) {
7965 return ret;
7966 }
7967
7968 audio_codec_id = get_bits(&gb, 4);
7969 if (audio_codec_id != AV3A_LOSSY_CODEC_ID) {
7970 return AVERROR_INVALIDDATA;
7971 }
7972
7973 st->codecpar->frame_size = AV3A_AUDIO_FRAME_SIZE;
7974 sampling_frequency_index = get_bits(&gb, 4);
7975 if ((sampling_frequency_index >= AV3A_FS_TABLE_SIZE) || (sampling_frequency_index < 0)) {
7976 return AVERROR_INVALIDDATA;
7977 }
7978 st->codecpar->sample_rate = ff_av3a_sampling_rate_table[sampling_frequency_index];
7979
7980 nn_type = get_bits(&gb, 3);
7981 if ((nn_type > AV3A_LC_NN_TYPE) || (nn_type < AV3A_BASELINE_NN_TYPE)) {
7982 return AVERROR_INVALIDDATA;
7983 }
7984
7985 reserved = get_bits(&gb, 1);
7986 content_type = get_bits(&gb, 4);
7987 if (content_type == AV3A_CHANNEL_BASED_TYPE) {
7988 channel_number_index = get_bits(&gb, 7);
7989 reserved = get_bits(&gb, 1);
7990 if ((channel_number_index > CHANNEL_CONFIG_MC_7_1_4) ||
7991 (channel_number_index == CHANNEL_CONFIG_MC_10_2) ||
7992 (channel_number_index == CHANNEL_CONFIG_MC_22_2) ||
7993 (channel_number_index < CHANNEL_CONFIG_MONO)) {
7994 return AVERROR_INVALIDDATA;
7995 }
7996 nb_channels = ff_av3a_channels_map_table[channel_number_index].channels;
7997 } else if (content_type == AV3A_OBJECT_BASED_TYPE) {
7998 number_objects = get_bits(&gb, 7);
7999 reserved = get_bits(&gb, 1);
8000 nb_objects = number_objects;
8001 if (nb_objects < 1) {
8002 return AVERROR_INVALIDDATA;
8003 }
8004 } else if (content_type == AV3A_CHANNEL_OBJECT_TYPE) {
8005 channel_number_index = get_bits(&gb, 7);
8006 reserved = get_bits(&gb, 1);
8007 if ((channel_number_index > CHANNEL_CONFIG_MC_7_1_4) ||
8008 (channel_number_index == CHANNEL_CONFIG_MC_10_2) ||
8009 (channel_number_index == CHANNEL_CONFIG_MC_22_2) ||
8010 (channel_number_index < CHANNEL_CONFIG_STEREO)) {
8011 return AVERROR_INVALIDDATA;
8012 }
8013 number_objects = get_bits(&gb, 7);
8014 reserved = get_bits(&gb, 1);
8015 nb_channels = ff_av3a_channels_map_table[channel_number_index].channels;
8016 nb_objects = number_objects;
8017 if (nb_objects < 1) {
8018 return AVERROR_INVALIDDATA;
8019 }
8020 } else if (content_type == AV3A_AMBISONIC_TYPE) {
8021 hoa_order = get_bits(&gb, 4);
8022 if ((hoa_order < AV3A_AMBISONIC_FIRST_ORDER) || (hoa_order > AV3A_AMBISONIC_THIRD_ORDER)) {
8023 return AVERROR_INVALIDDATA;
8024 }
8025 nb_channels = (hoa_order + 1) * (hoa_order + 1);
8026 } else {
8027 return AVERROR_INVALIDDATA;
8028 }
8029
8030 bitrate_kbps = get_bits(&gb, 16);
8031 if (bitrate_kbps <= 0) {
8032 return AVERROR_INVALIDDATA;
8033 }
8034 st->codecpar->bit_rate = (int64_t)(bitrate_kbps * 1000);
8035
8036 resolution_index = get_bits(&gb, 2);
8037 if ((resolution_index >= AV3A_RESOLUTION_TABLE_SIZE) || (resolution_index < 0)) {
8038 return AVERROR_INVALIDDATA;
8039 }
8040 st->codecpar->format = ff_av3a_sample_format_map_table[resolution_index].sample_format;
8041 st->codecpar->bits_per_raw_sample = ff_av3a_sample_format_map_table[resolution_index].resolution;
8042
8043 av_channel_layout_uninit(&st->codecpar->ch_layout);
8044 if (content_type != AV3A_AMBISONIC_TYPE) {
8045 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_CUSTOM;
8046 st->codecpar->ch_layout.nb_channels = (nb_channels + nb_objects);
8047 st->codecpar->ch_layout.u.map = av_calloc(st->codecpar->ch_layout.nb_channels, sizeof(AVChannelCustom));
8048 if (!st->codecpar->ch_layout.u.map) {
8049 return AVERROR(ENOMEM);
8050 }
8051
8052 if (content_type != AV3A_OBJECT_BASED_TYPE) {
8053 for (i = 0; i < nb_channels; i ++) {
8054 st->codecpar->ch_layout.u.map[i].id = ff_av3a_channels_map_table[channel_number_index].channel_layout[i];
8055 }
8056 }
8057
8058 for (i = nb_channels; i < st->codecpar->ch_layout.nb_channels; i++) {
8059 st->codecpar->ch_layout.u.map[i].id = AV3A_CH_AUDIO_OBJECT;
8060 }
8061 } else {
8062 st->codecpar->ch_layout.order = AV_CHANNEL_ORDER_AMBISONIC;
8063 st->codecpar->ch_layout.nb_channels = nb_channels;
8064 }
8065
8066 return 0;
8067 }
8068 #endif
8069
8070 static const MOVParseTableEntry mov_default_parse_table[] = {
8071 { MKTAG('A','C','L','R'), mov_read_aclr },
8072 { MKTAG('A','P','R','G'), mov_read_avid },
8073 { MKTAG('A','A','L','P'), mov_read_avid },
8074 { MKTAG('A','R','E','S'), mov_read_ares },
8075 { MKTAG('a','v','s','s'), mov_read_avss },
8076 { MKTAG('a','v','1','C'), mov_read_glbl },
8077 { MKTAG('c','h','p','l'), mov_read_chpl },
8078 { MKTAG('c','o','6','4'), mov_read_stco },
8079 { MKTAG('c','o','l','r'), mov_read_colr },
8080 { MKTAG('c','t','t','s'), mov_read_ctts }, /* composition time to sample */
8081 { MKTAG('d','i','n','f'), mov_read_default },
8082 { MKTAG('D','p','x','E'), mov_read_dpxe },
8083 { MKTAG('d','r','e','f'), mov_read_dref },
8084 { MKTAG('e','d','t','s'), mov_read_default },
8085 { MKTAG('e','l','s','t'), mov_read_elst },
8086 { MKTAG('e','n','d','a'), mov_read_enda },
8087 { MKTAG('f','i','e','l'), mov_read_fiel },
8088 { MKTAG('a','d','r','m'), mov_read_adrm },
8089 { MKTAG('f','t','y','p'), mov_read_ftyp },
8090 { MKTAG('g','l','b','l'), mov_read_glbl },
8091 { MKTAG('h','d','l','r'), mov_read_hdlr },
8092 { MKTAG('i','l','s','t'), mov_read_ilst },
8093 { MKTAG('j','p','2','h'), mov_read_jp2h },
8094 { MKTAG('m','d','a','t'), mov_read_mdat },
8095 { MKTAG('m','d','h','d'), mov_read_mdhd },
8096 { MKTAG('m','d','i','a'), mov_read_default },
8097 { MKTAG('m','e','t','a'), mov_read_meta },
8098 { MKTAG('m','i','n','f'), mov_read_default },
8099 { MKTAG('m','o','o','f'), mov_read_moof },
8100 { MKTAG('m','o','o','v'), mov_read_moov },
8101 { MKTAG('m','v','e','x'), mov_read_default },
8102 { MKTAG('m','v','h','d'), mov_read_mvhd },
8103 { MKTAG('S','M','I',' '), mov_read_svq3 },
8104 { MKTAG('a','l','a','c'), mov_read_alac }, /* alac specific atom */
8105 { MKTAG('a','v','c','C'), mov_read_glbl },
8106 { MKTAG('p','a','s','p'), mov_read_pasp },
8107 { MKTAG('s','i','d','x'), mov_read_sidx },
8108 { MKTAG('s','t','b','l'), mov_read_default },
8109 { MKTAG('s','t','c','o'), mov_read_stco },
8110 { MKTAG('s','t','p','s'), mov_read_stps },
8111 { MKTAG('s','t','r','f'), mov_read_strf },
8112 { MKTAG('s','t','s','c'), mov_read_stsc },
8113 { MKTAG('s','t','s','d'), mov_read_stsd }, /* sample description */
8114 { MKTAG('s','t','s','s'), mov_read_stss }, /* sync sample */
