1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-24 13:56:33 +02:00

112972 Commits

Author SHA1 Message Date
Michael Niedermayer
3a308dffde
avformat/mp3dec: Check header_filesize
Fixes: CID1608714 Division or modulo by float zero

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cea4dbc903eaf8cb7a4ea53b281deff495ff8fa0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:55 +02:00
Michael Niedermayer
3b8cb4dc26
avformat/mp3dec; Check for avio_size() failure
Fixes: CID1608710 Improper use of negative value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bb936a1a720856a51c48bf907475daa8065920c9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:54 +02:00
Michael Niedermayer
7271c1b523
avformat/mov: Use 64bit for str_size
We assign a 64bit variable to it before checking

Fixes: CID1604544 Overflowed integer argument

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 046d069552f5c2824f36fcf95d409670208dc94b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:54 +02:00
Michael Niedermayer
fea9688839
avformat/mm: Check length
Fixes: CID1220824 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 139bf412464e62a83984cd49093936dcaa7a0865)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:54 +02:00
Michael Niedermayer
c16a71e757
avformat/hnm: Check *chunk_size
Fixes: CID1604419 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 291356f58b8a1af491c692a89e6c4e70e9496f9d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:53 +02:00
Michael Niedermayer
3a661757ba
avformat/hlsenc: Check ret
Fixes: CID1609624 Unused value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7e577165c101513b4d8afe164e604cbef6901546)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:53 +02:00
Michael Niedermayer
f60c294f6d
avformat/bintext: Check avio_size() return
Fixes: CID1604503 Overflowed constant
Fixes: CID1604566 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bf61f811e73dc62d1b53ed4ef6044b4e9e195113)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:53 +02:00
Michael Niedermayer
bab5b22af2
avformat/asfdec_o: Check size of index object
We subtract 24 so it must be at least 24

Fixes: CID1604482 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 891bc070f0294e564a02f9a71f6591b6a62c90cc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:52 +02:00
Michael Niedermayer
90b99445fb
avfilter/vf_scale: Check ff_scale_adjust_dimensions() for failure
Helps: CID1513722 Operands don't affect result

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2a8fb3c2cc07e741bca556eee8aea704fda4c33f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:52 +02:00
Michael Niedermayer
38c029131a
avfilter/scale_eval: Use 64bit, check values in ff_scale_adjust_dimensions()
Found by reviewing CID1513722 Operands don't affect result

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ad9df8bcfebc1085cb8b42dae9ab688af824cdab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:52 +02:00
Michael Niedermayer
05ef164255
avfilter/vf_lut3d: Check av_scanf()
Fixes: CID1604398 Unchecked return value
Fixes: CID1604542 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ace2e25720b8a26906b15aab7eebbac860bb7bf0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:51 +02:00
Michael Niedermayer
d10954e620
avfilter/vf_elbg: Use unsigned for shifting into the top bit
Fixes: part of CID1355110 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2af95b9214a6bf75f946440d36c349963396e23b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:51 +02:00
Michael Niedermayer
f3a360a00d
avfilter/vf_deshake_opencl: Ensure that the first iteration initializes the best variables
Fixes: CID1452759 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9385847af47211e8c618198499ffea99614bb55d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:51 +02:00
Michael Niedermayer
160ecb2b36
swscale/output: Fix integer overflows in yuv2rgba64_X_c_template
Fixes: signed integer overflow: -1082982400 + -1068681048 cannot be represented in type 'int'
Fixes: 69995/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6285740271534080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bcab9789ef750670277956e79736bca442aec2ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:50 +02:00
Michael Niedermayer
c08ff45cb2
avformat/mxfdec: Reorder elements of expression in bisect loop
Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long'
Fixes: 68578/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6032171648221184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8d288479d3431d65318d957aab710b13714fc05)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:50 +02:00
Michael Niedermayer
bc1b078bd1
avutil/timecode: Use a 64bit framenum internally
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 68550/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6424065930756096

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d5ca373d7efa37d2d3911f0afbc85fad0dc86b38)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:49 +02:00
Michael Niedermayer
d0ce252930
avcodec/pnmdec: Use 64bit for input size check
Fixes: out of array read
Fixes: poc3

