Roll ffmpeg DEPS and fix additional ubsan issues.

This change enables AV_EF_EXPLODE such that all serious errors
encountered during demuxing are fatal. Previously ffmpeg would
try to ignore these in some cases; leading to ubsan or other
issues. Specifically crbug.com/698524 and crbug.com/710791.

Due to the removal of the speex parser from ogg, there is one
test that needs updating with the roll too.

https://chromium.googlesource.com/chromium/third_party/ffmpeg.git/+log/1e816bccb5ff..252244150ad7

$ git log 1e816bccb..252244150 --date=short --no-merges --format='%ad %ae %s'
2017-11-17 dalecurtis [mpeg4video] Fix undefined shift on assumed 8-bit input.
2017-11-17 dalecurtis Disable unused ogg codec parsers; they have bugs we don't care about.
2017-11-17 dalecurtis Use ff_thread_once for fixed, float table init.
2017-11-17 dalecurtis Fixup some patches messages.
2017-11-17 dalecurtis [mov] Fix leak of frame_duration_buffer in mov_fix_index().
2017-11-17 dalecurtis Prevent undefined shift with wrap_bits >= 63.
2017-11-15 hubbe avformat/mov: Check size of STSC allocation
2017-11-17 jstebbins [PATCH] lavf/mov: don't read outside frag_index bounds

Created with:
  roll-dep src/third_party/ffmpeg

BUG=786269,782074,783459,784159,654612,779924,710791,698524
TEST=security test cases no longer fail.

Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: Ibbf3c32080705d6484682351a351663c51a7f752
Reviewed-on: https://chromium-review.googlesource.com/777408
Commit-Queue: Dale Curtis <dalecurtis@chromium.org>
Reviewed-by: Dan Sanders <sandersd@chromium.org>
Cr-Commit-Position: refs/heads/master@{#517709}

DEPS

@@ -330,7 +330,7 @@ deps = {
   },
 
   'src/third_party/ffmpeg':
-    Var('chromium_git') + '/chromium/third_party/ffmpeg.git' + '@' + '1e816bccb5ff0b778ab2765b4fa8b888a121a200',
+    Var('chromium_git') + '/chromium/third_party/ffmpeg.git' + '@' + '252244150ad759fe86470f40642514bf2a7aec98',
 
   'src/third_party/findbugs': {
       'url': Var('chromium_git') + '/chromium/deps/findbugs.git' + '@' + '4275d9ac8610db6b1bc9a5e887f97e41b33fac67',

media/filters/ffmpeg_demuxer_unittest.cc

@@ -1237,7 +1237,8 @@ TEST_F(FFmpegDemuxerTest, Mp3WithVideoStreamID3TagData) {
 #endif
 
 // Ensure a video with an unsupported audio track still results in the video
-// stream being demuxed.
+// stream being demuxed. Because we disable the speex parser for ogg, the audio
+// track won't even show up to the demuxer.
 //
 // Android has no Theora support, so this test doesn't work.
 #if !defined(OS_ANDROID)
@@ -1245,8 +1246,6 @@ TEST_F(FFmpegDemuxerTest, UnsupportedAudioSupportedVideoDemux) {
   CreateDemuxerWithStrictMediaLog("speex_audio_vorbis_video.ogv");
 
   EXPECT_MEDIA_LOG(SimpleCreatedFFmpegDemuxerStream("video"));
-  EXPECT_MEDIA_LOG(FailedToCreateValidDecoderConfigFromStream("audio"));
-  EXPECT_MEDIA_LOG(SkippingUnsupportedStream("audio"));
 
   // TODO(wolenetz): Use a matcher that verifies more of the event parameters
   // than FoundStream. See https://crbug.com/749178.

media/filters/ffmpeg_glue.cc

@@ -129,6 +129,10 @@ FFmpegGlue::FFmpegGlue(FFmpegURLProtocol* protocol) {
   // Ensures we can read out various metadata bits like vp8 alpha.
   format_context_->flags |= AVFMT_FLAG_KEEP_SIDE_DATA;
 
+  // Ensures format parsing errors will bail out. From an audit on 11/2017, all
+  // instances were real failures. Solves bugs like http://crbug.com/710791.
+  format_context_->error_recognition |= AV_EF_EXPLODE;
+
   format_context_->pb = avio_context_.get();
 }