8115 { MKTAG('s','t','s','z'), mov_read_stsz }, /* sample size */
8116 { MKTAG('s','t','t','s'), mov_read_stts },
8117 { MKTAG('s','t','z','2'), mov_read_stsz }, /* compact sample size */
8118 { MKTAG('s','d','t','p'), mov_read_sdtp }, /* independent and disposable samples */
8119 { MKTAG('t','k','h','d'), mov_read_tkhd }, /* track header */
8120 { MKTAG('t','f','d','t'), mov_read_tfdt },
8121 { MKTAG('t','f','h','d'), mov_read_tfhd }, /* track fragment header */
8122 { MKTAG('t','r','a','k'), mov_read_trak },
8123 { MKTAG('t','r','a','f'), mov_read_default },
8124 { MKTAG('t','r','e','f'), mov_read_default },
8125 { MKTAG('t','m','c','d'), mov_read_tmcd },
8126 { MKTAG('c','h','a','p'), mov_read_chap },
8127 { MKTAG('t','r','e','x'), mov_read_trex },
8128 { MKTAG('t','r','u','n'), mov_read_trun },
8129 { MKTAG('u','d','t','a'), mov_read_default },
8130 { MKTAG('w','a','v','e'), mov_read_wave },
8131 { MKTAG('e','s','d','s'), mov_read_esds },
8132 { MKTAG('d','a','c','3'), mov_read_dac3 }, /* AC-3 info */
8133 { MKTAG('d','e','c','3'), mov_read_dec3 }, /* EAC-3 info */
8134 { MKTAG('d','d','t','s'), mov_read_ddts }, /* DTS audio descriptor */
8135 { MKTAG('w','i','d','e'), mov_read_wide }, /* place holder */
8136 { MKTAG('w','f','e','x'), mov_read_wfex },
8137 { MKTAG('c','m','o','v'), mov_read_cmov },
8138 { MKTAG('c','h','a','n'), mov_read_chan }, /* channel layout */
8139 { MKTAG('d','v','c','1'), mov_read_dvc1 },
8140 { MKTAG('s','g','p','d'), mov_read_sgpd },
8141 { MKTAG('s','b','g','p'), mov_read_sbgp },
8142 { MKTAG('h','v','c','C'), mov_read_glbl },
8143 #ifdef OHOS_OPT_COMPAT
8144 { MKTAG('v','v','c','C'), mov_read_glbl },
8145 #endif
8146 { MKTAG('u','u','i','d'), mov_read_uuid },
8147 { MKTAG('C','i','n', 0x8e), mov_read_targa_y216 },
8148 { MKTAG('f','r','e','e'), mov_read_free },
8149 { MKTAG('-','-','-','-'), mov_read_custom },
8150 { MKTAG('s','i','n','f'), mov_read_default },
8151 { MKTAG('f','r','m','a'), mov_read_frma },
8152 { MKTAG('s','e','n','c'), mov_read_senc },
8153 { MKTAG('s','a','i','z'), mov_read_saiz },
8154 { MKTAG('s','a','i','o'), mov_read_saio },
8155 #ifdef OHOS_DRM
8156 { MKTAG('p','s','s','h'), mov_read_pssh_ex },
8157 #else
8158 { MKTAG('p','s','s','h'), mov_read_pssh },
8159 #endif
8160 { MKTAG('s','c','h','m'), mov_read_schm },
8161 { MKTAG('s','c','h','i'), mov_read_default },
8162 { MKTAG('t','e','n','c'), mov_read_tenc },
8163 { MKTAG('d','f','L','a'), mov_read_dfla },
8164 { MKTAG('s','t','3','d'), mov_read_st3d }, /* stereoscopic 3D video box */
8165 { MKTAG('s','v','3','d'), mov_read_sv3d }, /* spherical video box */
8166 { MKTAG('d','O','p','s'), mov_read_dops },
8167 { MKTAG('d','m','l','p'), mov_read_dmlp },
8168 { MKTAG('S','m','D','m'), mov_read_smdm },
8169 { MKTAG('C','o','L','L'), mov_read_coll },
8170 { MKTAG('v','p','c','C'), mov_read_vpcc },
8171 { MKTAG('m','d','c','v'), mov_read_mdcv },
8172 { MKTAG('c','l','l','i'), mov_read_clli },
8173 { MKTAG('d','v','c','C'), mov_read_dvcc_dvvc },
8174 { MKTAG('d','v','v','C'), mov_read_dvcc_dvvc },
8175 { MKTAG('d','v','w','C'), mov_read_dvcc_dvvc },
8176 { MKTAG('k','i','n','d'), mov_read_kind },
8177 { MKTAG('S','A','3','D'), mov_read_SA3D }, /* ambisonic audio box */
8178 { MKTAG('S','A','N','D'), mov_read_SAND }, /* non diegetic audio box */
8179 { MKTAG('i','l','o','c'), mov_read_iloc },
8180 { MKTAG('p','c','m','C'), mov_read_pcmc }, /* PCM configuration box */
8181 { MKTAG('p','i','t','m'), mov_read_pitm },
8182 #ifdef OHOS_TIMED_META_TRACK
8183 { MKTAG('c','d','s','c'), mov_read_cdsc },
8184 #endif
8185 #ifdef OHOS_AV3A_DEMUXER
8186 { MKTAG('d','c','a','3'), mov_read_dca3 },
8187 #endif
8188 { 0, NULL }
8189 };
8190
mov_read_default(MOVContext * c,AVIOContext * pb,MOVAtom atom)8191 static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom)
8192 {
8193 int64_t total_size = 0;
8194 MOVAtom a;
8195 int i;
8196
8197 if (c->atom_depth > 10) {
8198 av_log(c->fc, AV_LOG_ERROR, "Atoms too deeply nested\n");
8199 return AVERROR_INVALIDDATA;
8200 }
8201 c->atom_depth ++;
8202
8203 if (atom.size < 0)
8204 atom.size = INT64_MAX;
8205 while (total_size <= atom.size - 8) {
8206 int (*parse)(MOVContext*, AVIOContext*, MOVAtom) = NULL;
8207 a.size = avio_rb32(pb);
8208 a.type = avio_rl32(pb);
8209 if (avio_feof(pb))
8210 break;
8211 if (((a.type == MKTAG('f','r','e','e') && c->moov_retry) ||
8212 a.type == MKTAG('h','o','o','v')) &&
8213 a.size >= 8 &&
8214 c->fc->strict_std_compliance < FF_COMPLIANCE_STRICT) {
8215 uint32_t type;
8216 avio_skip(pb, 4);
8217 type = avio_rl32(pb);
8218 if (avio_feof(pb))
8219 break;
8220 avio_seek(pb, -8, SEEK_CUR);
8221 if (type == MKTAG('m','v','h','d') ||
8222 type == MKTAG('c','m','o','v')) {
8223 av_log(c->fc, AV_LOG_ERROR, "Detected moov in a free or hoov atom.\n");
8224 a.type = MKTAG('m','o','o','v');
8225 }
8226 }
8227 if (atom.type != MKTAG('r','o','o','t') &&
8228 atom.type != MKTAG('m','o','o','v')) {
8229 if (a.type == MKTAG('t','r','a','k') ||
8230 a.type == MKTAG('m','d','a','t')) {
8231 av_log(c->fc, AV_LOG_ERROR, "Broken file, trak/mdat not at top-level\n");
8232 avio_skip(pb, -8);
8233 c->atom_depth --;
8234 return 0;
8235 }
8236 }
8237 total_size += 8;
8238 if (a.size == 1 && total_size + 8 <= atom.size) { /* 64 bit extended size */
8239 a.size = avio_rb64(pb) - 8;
8240 total_size += 8;
8241 }
8242 av_log(c->fc, AV_LOG_TRACE, "type:'%s' parent:'%s' sz: %"PRId64" %"PRId64" %"PRId64"\n",
8243 av_fourcc2str(a.type), av_fourcc2str(atom.type), a.size, total_size, atom.size);
8244 if (a.size == 0) {
8245 a.size = atom.size - total_size + 8;
8246 }
8247 if (a.size < 0)
8248 break;
8249 a.size -= 8;
8250 if (a.size < 0)
8251 break;
8252 a.size = FFMIN(a.size, atom.size - total_size);
8253
8254 for (i = 0; mov_default_parse_table[i].type; i++)
8255 if (mov_default_parse_table[i].type == a.type) {
8256 parse = mov_default_parse_table[i].parse;
8257 break;
8258 }
8259
8260 // container is user data
8261 if (!parse && (atom.type == MKTAG('u','d','t','a') ||
8262 atom.type == MKTAG('i','l','s','t')))
8263 parse = mov_read_udta_string;
8264
8265 #ifdef OHOS_MOOV_LEVEL_META
8266 // support moov gnre info
8267 if (!parse && a.type == MKTAG('g','n','r','e')) {
8268 parse = mov_read_gnre;
8269 }
8270 #endif
8271
8272 // Supports parsing the QuickTime Metadata Keys.