Reported-by: VulDB CNA Team
Found-by: CookedMelon
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:49 +02:00
Michael Niedermayer
88336d81fa
avcodec/mpeg12enc: Use av_rescale() in vbv_buffer_size computation
Fixes: signed integer overflow: 20 * 2314885530818453759 cannot be represented in type 'long'
Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0993ef675f06042402a97b08a60155c65dae8ba7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:49 +02:00
Michael Niedermayer
04885dde13
avcodec/utvideoenc: Use unsigned shift to build flags
Fixes: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 69083/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5608202363273216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69e90491f15d8eef643f8dfd1b75805829496678)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:48 +02:00
Michael Niedermayer
62a9b53e19
avcodec/j2kenc: Merge dwt_norm into lambda
This moves computations out of a loop

This may help with UB in vsynth*-jpeg2000-yuva444p16

Fixes: signed integer overflow: 31665934879948800 * 9998 cannot be represented in type 'long'
Fixes: 69024/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5949662967169024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a84fbd747119841942c67d2f55cc796ab25cd245)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:48 +02:00
Michael Niedermayer
4a554ffb9b
avcodec/vc2enc: Fix overflows with storing large values
Fixes: left shift of 1431634944 by 2 places cannot be represented in type 'int'
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 69061/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6325700826038272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit af9935835335cae1ae5a4ec7fc14c1b5e25c1f2d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:48 +02:00
Michael Niedermayer
573987e8aa
avcodec/mpegvideo_enc: Do not duplicate pictures on shifting
Fixes: out of array access
Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752
Fixes: 69599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4848626296225792.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9c8881cb3534b257d6e6539f563006599cd96b48)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:47 +02:00
Michael Niedermayer
74d626d3d5
avdevice/dshow_capture: Fix error handling in ff_dshow_##prefix##_Create()
Untested, needs review

Fixes: CID1591856 Resource leak
Fixes: CID1591887 Resource leak
Fixes: CID1591874 Resource leak

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 348968e9f7d8abb743a5dfca8e522ae0cf1ddc8b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:47 +02:00
Michael Niedermayer
5743c33946
avcodec/tiff: Check value on positive signed targets
Fixes: CID1604593 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66d6b8033b4bf8e9b33f26729c4ab9f9b328c5a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:47 +02:00
Michael Niedermayer
0b5ef2198b
avfilter/vf_convolution_opencl: Assert that the filter name is one of the filters
Helps with: CID1439572 Uninitialized pointer read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 19a5a8997c93d72d6fe169c42a2a04ad4bb6e03a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:46 +02:00
Michael Niedermayer
02694abdaf
avfilter/vf_bm3d: Dont round MSE2SSE to an integer
Fixes: CID1439581 Result is not floating-point

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec18ec9fc1080c37a02f3709afda5c4b08d4ea89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:46 +02:00
Michael Niedermayer
24717b7be6
avdevice/dshow: Remove NULL check on pin
The pointer is used before the check

Fixes: CID1591884 Dereference before null check

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 989e11acb65e640d336d0d911e958a6008311a9d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:46 +02:00
Michael Niedermayer
09c9cc0cc2
avdevice/dshow: check ff_dshow_pin_ConnectionMediaType() for failure
Maybe Fixes: CID1598557 Explicit null dereferenced

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2c2e72708831ca0cc76f72368676a8ccf624a2fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:45 +02:00
Michael Niedermayer
c3badb1cd8
avdevice/dshow: Check device_filter_unique_name before use
Fixes: CID1591931 Explicit null dereferenced

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 175c19166824bd93b02f60c5178365014212366e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:45 +02:00
Michael Niedermayer
d735717614
avdevice/dshow: Cleanup also on av_log case
Fixes: CID1598550 Resource leak

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25f9211bdd61641cb8739efcb45bf31b46557178)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:45 +02:00
Michael Niedermayer
769d857430
avdevice/dshow_filter: Use wcscpy_s()
Fixes: CID1591929 Copy into fixed size buffer