8273 // https://developer.apple.com/library/mac/documentation/QuickTime/QTFF/Metadata/Metadata.html
8274 if (!parse && c->found_hdlr_mdta &&
8275 atom.type == MKTAG('m','e','t','a') &&
8276 a.type == MKTAG('k','e','y','s') &&
8277 c->meta_keys_count == 0) {
8278 parse = mov_read_keys;
8279 }
8280
8281 if (!parse) { /* skip leaf atoms data */
8282 avio_skip(pb, a.size);
8283 } else {
8284 int64_t start_pos = avio_tell(pb);
8285 int64_t left;
8286 int err = parse(c, pb, a);
8287 if (err < 0) {
8288 c->atom_depth --;
8289 return err;
8290 }
8291 if (c->found_moov && c->found_mdat && a.size <= INT64_MAX - start_pos &&
8292 ((!(pb->seekable & AVIO_SEEKABLE_NORMAL) || c->fc->flags & AVFMT_FLAG_IGNIDX || c->frag_index.complete) ||
8293 start_pos + a.size == avio_size(pb))) {
8294 if (!(pb->seekable & AVIO_SEEKABLE_NORMAL) || c->fc->flags & AVFMT_FLAG_IGNIDX || c->frag_index.complete)
8295 c->next_root_atom = start_pos + a.size;
8296 c->atom_depth --;
8297 return 0;
8298 }
8299 left = a.size - avio_tell(pb) + start_pos;
8300 if (left > 0) /* skip garbage at atom end */
8301 avio_skip(pb, left);
8302 else if (left < 0) {
8303 av_log(c->fc, AV_LOG_WARNING,
8304 "overread end of atom '%s' by %"PRId64" bytes\n",
8305 av_fourcc2str(a.type), -left);
8306 avio_seek(pb, left, SEEK_CUR);
8307 }
8308 }
8309
8310 total_size += a.size;
8311 }
8312
8313 if (total_size < atom.size && atom.size < 0x7ffff)
8314 avio_skip(pb, atom.size - total_size);
8315
8316 c->atom_depth --;
8317 return 0;
8318 }
8319
mov_probe(const AVProbeData * p)8320 static int mov_probe(const AVProbeData *p)
8321 {
8322 int64_t offset;
8323 uint32_t tag;
8324 int score = 0;
8325 int moov_offset = -1;
8326
8327 /* check file header */
8328 offset = 0;
8329 for (;;) {
8330 int64_t size;
8331 int minsize = 8;
8332 /* ignore invalid offset */
8333 if ((offset + 8ULL) > (unsigned int)p->buf_size)
8334 break;
8335 size = AV_RB32(p->buf + offset);
8336 if (size == 1 && offset + 16 <= (unsigned int)p->buf_size) {
8337 size = AV_RB64(p->buf+offset + 8);
8338 minsize = 16;
8339 } else if (size == 0) {
8340 size = p->buf_size - offset;
8341 }
8342 if (size < minsize) {
8343 offset += 4;
8344 continue;
8345 }
8346 tag = AV_RL32(p->buf + offset + 4);
8347 switch(tag) {
8348 /* check for obvious tags */
8349 case MKTAG('m','o','o','v'):
8350 moov_offset = offset + 4;
8351 case MKTAG('m','d','a','t'):
8352 case MKTAG('p','n','o','t'): /* detect movs with preview pics like ew.mov and april.mov */
8353 case MKTAG('u','d','t','a'): /* Packet Video PVAuthor adds this and a lot of more junk */
8354 case MKTAG('f','t','y','p'):
8355 if (tag == MKTAG('f','t','y','p') &&
8356 ( AV_RL32(p->buf + offset + 8) == MKTAG('j','p','2',' ')
8357 || AV_RL32(p->buf + offset + 8) == MKTAG('j','p','x',' ')
8358 || AV_RL32(p->buf + offset + 8) == MKTAG('j','x','l',' ')
8359 )) {
8360 score = FFMAX(score, 5);
8361 } else {
8362 score = AVPROBE_SCORE_MAX;
8363 }
8364 break;
8365 /* those are more common words, so rate then a bit less */
8366 case MKTAG('e','d','i','w'): /* xdcam files have reverted first tags */
8367 case MKTAG('w','i','d','e'):
8368 case MKTAG('f','r','e','e'):
8369 case MKTAG('j','u','n','k'):
8370 case MKTAG('p','i','c','t'):
8371 score = FFMAX(score, AVPROBE_SCORE_MAX - 5);
8372 break;
8373 case MKTAG(0x82,0x82,0x7f,0x7d):
8374 case MKTAG('s','k','i','p'):
8375 case MKTAG('u','u','i','d'):
8376 case MKTAG('p','r','f','l'):
8377 /* if we only find those cause probedata is too small at least rate them */
8378 score = FFMAX(score, AVPROBE_SCORE_EXTENSION);
8379 break;
8380 }
8381 if (size > INT64_MAX - offset)
8382 break;
8383 offset += size;
8384 }
8385 if (score > AVPROBE_SCORE_MAX - 50 && moov_offset != -1) {
8386 /* moov atom in the header - we should make sure that this is not a
8387 * MOV-packed MPEG-PS */
8388 offset = moov_offset;
8389
8390 while (offset < (p->buf_size - 16)) { /* Sufficient space */
8391 /* We found an actual hdlr atom */
8392 if (AV_RL32(p->buf + offset ) == MKTAG('h','d','l','r') &&
8393 AV_RL32(p->buf + offset + 8) == MKTAG('m','h','l','r') &&
8394 AV_RL32(p->buf + offset + 12) == MKTAG('M','P','E','G')) {
8395 av_log(NULL, AV_LOG_WARNING, "Found media data tag MPEG indicating this is a MOV-packed MPEG-PS.\n");
8396 /* We found a media handler reference atom describing an
8397 * MPEG-PS-in-MOV, return a
8398 * low score to force expanding the probe window until
8399 * mpegps_probe finds what it needs */
8400 return 5;
8401 } else {
8402 /* Keep looking */
8403 offset += 2;
8404 }
8405 }
8406 }
8407
8408 return score;
8409 }
8410
8411 // must be done after parsing all trak because there's no order requirement
mov_read_chapters(AVFormatContext * s)8412 static void mov_read_chapters(AVFormatContext *s)
8413 {
8414 MOVContext *mov = s->priv_data;
8415 MOVStreamContext *sc;
8416 int64_t cur_pos;
8417 int i, j;
8418 int chapter_track;
8419
8420 for (j = 0; j < mov->nb_chapter_tracks; j++) {
8421 AVStream *st = NULL;
8422 FFStream *sti = NULL;
8423 chapter_track = mov->chapter_tracks[j];
8424 for (i = 0; i < s->nb_streams; i++)
8425 if (s->streams[i]->id == chapter_track) {
8426 st = s->streams[i];
8427 break;
8428 }
8429 if (!st) {
8430 av_log(s, AV_LOG_ERROR, "Referenced QT chapter track not found\n");
8431 continue;
8432 }
8433 sti = ffstream(st);
8434
8435 sc = st->priv_data;
8436 cur_pos = avio_tell(sc->pb);
8437
8438 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO) {
8439 st->disposition |= AV_DISPOSITION_ATTACHED_PIC | AV_DISPOSITION_TIMED_THUMBNAILS;
8440 if (sti->nb_index_entries) {
8441 // Retrieve the first frame, if possible
8442 AVIndexEntry *sample = &sti->index_entries[0];
8443 if (avio_seek(sc->pb, sample->pos, SEEK_SET) != sample->pos) {
8444 av_log(s, AV_LOG_ERROR, "Failed to retrieve first frame\n");
8445 goto finish;
8446 }
8447
8448 if (ff_add_attached_pic(s, st, sc->pb, NULL, sample->size) < 0)
8449 goto finish;
8450 }
8451 } else {
8452 st->codecpar->codec_type = AVMEDIA_TYPE_DATA;
8453 st->codecpar->codec_id = AV_CODEC_ID_BIN_DATA;
8454 st->discard = AVDISCARD_ALL;
8455 for (int i = 0; i < sti->nb_index_entries; i++) {
8456 AVIndexEntry *sample = &sti->index_entries[i];
8457 int64_t end = i+1 < sti->nb_index_entries ? sti->index_entries[i+1].timestamp : st->duration;
8458 uint8_t *title;
8459 uint16_t ch;
8460 int len, title_len;
8461
8462 if (end < sample->timestamp) {
8463 av_log(s, AV_LOG_WARNING, "ignoring stream duration which is shorter than chapters\n");
8464 end = AV_NOPTS_VALUE;
8465 }
8466
8467 if (avio_seek(sc->pb, sample->pos, SEEK_SET) != sample->pos) {
8468 av_log(s, AV_LOG_ERROR, "Chapter %d not found in file\n", i);
8469 goto finish;
8470 }
8471
8472 // the first two bytes are the length of the title
8473 len = avio_rb16(sc->pb);
8474 if (len > sample->size-2)
8475 continue;
8476 title_len = 2*len + 1;
8477 if (!(title = av_mallocz(title_len)))
8478 goto finish;
8479
8480 // The samples could theoretically be in any encoding if there's an encd
8481 // atom following, but in practice are only utf-8 or utf-16, distinguished
8482 // instead by the presence of a BOM
8483 if (!len) {
8484 title[0] = 0;
8485 } else {
8486 ch = avio_rb16(sc->pb);
8487 if (ch == 0xfeff)
8488 avio_get_str16be(sc->pb, len, title, title_len);
8489 else if (ch == 0xfffe)
8490 avio_get_str16le(sc->pb, len, title, title_len);
8491 else {
8492 AV_WB16(title, ch);
8493 if (len == 1 || len == 2)
8494 title[len] = 0;
8495 else
8496 avio_get_str(sc->pb, INT_MAX, title + 2, len - 1);
8497 }
8498 }
8499
8500 avpriv_new_chapter(s, i, st->time_base, sample->timestamp, end, title);
8501 av_freep(&title);
8502 }
8503 }
8504 finish:
8505 avio_seek(sc->pb, cur_pos, SEEK_SET);
8506 }
8507 }
8508
parse_timecode_in_framenum_format(AVFormatContext * s,AVStream * st,int64_t value,int flags)8509 static int parse_timecode_in_framenum_format(AVFormatContext *s, AVStream *st,
8510 int64_t value, int flags)
8511 {
8512 AVTimecode tc;
8513 char buf[AV_TIMECODE_STR_SIZE];
8514 AVRational rate = st->avg_frame_rate;
8515 int ret = av_timecode_init(&tc, rate, flags, 0, s);
8516 if (ret < 0)
8517 return ret;
8518 av_dict_set(&st->metadata, "timecode",
8519 av_timecode_make_string(&tc, buf, value), 0);
8520 return 0;
8521 }
8522
mov_read_rtmd_track(AVFormatContext * s,AVStream * st)8523 static int mov_read_rtmd_track(AVFormatContext *s, AVStream *st)
8524 {
8525 MOVStreamContext *sc = st->priv_data;
8526 FFStream *const sti = ffstream(st);
8527 char buf[AV_TIMECODE_STR_SIZE];
8528 int64_t cur_pos = avio_tell(sc->pb);
8529 int hh, mm, ss, ff, drop;
8530
8531 if (!sti->nb_index_entries)
8532 return -1;
8533
8534 avio_seek(sc->pb, sti->index_entries->pos, SEEK_SET);
8535 avio_skip(s->pb, 13);
8536 hh = avio_r8(s->pb);
8537 mm = avio_r8(s->pb);
8538 ss = avio_r8(s->pb);
8539 drop = avio_r8(s->pb);
8540 ff = avio_r8(s->pb);
8541 snprintf(buf, AV_TIMECODE_STR_SIZE, "%02d:%02d:%02d%c%02d",
8542 hh, mm, ss, drop ? ';' : ':', ff);
8543 av_dict_set(&st->metadata, "timecode", buf, 0);
8544
8545 avio_seek(sc->pb, cur_pos, SEEK_SET);
8546 return 0;
8547 }
8548
mov_read_timecode_track(AVFormatContext * s,AVStream * st)8549 static int mov_read_timecode_track(AVFormatContext *s, AVStream *st)
8550 {
8551 MOVStreamContext *sc = st->priv_data;
8552 FFStream *const sti = ffstream(st);
8553 int flags = 0;
8554 int64_t cur_pos = avio_tell(sc->pb);
8555 int64_t value;
8556 AVRational tc_rate = st->avg_frame_rate;
8557 int tmcd_nb_frames = sc->tmcd_nb_frames;
8558 int rounded_tc_rate;
8559
8560 if (!sti->nb_index_entries)
8561 return -1;
8562
8563 if (!tc_rate.num || !tc_rate.den || !tmcd_nb_frames)
8564 return -1;
8565
8566 avio_seek(sc->pb, sti->index_entries->pos, SEEK_SET);
8567 value = avio_rb32(s->pb);
8568
8569 if (sc->tmcd_flags & 0x0001) flags |= AV_TIMECODE_FLAG_DROPFRAME;
8570 if (sc->tmcd_flags & 0x0002) flags |= AV_TIMECODE_FLAG_24HOURSMAX;
8571 if (sc->tmcd_flags & 0x0004) flags |= AV_TIMECODE_FLAG_ALLOWNEGATIVE;
8572
8573 /* Assume Counter flag is set to 1 in tmcd track (even though it is likely
8574 * not the case) and thus assume "frame number format" instead of QT one.
8575 * No sample with tmcd track can be found with a QT timecode at the moment,
8576 * despite what the tmcd track "suggests" (Counter flag set to 0 means QT
8577 * format). */
8578
8579 /* 60 fps content have tmcd_nb_frames set to 30 but tc_rate set to 60, so
8580 * we multiply the frame number with the quotient.
8581 * See tickets #9492, #9710. */
8582 rounded_tc_rate = (tc_rate.num + tc_rate.den / 2) / tc_rate.den;
8583 /* Work around files where tmcd_nb_frames is rounded down from frame rate
8584 * instead of up. See ticket #5978. */
8585 if (tmcd_nb_frames == tc_rate.num / tc_rate.den &&
8586 s->strict_std_compliance < FF_COMPLIANCE_STRICT)
8587 tmcd_nb_frames = rounded_tc_rate;
8588 value = av_rescale(value, rounded_tc_rate, tmcd_nb_frames);
8589
8590 parse_timecode_in_framenum_format(s, st, value, flags);
8591
8592 avio_seek(sc->pb, cur_pos, SEEK_SET);
8593 return 0;
8594 }
8595
mov_free_encryption_index(MOVEncryptionIndex ** index)8596 static void mov_free_encryption_index(MOVEncryptionIndex **index) {
8597 int i;
8598 if (!index || !*index) return;
8599 for (i = 0; i < (*index)->nb_encrypted_samples; i++) {
8600 av_encryption_info_free((*index)->encrypted_samples[i]);
8601 }
8602 av_freep(&(*index)->encrypted_samples);
8603 av_freep(&(*index)->auxiliary_info_sizes);
8604 av_freep(&(*index)->auxiliary_offsets);
8605 av_freep(index);
8606 }
8607
mov_read_close(AVFormatContext * s)8608 static int mov_read_close(AVFormatContext *s)
8609 {
8610 MOVContext *mov = s->priv_data;
8611 int i, j;
8612
8613 for (i = 0; i < s->nb_streams; i++) {
8614 AVStream *st = s->streams[i];
8615 MOVStreamContext *sc = st->priv_data;
8616
8617 #ifdef OHOS_EXPAND_MP4_INFO
8618 if (st->stts_data != NULL) {
8619 free(st->stts_data);
8620 st->stts_data = NULL;
8621 }
8622
8623 if (st->ctts_data != NULL) {
8624 free(st->ctts_data);
8625 st->ctts_data = NULL;
8626 }
8627 #endif
8628
8629 if (!sc)
8630 continue;
8631
8632 av_freep(&sc->ctts_data);
8633 for (j = 0; j < sc->drefs_count; j++) {
8634 av_freep(&sc->drefs[j].path);
8635 av_freep(&sc->drefs[j].dir);
8636 }
8637 av_freep(&sc->drefs);
8638
8639 sc->drefs_count = 0;
8640
8641 if (!sc->pb_is_copied)
8642 ff_format_io_close(s, &sc->pb);
8643
8644 sc->pb = NULL;
8645 av_freep(&sc->chunk_offsets);
8646 av_freep(&sc->stsc_data);
8647 av_freep(&sc->sample_sizes);
8648 av_freep(&sc->keyframes);
8649 av_freep(&sc->stts_data);
8650 av_freep(&sc->sdtp_data);
8651 av_freep(&sc->stps_data);
8652 av_freep(&sc->elst_data);
8653 av_freep(&sc->rap_group);
8654 av_freep(&sc->sync_group);
8655 av_freep(&sc->sgpd_sync);
8656 av_freep(&sc->sample_offsets);
8657 av_freep(&sc->open_key_samples);
8658 av_freep(&sc->display_matrix);
8659 av_freep(&sc->index_ranges);
8660
8661 if (sc->extradata)
8662 for (j = 0; j < sc->stsd_count; j++)
8663 av_free(sc->extradata[j]);
8664 av_freep(&sc->extradata);
8665 av_freep(&sc->extradata_size);
8666
8667 mov_free_encryption_index(&sc->cenc.encryption_index);
8668 av_encryption_info_free(sc->cenc.default_encrypted_sample);
8669 av_aes_ctr_free(sc->cenc.aes_ctr);
8670
8671 av_freep(&sc->stereo3d);
8672 av_freep(&sc->spherical);
8673 av_freep(&sc->mastering);
8674 av_freep(&sc->coll);
8675 }
8676
8677 av_freep(&mov->dv_demux);
8678 avformat_free_context(mov->dv_fctx);
8679 mov->dv_fctx = NULL;
8680
8681 if (mov->meta_keys) {
8682 for (i = 1; i < mov->meta_keys_count; i++) {
8683 av_freep(&mov->meta_keys[i]);
8684 }
8685 av_freep(&mov->meta_keys);
8686 }
8687
8688 av_freep(&mov->trex_data);
8689 av_freep(&mov->bitrates);
8690
8691 for (i = 0; i < mov->frag_index.nb_items; i++) {
8692 MOVFragmentStreamInfo *frag = mov->frag_index.item[i].stream_info;
8693 for (j = 0; j < mov->frag_index.item[i].nb_stream_info; j++) {
8694 mov_free_encryption_index(&frag[j].encryption_index);
8695 }
8696 av_freep(&mov->frag_index.item[i].stream_info);
8697 }
8698 av_freep(&mov->frag_index.item);
8699
8700 av_freep(&mov->aes_decrypt);
8701 av_freep(&mov->chapter_tracks);
8702
8703 return 0;
8704 }
8705
tmcd_is_referenced(AVFormatContext * s,int tmcd_id)8706 static int tmcd_is_referenced(AVFormatContext *s, int tmcd_id)
8707 {
8708 int i;
8709
8710 for (i = 0; i < s->nb_streams; i++) {
8711 AVStream *st = s->streams[i];
8712 MOVStreamContext *sc = st->priv_data;
8713
8714 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO &&
8715 sc->timecode_track == tmcd_id)
8716 return 1;
8717 }
8718 return 0;
8719 }
8720
8721 /* look for a tmcd track not referenced by any video track, and export it globally */
export_orphan_timecode(AVFormatContext * s)8722 static void export_orphan_timecode(AVFormatContext *s)
8723 {
8724 int i;
8725
8726 for (i = 0; i < s->nb_streams; i++) {
8727 AVStream *st = s->streams[i];
8728
8729 if (st->codecpar->codec_tag == MKTAG('t','m','c','d') &&
8730 !tmcd_is_referenced(s, i + 1)) {
8731 AVDictionaryEntry *tcr = av_dict_get(st->metadata, "timecode", NULL, 0);
8732 if (tcr) {
8733 av_dict_set(&s->metadata, "timecode", tcr->value, 0);
8734 break;
8735 }
8736 }
8737 }
8738 }
8739
read_tfra(MOVContext * mov,AVIOContext * f)8740 static int read_tfra(MOVContext *mov, AVIOContext *f)
8741 {
8742 int version, fieldlength, i, j;
8743 int64_t pos = avio_tell(f);
8744 uint32_t size = avio_rb32(f);
8745 unsigned track_id, item_count;
8746
8747 if (avio_rb32(f) != MKBETAG('t', 'f', 'r', 'a')) {
8748 return 1;
8749 }
8750 av_log(mov->fc, AV_LOG_VERBOSE, "found tfra\n");
8751
8752 version = avio_r8(f);
8753 avio_rb24(f);
8754 track_id = avio_rb32(f);
8755 fieldlength = avio_rb32(f);
8756 item_count = avio_rb32(f);
8757 for (i = 0; i < item_count; i++) {
8758 int64_t time, offset;
8759 int index;
8760 MOVFragmentStreamInfo * frag_stream_info;
8761
8762 if (avio_feof(f)) {
8763 return AVERROR_INVALIDDATA;
8764 }
8765
8766 if (version == 1) {
8767 time = avio_rb64(f);
8768 offset = avio_rb64(f);
8769 } else {
8770 time = avio_rb32(f);
8771 offset = avio_rb32(f);
8772 }
8773
8774 // The first sample of each stream in a fragment is always a random
8775 // access sample. So it's entry in the tfra can be used as the
8776 // initial PTS of the fragment.