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit daf61dddc8e27424c320d5c3abe3e0c5182cd5c0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:44 +02:00
Michael Niedermayer
02606b6ae4
avcodec/flac_parser: Assert that we do not overrun the link_penalty array
Helps: CID1454676 Out-of-bounds read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9af348bd1aa41ea10d6719c56ed2b4eda97642f3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:44 +02:00
Michael Niedermayer
18025bf362
avcodec/osq: avoid signed overflow in downsample path
Fixes: signed integer overflow: 865309950 * 256 cannot be represented in type 'int'
Fixes: 69191/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6310214413385728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ed34b0c54ebdce7f741d9fb6a9ac11a1816df59c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:44 +02:00
Michael Niedermayer
85dbf6d8e4
avcodec/pixlet: Simplify pfx computation
Found by reviewing code related to CID1604365 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0474614e6cf8edcd0077b95772c29fae894a7db9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:43 +02:00
Michael Niedermayer
6498053b90
avcodec/motion_est: Fix score squaring overflow
Fixes: CID1604552 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f18b442370d714b930e3e983c2e5d789229f3356)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:43 +02:00
Michael Niedermayer
d39d90e510
avcodec/mlpenc: Use 64 for ml, mr
Fixes: CID1604429 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 06f01d9fa0ecfa7dd785b3dfe2957999472930b2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:43 +02:00
Michael Niedermayer
21d7ac3a07
avcodec/loco: Check loco_get_rice() for failure
Fixes: CID1604495 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d55327684349b4db5d5905eefaa7d2aec597908d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:42 +02:00
Michael Niedermayer
41c5289c7e
avcodec/loco: check get_ur_golomb_jpegls() for failure
Fixes: CID1604400 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b9899866418cb3bd930846271470e3096917f5f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:42 +02:00
Michael Niedermayer
99c3834f61
avcodec/imm4: check cbphi for error
Fixes: CID1604356 Overflowed constant
Fixes: CID1604573 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6e4c037833c3ca0e0bd3e348701c4c0dc58bed91)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:42 +02:00
Michael Niedermayer
1b0f37bbb6
avcodec/iff: Use signed count
This is more a style fix than a bugfix (CID1604392 Overflowed constant)

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cfe66dfebb8a1e1394bcf834b6cc785f280ccecf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:41 +02:00
Michael Niedermayer
c543847ddd
avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb()
Found by code review related to CID1604563 Overflowed return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b2aaeb81f65aaa61238d74a77034b118055340d3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:41 +02:00
Michael Niedermayer
d4d971efbb
avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac()
Found while reviewing code related to CID1604409 Overflowed return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cf5b83f6fa367f99aefc1321bafc0a7e8db33cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:41 +02:00
Michael Niedermayer
6b20dadc81
avcodec/dxv: Fix type in get_opcodes()
Found by code review related to CID1604386 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5af1c6e91e86b184101ef2abb49178ff409703b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:40 +02:00
Michael Niedermayer
0a22787423
avcodec/cri: Check length
Fixes: CID1604394 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69dcd123f19acf851f85166159a3719565813fd0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:40 +02:00
Michael Niedermayer
343a76e123
avcodec/xsubdec: Check parse_timecode()
Fixes: CID1604490 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96fd9417e250540f228d1ad5b43a77c120208eba)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:40 +02:00
Michael Niedermayer
f99867ef79
avutil/imgutils: av_image_check_size2() ensure width and height fit in 32bit
width and height > 32bit is not supported and its easier to check in a central place

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ba63e329572b74207045fd82c93fcc0fa0479bc4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:39 +02:00
Michael Niedermayer
05e38d8362
doc/examples/mux: remove nop
Found through code review related to CID1604493 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e6c0c5731e85f00b5840d9a7d14e38cc3e07d5bc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:39 +02:00
Michael Niedermayer
ba0c1fc015
avcodec/proresenc_kostya: use unsigned alpha for rotation
Fixes: left shift of negative value -208
Fixes: 69073/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-4745020002336768

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93e0265e27e6dd567812a8661988109421c5447a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:39 +02:00
Michael Niedermayer
b92c0e54fc
avformat/rtpenc_rfc4175: Use 64bit in computation if copy_offset
Found while reviewing: CID1494441 Untrusted value as argument

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f13ae632591b043cb69b66de01e8b178037cdd0e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:38 +02:00
Michael Niedermayer
f6b059008f
avformat/rtmppkt: Simplify and deobfuscate amf_tag_skip() slightly
Found while reviewing: CID1530313 Untrusted loop bound

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cedbef03946625bc0f7f96e9f77ad59c512b9900)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 16:52:38 +02:00