8777 index = update_frag_index(mov, offset);
8778 frag_stream_info = get_frag_stream_info(&mov->frag_index, index, track_id);
8779 if (frag_stream_info &&
8780 frag_stream_info->first_tfra_pts == AV_NOPTS_VALUE)
8781 frag_stream_info->first_tfra_pts = time;
8782
8783 for (j = 0; j < ((fieldlength >> 4) & 3) + 1; j++)
8784 avio_r8(f);
8785 for (j = 0; j < ((fieldlength >> 2) & 3) + 1; j++)
8786 avio_r8(f);
8787 for (j = 0; j < ((fieldlength >> 0) & 3) + 1; j++)
8788 avio_r8(f);
8789 }
8790
8791 avio_seek(f, pos + size, SEEK_SET);
8792 return 0;
8793 }
8794
mov_read_mfra(MOVContext * c,AVIOContext * f)8795 static int mov_read_mfra(MOVContext *c, AVIOContext *f)
8796 {
8797 int64_t stream_size = avio_size(f);
8798 int64_t original_pos = avio_tell(f);
8799 int64_t seek_ret;
8800 int ret = -1;
8801 if ((seek_ret = avio_seek(f, stream_size - 4, SEEK_SET)) < 0) {
8802 ret = seek_ret;
8803 goto fail;
8804 }
8805 c->mfra_size = avio_rb32(f);
8806 c->have_read_mfra_size = 1;
8807 if (!c->mfra_size || c->mfra_size > stream_size) {
8808 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (unreasonable size)\n");
8809 goto fail;
8810 }
8811 if ((seek_ret = avio_seek(f, -((int64_t) c->mfra_size), SEEK_CUR)) < 0) {
8812 ret = seek_ret;
8813 goto fail;
8814 }
8815 if (avio_rb32(f) != c->mfra_size) {
8816 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (size mismatch)\n");
8817 goto fail;
8818 }
8819 if (avio_rb32(f) != MKBETAG('m', 'f', 'r', 'a')) {
8820 av_log(c->fc, AV_LOG_DEBUG, "doesn't look like mfra (tag mismatch)\n");
8821 goto fail;
8822 }
8823 av_log(c->fc, AV_LOG_VERBOSE, "stream has mfra\n");
8824 do {
8825 ret = read_tfra(c, f);
8826 if (ret < 0)
8827 goto fail;
8828 } while (!ret);
8829 ret = 0;
8830 c->frag_index.complete = 1;
8831 fail:
8832 seek_ret = avio_seek(f, original_pos, SEEK_SET);
8833 if (seek_ret < 0) {
8834 av_log(c->fc, AV_LOG_ERROR,
8835 "failed to seek back after looking for mfra\n");
8836 ret = seek_ret;
8837 }
8838 return ret;
8839 }
8840
mov_read_header(AVFormatContext * s)8841 static int mov_read_header(AVFormatContext *s)
8842 {
8843 MOVContext *mov = s->priv_data;
8844 AVIOContext *pb = s->pb;
8845 int j, err;
8846 MOVAtom atom = { AV_RL32("root") };
8847 int i;
8848
8849 if (mov->decryption_key_len != 0 && mov->decryption_key_len != AES_CTR_KEY_SIZE) {
8850 av_log(s, AV_LOG_ERROR, "Invalid decryption key len %d expected %d\n",
8851 mov->decryption_key_len, AES_CTR_KEY_SIZE);
8852 return AVERROR(EINVAL);
8853 }
8854
8855 mov->fc = s;
8856 mov->trak_index = -1;
8857 /* .mov and .mp4 aren't streamable anyway (only progressive download if moov is before mdat) */
8858 if (pb->seekable & AVIO_SEEKABLE_NORMAL)
8859 atom.size = avio_size(pb);
8860 else
8861 atom.size = INT64_MAX;
8862
8863 /* check MOV header */
8864 do {
8865 if (mov->moov_retry)
8866 avio_seek(pb, 0, SEEK_SET);
8867 if ((err = mov_read_default(mov, pb, atom)) < 0) {
8868 av_log(s, AV_LOG_ERROR, "error reading header\n");
8869 return err;
8870 }
8871 } while ((pb->seekable & AVIO_SEEKABLE_NORMAL) && !mov->found_moov && !mov->moov_retry++);
8872 if (!mov->found_moov) {
8873 av_log(s, AV_LOG_ERROR, "moov atom not found\n");
8874 return AVERROR_INVALIDDATA;
8875 }
8876 av_log(mov->fc, AV_LOG_TRACE, "on_parse_exit_offset=%"PRId64"\n", avio_tell(pb));
8877
8878 if (pb->seekable & AVIO_SEEKABLE_NORMAL) {
8879 if (mov->nb_chapter_tracks > 0 && !mov->ignore_chapters)
8880 mov_read_chapters(s);
8881 for (i = 0; i < s->nb_streams; i++)
8882 if (s->streams[i]->codecpar->codec_tag == AV_RL32("tmcd")) {
8883 mov_read_timecode_track(s, s->streams[i]);
8884 } else if (s->streams[i]->codecpar->codec_tag == AV_RL32("rtmd")) {
8885 mov_read_rtmd_track(s, s->streams[i]);
8886 }
8887 }
8888
8889 /* copy timecode metadata from tmcd tracks to the related video streams */
8890 for (i = 0; i < s->nb_streams; i++) {
8891 AVStream *st = s->streams[i];
8892 MOVStreamContext *sc = st->priv_data;
8893 if (sc->timecode_track > 0) {
8894 AVDictionaryEntry *tcr;
8895 int tmcd_st_id = -1;
8896
8897 for (j = 0; j < s->nb_streams; j++)
8898 if (s->streams[j]->id == sc->timecode_track)
8899 tmcd_st_id = j;
8900
8901 if (tmcd_st_id < 0 || tmcd_st_id == i)
8902 continue;
8903 tcr = av_dict_get(s->streams[tmcd_st_id]->metadata, "timecode", NULL, 0);
8904 if (tcr)
8905 av_dict_set(&st->metadata, "timecode", tcr->value, 0);
8906 }
8907 }
8908 export_orphan_timecode(s);
8909
8910 for (i = 0; i < s->nb_streams; i++) {
8911 AVStream *st = s->streams[i];
8912 FFStream *const sti = ffstream(st);
8913 MOVStreamContext *sc = st->priv_data;
8914 fix_timescale(mov, sc);
8915 if (st->codecpar->codec_type == AVMEDIA_TYPE_AUDIO &&
8916 st->codecpar->codec_id == AV_CODEC_ID_AAC) {
8917 sti->skip_samples = sc->start_pad;
8918 }
8919 if (st->codecpar->codec_type == AVMEDIA_TYPE_VIDEO && sc->nb_frames_for_fps > 0 && sc->duration_for_fps > 0)
8920 av_reduce(&st->avg_frame_rate.num, &st->avg_frame_rate.den,
8921 sc->time_scale*(int64_t)sc->nb_frames_for_fps, sc->duration_for_fps, INT_MAX);
8922 if (st->codecpar->codec_type == AVMEDIA_TYPE_SUBTITLE) {
8923 if (st->codecpar->width <= 0 || st->codecpar->height <= 0) {
8924 st->codecpar->width = sc->width;
8925 st->codecpar->height = sc->height;
8926 }
8927 if (st->codecpar->codec_id == AV_CODEC_ID_DVD_SUBTITLE) {
8928 if ((err = mov_rewrite_dvd_sub_extradata(st)) < 0)
8929 return err;
8930 }
8931 }
8932 if (mov->handbrake_version &&
8933 mov->handbrake_version <= 1000000*0 + 1000*10 + 2 && // 0.10.2
8934 st->codecpar->codec_id == AV_CODEC_ID_MP3) {
8935 av_log(s, AV_LOG_VERBOSE, "Forcing full parsing for mp3 stream\n");
8936 sti->need_parsing = AVSTREAM_PARSE_FULL;
8937 }
8938 }
8939
8940 if (mov->trex_data) {
8941 for (i = 0; i < s->nb_streams; i++) {
8942 AVStream *st = s->streams[i];
8943 MOVStreamContext *sc = st->priv_data;
8944 if (st->duration > 0) {
8945 /* Akin to sc->data_size * 8 * sc->time_scale / st->duration but accounting for overflows. */
8946 st->codecpar->bit_rate = av_rescale(sc->data_size, ((int64_t) sc->time_scale) * 8, st->duration);
8947 #ifdef OHOS_CAL_DASH_BITRATE
8948 if (sc->has_sidx == 1) {
8949 st->codecpar->bit_rate = av_rescale(sc->referenced_size, ((int64_t) sc->time_scale) * 8, st->duration);
8950 }
8951 #endif
8952 if (st->codecpar->bit_rate == INT64_MIN) {
8953 av_log(s, AV_LOG_WARNING, "Overflow during bit rate calculation %"PRId64" * 8 * %d\n",
8954 sc->data_size, sc->time_scale);
8955 st->codecpar->bit_rate = 0;
8956 if (s->error_recognition & AV_EF_EXPLODE)
8957 return AVERROR_INVALIDDATA;
8958 }
8959 }
8960 }
8961 }
8962
8963 if (mov->use_mfra_for > 0) {
8964 for (i = 0; i < s->nb_streams; i++) {
8965 AVStream *st = s->streams[i];
8966 MOVStreamContext *sc = st->priv_data;
8967 if (sc->duration_for_fps > 0) {
8968 /* Akin to sc->data_size * 8 * sc->time_scale / sc->duration_for_fps but accounting for overflows. */
8969 st->codecpar->bit_rate = av_rescale(sc->data_size, ((int64_t) sc->time_scale) * 8, sc->duration_for_fps);
8970 if (st->codecpar->bit_rate == INT64_MIN) {
8971 av_log(s, AV_LOG_WARNING, "Overflow during bit rate calculation %"PRId64" * 8 * %d\n",
8972 sc->data_size, sc->time_scale);
8973 st->codecpar->bit_rate = 0;
8974 if (s->error_recognition & AV_EF_EXPLODE)
8975 return AVERROR_INVALIDDATA;
8976 }
8977 }
8978 }
8979 }
8980
8981 for (i = 0; i < mov->bitrates_count && i < s->nb_streams; i++) {
8982 if (mov->bitrates[i]) {
8983 s->streams[i]->codecpar->bit_rate = mov->bitrates[i];
8984 }
8985 }
8986
8987 ff_rfps_calculate(s);
8988
8989 for (i = 0; i < s->nb_streams; i++) {
8990 AVStream *st = s->streams[i];
8991 MOVStreamContext *sc = st->priv_data;
8992
8993 switch (st->codecpar->codec_type) {
8994 case AVMEDIA_TYPE_AUDIO:
8995 err = ff_replaygain_export(st, s->metadata);
8996 if (err < 0)
8997 return err;
8998 break;
8999 case AVMEDIA_TYPE_VIDEO:
9000 if (sc->display_matrix) {
9001 err = av_stream_add_side_data(st, AV_PKT_DATA_DISPLAYMATRIX, (uint8_t*)sc->display_matrix,
9002 sizeof(int32_t) * 9);
9003 if (err < 0)
9004 return err;
9005
9006 sc->display_matrix = NULL;
9007 }
9008 if (sc->stereo3d) {
9009 err = av_stream_add_side_data(st, AV_PKT_DATA_STEREO3D,
9010 (uint8_t *)sc->stereo3d,
9011 sizeof(*sc->stereo3d));
9012 if (err < 0)
9013 return err;
9014
9015 sc->stereo3d = NULL;
9016 }
9017 if (sc->spherical) {
9018 err = av_stream_add_side_data(st, AV_PKT_DATA_SPHERICAL,
9019 (uint8_t *)sc->spherical,
9020 sc->spherical_size);
9021 if (err < 0)
9022 return err;
9023
9024 sc->spherical = NULL;
9025 }
9026 if (sc->mastering) {
9027 err = av_stream_add_side_data(st, AV_PKT_DATA_MASTERING_DISPLAY_METADATA,
9028 (uint8_t *)sc->mastering,
9029 sizeof(*sc->mastering));
9030 if (err < 0)
9031 return err;
9032
9033 sc->mastering = NULL;
9034 }
9035 if (sc->coll) {
9036 err = av_stream_add_side_data(st, AV_PKT_DATA_CONTENT_LIGHT_LEVEL,
9037 (uint8_t *)sc->coll,
9038 sc->coll_size);
9039 if (err < 0)
9040 return err;
9041
9042 sc->coll = NULL;
9043 }
9044 break;
9045 }
9046 }
9047 ff_configure_buffers_for_index(s, AV_TIME_BASE);
9048
9049 for (i = 0; i < mov->frag_index.nb_items; i++)
9050 if (mov->frag_index.item[i].moof_offset <= mov->fragment.moof_offset)
9051 mov->frag_index.item[i].headers_read = 1;
9052
9053 return 0;
9054 }
9055
mov_find_next_sample(AVFormatContext * s,AVStream ** st)9056 static AVIndexEntry *mov_find_next_sample(AVFormatContext *s, AVStream **st)
9057 {
9058 AVIndexEntry *sample = NULL;
9059 int64_t best_dts = INT64_MAX;
9060 int i;
9061 for (i = 0; i < s->nb_streams; i++) {
9062 AVStream *avst = s->streams[i];
9063 FFStream *const avsti = ffstream(avst);
9064 MOVStreamContext *msc = avst->priv_data;
9065 if (msc->pb && msc->current_sample < avsti->nb_index_entries) {
9066 AVIndexEntry *current_sample = &avsti->index_entries[msc->current_sample];
9067 int64_t dts = av_rescale(current_sample->timestamp, AV_TIME_BASE, msc->time_scale);
9068 uint64_t dtsdiff = best_dts > dts ? best_dts - (uint64_t)dts : ((uint64_t)dts - best_dts);
9069 av_log(s, AV_LOG_TRACE, "stream %d, sample %d, dts %"PRId64"\n", i, msc->current_sample, dts);
9070 if (!sample || (!(s->pb->seekable & AVIO_SEEKABLE_NORMAL) && current_sample->pos < sample->pos) ||
9071 ((s->pb->seekable & AVIO_SEEKABLE_NORMAL) &&
9072 ((msc->pb != s->pb && dts < best_dts) || (msc->pb == s->pb && dts != AV_NOPTS_VALUE &&
9073 ((dtsdiff <= AV_TIME_BASE && current_sample->pos < sample->pos) ||
9074 (dtsdiff > AV_TIME_BASE && dts < best_dts)))))) {
9075 sample = current_sample;
9076 best_dts = dts;
9077 *st = avst;
9078 }
9079 }
9080 }
9081 return sample;
9082 }
9083
should_retry(AVIOContext * pb,int error_code)9084 static int should_retry(AVIOContext *pb, int error_code) {
9085 if (error_code == AVERROR_EOF || avio_feof(pb))
9086 return 0;
9087
9088 return 1;
9089 }
9090
mov_switch_root(AVFormatContext * s,int64_t target,int index)9091 static int mov_switch_root(AVFormatContext *s, int64_t target, int index)
9092 {
9093 int ret;
9094 MOVContext *mov = s->priv_data;
9095
9096 if (index >= 0 && index < mov->frag_index.nb_items)
9097 target = mov->frag_index.item[index].moof_offset;
9098 if (avio_seek(s->pb, target, SEEK_SET) != target) {
9099 av_log(mov->fc, AV_LOG_ERROR, "root atom offset 0x%"PRIx64": partial file\n", target);
9100 return AVERROR_INVALIDDATA;
9101 }
9102
9103 mov->next_root_atom = 0;
9104 if (index < 0 || index >= mov->frag_index.nb_items)
9105 index = search_frag_moof_offset(&mov->frag_index, target);
9106 if (index < mov->frag_index.nb_items &&
9107 mov->frag_index.item[index].moof_offset == target) {
9108 if (index + 1 < mov->frag_index.nb_items)
9109 mov->next_root_atom = mov->frag_index.item[index + 1].moof_offset;
9110 if (mov->frag_index.item[index].headers_read)
9111 return 0;
9112 mov->frag_index.item[index].headers_read = 1;
9113 }
9114
9115 mov->found_mdat = 0;
9116
9117 ret = mov_read_default(mov, s->pb, (MOVAtom){ AV_RL32("root"), INT64_MAX });
9118 if (ret < 0)
9119 return ret;
9120 if (avio_feof(s->pb))
9121 return AVERROR_EOF;
9122 av_log(s, AV_LOG_TRACE, "read fragments, offset 0x%"PRIx64"\n", avio_tell(s->pb));
9123
9124 return 1;
9125 }
9126
mov_change_extradata(MOVStreamContext * sc,AVPacket * pkt)9127 static int mov_change_extradata(MOVStreamContext *sc, AVPacket *pkt)
9128 {
9129 uint8_t *side, *extradata;
9130 int extradata_size;
9131
9132 /* Save the current index. */
9133 sc->last_stsd_index = sc->stsc_data[sc->stsc_index].id - 1;
9134
9135 /* Notify the decoder that extradata changed. */
9136 extradata_size = sc->extradata_size[sc->last_stsd_index];
9137 extradata = sc->extradata[sc->last_stsd_index];
9138 if (extradata_size > 0 && extradata) {
9139 side = av_packet_new_side_data(pkt,
9140 AV_PKT_DATA_NEW_EXTRADATA,
9141 extradata_size);
9142 if (!side)
9143 return AVERROR(ENOMEM);
9144 memcpy(side, extradata, extradata_size);
9145 }
9146
9147 return 0;
9148 }
9149
get_eia608_packet(AVIOContext * pb,AVPacket * pkt,int size)9150 static int get_eia608_packet(AVIOContext *pb, AVPacket *pkt, int size)
9151 {
9152 int new_size, ret;
9153
9154 if (size <= 8)
9155 return AVERROR_INVALIDDATA;
9156 new_size = ((size - 8) / 2) * 3;
9157 ret = av_new_packet(pkt, new_size);
9158 if (ret < 0)
9159 return ret;
9160
9161 avio_skip(pb, 8);
9162 for (int j = 0; j < new_size; j += 3) {
9163 pkt->data[j] = 0xFC;
9164 pkt->data[j+1] = avio_r8(pb);
9165 pkt->data[j+2] = avio_r8(pb);
9166 }
9167
9168 return 0;
9169 }
9170
mov_read_packet(AVFormatContext * s,AVPacket * pkt)9171 static int mov_read_packet(AVFormatContext *s, AVPacket *pkt)
9172 {
9173 MOVContext *mov = s->priv_data;
9174 MOVStreamContext *sc;
9175 AVIndexEntry *sample;
9176 AVStream *st = NULL;
9177 int64_t current_index;
9178 int ret;
9179 mov->fc = s;
9180 retry:
9181 sample = mov_find_next_sample(s, &st);
9182 if (!sample || (mov->next_root_atom && sample->pos > mov->next_root_atom)) {
9183 if (!mov->next_root_atom)
9184 return AVERROR_EOF;
9185 if ((ret = mov_switch_root(s, mov->next_root_atom, -1)) < 0)
9186 return ret;
9187 goto retry;
9188 }
9189 sc = st->priv_data;
9190 /* must be done just before reading, to avoid infinite loop on sample */
9191 current_index = sc->current_index;
9192 mov_current_sample_inc(sc);
9193
9194 if (mov->next_root_atom) {
9195 sample->pos = FFMIN(sample->pos, mov->next_root_atom);
9196 sample->size = FFMIN(sample->size, (mov->next_root_atom - sample->pos));
9197 }
9198
9199 if (st->discard != AVDISCARD_ALL) {
9200 int64_t ret64 = avio_seek(sc->pb, sample->pos, SEEK_SET);
9201 if (ret64 != sample->pos) {
9202 av_log(mov->fc, AV_LOG_ERROR, "stream %d, offset 0x%"PRIx64": partial file\n",
9203 sc->ffindex, sample->pos);
9204 if (should_retry(sc->pb, ret64)) {
9205 mov_current_sample_dec(sc);
9206 } else if (ret64 < 0) {
9207 return (int)ret64;
9208 }
9209 return AVERROR_INVALIDDATA;
9210 }
9211
9212 if (st->discard == AVDISCARD_NONKEY && !(sample->flags & AVINDEX_KEYFRAME)) {
9213 av_log(mov->fc, AV_LOG_DEBUG, "Nonkey frame from stream %d discarded due to AVDISCARD_NONKEY\n", sc->ffindex);
9214 goto retry;
9215 }
9216
9217 if (st->codecpar->codec_id == AV_CODEC_ID_EIA_608 && sample->size > 8)
9218 ret = get_eia608_packet(sc->pb, pkt, sample->size);
9219 else
9220 ret = av_get_packet(sc->pb, pkt, sample->size);
9221 if (ret < 0) {
9222 if (should_retry(sc->pb, ret)) {
9223 mov_current_sample_dec(sc);
9224 }
9225 return ret;
9226 }
9227 #ifdef OHOS_SUBTITLE_DEMUXER
9228 if (st->codecpar->codec_id == AV_CODEC_ID_WEBVTT) {
9229 if (pkt->size >= 8) {
9230 uint32_t type = AV_RL32(pkt->data + 4);
9231 int payload_size = pkt->size - 8;
9232 if (type == MKTAG('v', 't', 't', 'e')) {
9233 pkt->size = 0;
9234 } else if (type == MKTAG('v', 't', 't', 'c')) {
9235 uint8_t *payload_data = pkt->data + 8;
9236 while (payload_size >= 8) {
9237 int64_t temp_size = AV_RB32(payload_data);
9238 uint32_t temp_type = AV_RL32(payload_data + 4);
9239 if (temp_type == MKTAG('p', 'a', 'y', 'l')) {
9240 payload_data += 8;
9241 payload_size -= 8;
9242 int move_size = payload_size;
9243 if (pkt->size < move_size) {
9244 move_size = pkt->size;
9245 }
9246 memmove(pkt->data, payload_data, move_size);
9247 pkt->size = payload_size;
9248 pkt->data[pkt->size] = '\0';
9249 break;
9250 } else {
9251 if (temp_size > payload_size) {
9252 break;
9253 }
9254 payload_data += temp_size;
9255 payload_size -= temp_size;
9256 }
9257 }
9258 }
9259 }
9260 }
9261 #endif
9262 #if CONFIG_DV_DEMUXER
9263 if (mov->dv_demux && sc->dv_audio_container) {
9264 ret = avpriv_dv_produce_packet(mov->dv_demux, pkt, pkt->data, pkt->size, pkt->pos);
9265 av_packet_unref(pkt);
9266 if (ret < 0)
9267 return ret;
9268 ret = avpriv_dv_get_packet(mov->dv_demux, pkt);
9269 if (ret < 0)
9270 return ret;
9271 }
9272 #endif
9273 if (sc->has_palette) {
9274 uint8_t *pal;
9275
9276 pal = av_packet_new_side_data(pkt, AV_PKT_DATA_PALETTE, AVPALETTE_SIZE);
9277 if (!pal) {
9278 av_log(mov->fc, AV_LOG_ERROR, "Cannot append palette to packet\n");
9279 } else {
9280 memcpy(pal, sc->palette, AVPALETTE_SIZE);
9281 sc->has_palette = 0;
9282 }
9283 }
9284 if (st->codecpar->codec_id == AV_CODEC_ID_MP3 && !ffstream(st)->need_parsing && pkt->size > 4) {
9285 if (ff_mpa_check_header(AV_RB32(pkt->data)) < 0)
9286 ffstream(st)->need_parsing = AVSTREAM_PARSE_FULL;
9287 }
9288 }
9289
9290 pkt->stream_index = sc->ffindex;
9291 pkt->dts = sample->timestamp;
9292 if (sample->flags & AVINDEX_DISCARD_FRAME) {
9293 pkt->flags |= AV_PKT_FLAG_DISCARD;
9294 }
9295 if (sc->ctts_data && sc->ctts_index < sc->ctts_count) {
9296 pkt->pts = pkt->dts + sc->dts_shift + sc->ctts_data[sc->ctts_index].duration;
9297 /* update ctts context */
9298 sc->ctts_sample++;
9299 if (sc->ctts_index < sc->ctts_count &&
9300 sc->ctts_data[sc->ctts_index].count == sc->ctts_sample) {
9301 sc->ctts_index++;
9302 sc->ctts_sample = 0;
9303 }
9304 } else {
9305 int64_t next_dts = (sc->current_sample < ffstream(st)->nb_index_entries) ?
9306 ffstream(st)->index_entries[sc->current_sample].timestamp : st->duration;
9307
9308 if (next_dts >= pkt->dts)
9309 pkt->duration = next_dts - pkt->dts;
9310 pkt->pts = pkt->dts;
9311 }
9312 if (st->discard == AVDISCARD_ALL)
9313 goto retry;
9314 if (sc->sdtp_data && sc->current_sample <= sc->sdtp_count) {
9315 uint8_t sample_flags = sc->sdtp_data[sc->current_sample - 1];
9316 uint8_t sample_is_depended_on = (sample_flags >> 2) & 0x3;
9317 pkt->flags |= sample_is_depended_on == MOV_SAMPLE_DEPENDENCY_NO ? AV_PKT_FLAG_DISPOSABLE : 0;
9318 }
9319 pkt->flags |= sample->flags & AVINDEX_KEYFRAME ? AV_PKT_FLAG_KEY : 0;
9320 pkt->pos = sample->pos;
9321
9322 /* Multiple stsd handling. */
9323 if (sc->stsc_data) {
9324 if (sc->stsc_data[sc->stsc_index].id > 0 &&
9325 sc->stsc_data[sc->stsc_index].id - 1 < sc->stsd_count &&
9326 sc->stsc_data[sc->stsc_index].id - 1 != sc->last_stsd_index) {
9327 ret = mov_change_extradata(sc, pkt);
9328 if (ret < 0)
9329 return ret;
9330 }
9331
9332 /* Update the stsc index for the next sample */
9333 sc->stsc_sample++;
9334 if (mov_stsc_index_valid(sc->stsc_index, sc->stsc_count) &&
9335 mov_get_stsc_samples(sc, sc->stsc_index) == sc->stsc_sample) {
9336 sc->stsc_index++;
9337 sc->stsc_sample = 0;
9338 }
9339 }
9340
9341 if (mov->aax_mode)
9342 aax_filter(pkt->data, pkt->size, mov);
9343
9344 ret = cenc_filter(mov, st, sc, pkt, current_index);
9345 if (ret < 0) {
9346 return ret;
9347 }
9348
9349 return 0;
9350 }
9351
mov_seek_fragment(AVFormatContext * s,AVStream * st,int64_t timestamp)9352 static int mov_seek_fragment(AVFormatContext *s, AVStream *st, int64_t timestamp)
9353 {
9354 MOVContext *mov = s->priv_data;
9355 int index;
9356
9357 if (!mov->frag_index.complete)
9358 return 0;
9359
9360 index = search_frag_timestamp(&mov->frag_index, st, timestamp);
9361 if (index < 0)
9362 index = 0;
9363 if (!mov->frag_index.item[index].headers_read)
9364 return mov_switch_root(s, -1, index);
9365 if (index + 1 < mov->frag_index.nb_items)
9366 mov->next_root_atom = mov->frag_index.item[index + 1].moof_offset;
9367
9368 return 0;
9369 }
9370
is_open_key_sample(const MOVStreamContext * sc,int sample)9371 static int is_open_key_sample(const MOVStreamContext *sc, int sample)
9372 {
9373 // TODO: a bisect search would scale much better
9374 for (int i = 0; i < sc->open_key_samples_count; i++) {
9375 const int oks = sc->open_key_samples[i];
9376 if (oks == sample)
9377 return 1;
9378 if (oks > sample) /* list is monotically increasing so we can stop early */
9379 break;
9380 }
9381 return 0;
9382 }
9383
9384 /*
9385 * Some key sample may be key frames but not IDR frames, so a random access to
9386 * them may not be allowed.
9387 */
can_seek_to_key_sample(AVStream * st,int sample,int64_t requested_pts)9388 static int can_seek_to_key_sample(AVStream *st, int sample, int64_t requested_pts)
9389 {
9390 MOVStreamContext *sc = st->priv_data;
9391 FFStream *const sti = ffstream(st);
9392 int64_t key_sample_dts, key_sample_pts;
9393
9394 if (st->codecpar->codec_id != AV_CODEC_ID_HEVC)
9395 return 1;
9396
9397 if (sample >= sc->sample_offsets_count)
9398 return 1;
9399
9400 key_sample_dts = sti->index_entries[sample].timestamp;
9401 key_sample_pts = key_sample_dts + sc->sample_offsets[sample] + sc->dts_shift;
9402
9403 /*
9404 * If the sample needs to be presented before an open key sample, they may
9405 * not be decodable properly, even though they come after in decoding
9406 * order.
9407 */
9408 if (is_open_key_sample(sc, sample) && key_sample_pts > requested_pts)
9409 return 0;
9410
9411 return 1;
9412 }
9413
mov_seek_stream(AVFormatContext * s,AVStream * st,int64_t timestamp,int flags)9414 static int mov_seek_stream(AVFormatContext *s, AVStream *st, int64_t timestamp, int flags)
9415 {
9416 MOVStreamContext *sc = st->priv_data;
9417 FFStream *const sti = ffstream(st);
9418 int sample, time_sample, ret;
9419 unsigned int i;
9420
9421 // Here we consider timestamp to be PTS, hence try to offset it so that we
9422 // can search over the DTS timeline.
9423 timestamp -= (sc->min_corrected_pts + sc->dts_shift);
9424
9425 ret = mov_seek_fragment(s, st, timestamp);
9426 if (ret < 0)
9427 return ret;
9428
9429 for (;;) {
9430 sample = av_index_search_timestamp(st, timestamp, flags);
9431 av_log(s, AV_LOG_TRACE, "stream %d, timestamp %"PRId64", sample %d\n", st->index, timestamp, sample);
9432 if (sample < 0 && sti->nb_index_entries && timestamp < sti->index_entries[0].timestamp)
9433 sample = 0;
9434 if (sample < 0) /* not sure what to do */
9435 return AVERROR_INVALIDDATA;
9436
9437 if (!sample || can_seek_to_key_sample(st, sample, timestamp))
9438 break;
9439 timestamp -= FFMAX(sc->min_sample_duration, 1);
9440 }
9441
9442 mov_current_sample_set(sc, sample);
9443 av_log(s, AV_LOG_TRACE, "stream %d, found sample %d\n", st->index, sc->current_sample);
9444 /* adjust ctts index */
9445 if (sc->ctts_data) {
9446 time_sample = 0;
9447 for (i = 0; i < sc->ctts_count; i++) {
9448 int next = time_sample + sc->ctts_data[i].count;
9449 if (next > sc->current_sample) {
9450 sc->ctts_index = i;
9451 sc->ctts_sample = sc->current_sample - time_sample;
9452 break;
9453 }
9454 time_sample = next;
9455 }
9456 }
9457
9458 /* adjust stsd index */
9459 if (sc->chunk_count) {
9460 time_sample = 0;
9461 for (i = 0; i < sc->stsc_count; i++) {
9462 int64_t next = time_sample + mov_get_stsc_samples(sc, i);
9463 if (next > sc->current_sample) {
9464 sc->stsc_index = i;
9465 sc->stsc_sample = sc->current_sample - time_sample;
9466 break;
9467 }
9468 av_assert0(next == (int)next);
9469 time_sample = next;
9470 }
9471 }
9472
9473 return sample;
9474 }
9475
mov_get_skip_samples(AVStream * st,int sample)9476 static int64_t mov_get_skip_samples(AVStream *st, int sample)
9477 {
9478 MOVStreamContext *sc = st->priv_data;
9479 FFStream *const sti = ffstream(st);
9480 int64_t first_ts = sti->index_entries[0].timestamp;
9481 int64_t ts = sti->index_entries[sample].timestamp;
9482 int64_t off;
9483
9484 if (st->codecpar->codec_type != AVMEDIA_TYPE_AUDIO)
9485 return 0;
9486
9487 /* compute skip samples according to stream start_pad, seek ts and first ts */
9488 off = av_rescale_q(ts - first_ts, st->time_base,
9489 (AVRational){1, st->codecpar->sample_rate});
9490 return FFMAX(sc->start_pad - off, 0);
9491 }
9492
mov_read_seek(AVFormatContext * s,int stream_index,int64_t sample_time,int flags)9493 static int mov_read_seek(AVFormatContext *s, int stream_index, int64_t sample_time, int flags)
9494 {
9495 MOVContext *mc = s->priv_data;
9496 AVStream *st;
9497 FFStream *sti;
9498 int sample;
9499 int i;
9500
9501 if (stream_index >= s->nb_streams)
9502 return AVERROR_INVALIDDATA;
9503
9504 st = s->streams[stream_index];
9505 sti = ffstream(st);
9506 sample = mov_seek_stream(s, st, sample_time, flags);
9507 if (sample < 0)
9508 return sample;
9509
9510 if (mc->seek_individually) {
9511 /* adjust seek timestamp to found sample timestamp */
9512 int64_t seek_timestamp = sti->index_entries[sample].timestamp;
9513 sti->skip_samples = mov_get_skip_samples(st, sample);
9514
9515 for (i = 0; i < s->nb_streams; i++) {
9516 AVStream *const st = s->streams[i];
9517 FFStream *const sti = ffstream(st);
9518 int64_t timestamp;
9519
9520 if (stream_index == i)
9521 continue;
9522
9523 timestamp = av_rescale_q(seek_timestamp, s->streams[stream_index]->time_base, st->time_base);
9524 sample = mov_seek_stream(s, st, timestamp, flags);
9525 if (sample >= 0)
9526 sti->skip_samples = mov_get_skip_samples(st, sample);
9527 }
9528 } else {
9529 for (i = 0; i < s->nb_streams; i++) {
9530 MOVStreamContext *sc;
9531 st = s->streams[i];
9532 sc = st->priv_data;
9533 mov_current_sample_set(sc, 0);
9534 }
9535 while (1) {
9536 MOVStreamContext *sc;
9537 AVIndexEntry *entry = mov_find_next_sample(s, &st);
9538 if (!entry)
9539 return AVERROR_INVALIDDATA;
9540 sc = st->priv_data;
9541 if (sc->ffindex == stream_index && sc->current_sample == sample)
9542 break;
9543 mov_current_sample_inc(sc);
9544 }
9545 }
9546 return 0;
9547 }
9548
9549 #define OFFSET(x) offsetof(MOVContext, x)
9550 #define FLAGS AV_OPT_FLAG_VIDEO_PARAM | AV_OPT_FLAG_DECODING_PARAM
9551 static const AVOption mov_options[] = {
9552 {"use_absolute_path",
9553 "allow using absolute path when opening alias, this is a possible security issue",
9554 OFFSET(use_absolute_path), AV_OPT_TYPE_BOOL, {.i64 = 0},
9555 0, 1, FLAGS},
9556 {"seek_streams_individually",
9557 "Seek each stream individually to the closest point",
9558 OFFSET(seek_individually), AV_OPT_TYPE_BOOL, { .i64 = 1 },
9559 0, 1, FLAGS},
9560 {"ignore_editlist", "Ignore the edit list atom.", OFFSET(ignore_editlist), AV_OPT_TYPE_BOOL, {.i64 = 0},
9561 0, 1, FLAGS},
9562 {"advanced_editlist",
9563 "Modify the AVIndex according to the editlists. Use this option to decode in the order specified by the edits.",
9564 OFFSET(advanced_editlist), AV_OPT_TYPE_BOOL, {.i64 = 1},
9565 0, 1, FLAGS},
9566 {"ignore_chapters", "", OFFSET(ignore_chapters), AV_OPT_TYPE_BOOL, {.i64 = 0},
9567 0, 1, FLAGS},
9568 {"use_mfra_for",
9569 "use mfra for fragment timestamps",
9570 OFFSET(use_mfra_for), AV_OPT_TYPE_INT, {.i64 = FF_MOV_FLAG_MFRA_AUTO},
9571 -1, FF_MOV_FLAG_MFRA_PTS, FLAGS,
9572 "use_mfra_for"},
9573 {"auto", "auto", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_AUTO}, 0, 0,
9574 FLAGS, "use_mfra_for" },
9575 {"dts", "dts", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_DTS}, 0, 0,
9576 FLAGS, "use_mfra_for" },
9577 {"pts", "pts", 0, AV_OPT_TYPE_CONST, {.i64 = FF_MOV_FLAG_MFRA_PTS}, 0, 0,
9578 FLAGS, "use_mfra_for" },
9579 {"use_tfdt", "use tfdt for fragment timestamps", OFFSET(use_tfdt), AV_OPT_TYPE_BOOL, {.i64 = 1},
9580 0, 1, FLAGS},
9581 { "export_all", "Export unrecognized metadata entries", OFFSET(export_all),
9582 AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, .flags = FLAGS },
9583 { "export_xmp", "Export full XMP metadata", OFFSET(export_xmp),
9584 AV_OPT_TYPE_BOOL, { .i64 = 0 }, 0, 1, .flags = FLAGS },
9585 { "activation_bytes", "Secret bytes for Audible AAX files", OFFSET(activation_bytes),
9586 AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
9587 { "audible_key", "AES-128 Key for Audible AAXC files", OFFSET(audible_key),
9588 AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
9589 { "audible_iv", "AES-128 IV for Audible AAXC files", OFFSET(audible_iv),
9590 AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
9591 { "audible_fixed_key", // extracted from libAAX_SDK.so and AAXSDKWin.dll files!
9592 "Fixed key used for handling Audible AAX files", OFFSET(audible_fixed_key),
9593 AV_OPT_TYPE_BINARY, {.str="77214d4b196a87cd520045fd20a51d67"},
9594 .flags = AV_OPT_FLAG_DECODING_PARAM },
9595 { "decryption_key", "The media decryption key (hex)", OFFSET(decryption_key), AV_OPT_TYPE_BINARY, .flags = AV_OPT_FLAG_DECODING_PARAM },
9596 { "enable_drefs", "Enable external track support.", OFFSET(enable_drefs), AV_OPT_TYPE_BOOL,
9597 {.i64 = 0}, 0, 1, FLAGS },
9598 { "max_stts_delta", "treat offsets above this value as invalid", OFFSET(max_stts_delta), AV_OPT_TYPE_INT, {.i64 = UINT_MAX-48000*10 }, 0, UINT_MAX, .flags = AV_OPT_FLAG_DECODING_PARAM },
9599
9600 { NULL },
9601 };
9602
9603 static const AVClass mov_class = {
9604 .class_name = "mov,mp4,m4a,3gp,3g2,mj2",
9605 .item_name = av_default_item_name,
9606 .option = mov_options,
9607 .version = LIBAVUTIL_VERSION_INT,
9608 };
9609
9610 const AVInputFormat ff_mov_demuxer = {
9611 .name = "mov,mp4,m4a,3gp,3g2,mj2",
9612 .long_name = NULL_IF_CONFIG_SMALL("QuickTime / MOV"),
9613 .priv_class = &mov_class,
9614 .priv_data_size = sizeof(MOVContext),
9615 .extensions = "mov,mp4,m4a,3gp,3g2,mj2,psp,m4b,ism,ismv,isma,f4v,avif",
9616 .flags_internal = FF_FMT_INIT_CLEANUP,
9617 .read_probe = mov_probe,
9618 .read_header = mov_read_header,
9619 .read_packet = mov_read_packet,
9620 .read_close = mov_read_close,
9621 .read_seek = mov_read_seek,
9622 .flags = AVFMT_NO_BYTE_SEEK | AVFMT_SEEK_TO_PTS | AVFMT_SHOW_IDS,
9623 };