virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-24 13:56:33 +02:00
Code Issues Releases Activity
88,008 Commits 37 Branches 400 Tags
Commit Graph

88008 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
b1af55778b avcodec/dnxhddec: Check dc vlc 
Fixes: signed integer overflow: 1024 + 2147483640 cannot be represented in type 'int'
Fixes: 4671/clusterfuzz-testcase-minimized-6027464343027712

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b2be76c0a472b729756ed7a91225c209d0dd1d2e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:33:08 +01:00
Michael Niedermayer
6abe1e06f5 avcodec/exr: Check buf_size more completely 
Fixes: Out of heap array read
Fixes: 4683/clusterfuzz-testcase-minimized-6152313673613312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 903be5e4f66268273dc6e3c42a7fdeaab32066ef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
91f5a2b7b8 avcodec/flacdec: Fix overflow in multiplication in decode_subframe_fixed() 
Fixes: signed integer overflow: 2 * 1629495328 cannot be represented in type 'int'
Fixes: 4716/clusterfuzz-testcase-minimized-5835915940331520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d23f7a0969bf76ad6dcdc2c4a5cd3ae884745a8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
7e402c31ef avcodec/hevcdsp_template: Fix Invalid shifts in put_hevc_qpel_bi_w_h() and put_hevc_qpel_bi_w_w() 
Fixes: left shift of negative value -1
Fixes: 4690/clusterfuzz-testcase-minimized-6117482428366848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d135f3c514ac1723256c8e0f5cdd466fe98a2578)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
fb9560b366 avcodec/flacdec: avoid undefined shift 
Fixes: shift exponent 32 is too large for 32-bit type 'unsigned int'
Fixes: 4688/clusterfuzz-testcase-minimized-6572210748653568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 560daf88913b0de59a4d845bcd19254b406388dd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
0e7d8ce37c avcodec/hevcdsp_template.c: Fix undefined shift in FUNC(dequant) 
Fixes: runtime error: left shift of negative value -180
Fixes: 4626/clusterfuzz-testcase-minimized-5647837887987712

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0c9ab5ef9c1ee852c80c859c9e07efe8730b57ed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
e55a6c5f05 avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0() and COMPOSE_DD137iL0() 
Fixes: runtime error: signed integer overflow: 2147483646 + 33554433 cannot be represented in type 'int'
Fixes: 4563/clusterfuzz-testcase-minimized-5438979567517696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4d70fbeec8cbab072b3a9b9f760b8deaaef240f2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
0288d15cdd avcodec/hevc_cabac: Fix integer overflow in ff_hevc_cu_qp_delta_abs() 
Fixes: signed integer overflow: 2147483647 + 1073741824 cannot be represented in type 'int'
Fixes: 4555/clusterfuzz-testcase-minimized-4505532481142784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0ee143558d55b590774dba69cff5a16eda089a4d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:14 +01:00
Michael Niedermayer
43c03866b2 tests/audiomatch: Add missing return code at the end of main() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 65da5c56e661a839e017db4c51c73d6f3d8a8fcb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Michael Niedermayer
2e426fae43 avcodec/hevc_sei: Fix integer overflows in decode_nal_sei_message() 
Fixes: signed integer overflow: 2147483520 + 255 cannot be represented in type 'int'
Fixes: 4554/clusterfuzz-testcase-minimized-4843714515042304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 991ef6e5b9a6a9d95e274ff6bff52db1c82b3808)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Michael Niedermayer
d147e2d55d avcodec/hevcdsp_template: Fix undefined shift in put_hevc_qpel_bi_w_hv() 
Fixes: runtime error: left shift of negative value -3
Fixes: 4524/clusterfuzz-testcase-minimized-6055590120914944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 439fbb9c8b2a90e97c44c7c57245e01ca84c865d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Michael Niedermayer
d6a13f031c avcodec/h264_parse: Treat escaped and unescaped decoding error equal in decode_extradata_ps_mp4() 
Fixes: lorex.mp4
Fixes: ticket6762

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4bb7d72bcfb56ae4fe56055927cf53cf484f5df4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Michael Niedermayer
0f0a2ff5a0 avcodec/vp9: mark frame as finished on decode_tiles() failure 
Fixes deadlock with framethreads
Fixes: Netflix_Aerial_1080p_60fps_8bit_420.y4m.vp9.noaltref.webm.ivf.s69372_r01-05_b6-.ivf
Fixes: Netflix_Aerial_1080p_60fps_10bit_420.y4m.vp9.noaltref.webm.ivf.s149104_r01-05_b6-.ivf
Fixes: ducks_take_off_444_720p50.y4m.vp9.webm.ivf.s107375_r01-05_b6-.ivf

Reported-by: James Zern <jzern@google.com>
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5e03eea673a9da2253ed15152e46b1422b35d145)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Kelly Ledford
a3832486e4 libavfilter/af_dcshift.c: Fixed repeated spelling error 
'threshhold' should be 'threshold'

Signed-off-by: Kelly Ledford <kelly.ledford@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bc219082bb04b9a4725bfe7e78ce0950244e6e84)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Jun Zhao
9aa0ed850b avfilter/formats: fix wrong function name in error message 
Use perdefined micro __FUNCTION__ rather than hard coding function name
to fix wrong function name in error message.

Signed-off-by: Jun Zhao <jun.zhao@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4280948702bc256e21c375790b889c735d233b0d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-28 15:31:13 +01:00
Timo Rothenpieler
93c8720b91 avcodec/nvenc: also clear data pointer after unregistering a resource 
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2018-01-28 13:34:24 +01:00
Timo Rothenpieler
d36714f727 avcodec/nvenc: add some more error case checks 
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2018-01-28 13:32:39 +01:00
Timo Rothenpieler
a7c60c5b7b avcodec/nvenc: unregister input resource when unmapping 
Currently the resource is only ever unregistered when the
registered_frames array is fully in use and an unmapped entry is re-used
and cleaned up.
I'm pretty sure the frame will have been cleaned up before that happens,
so I'm kinda surprised this never blew up.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2018-01-28 13:32:14 +01:00
Timo Rothenpieler
fbb27e2911 avcodec/nvenc: refcount input frame mappings 
If some logic like vsync in ffmpeg.c duplicates frames, it might pass
the same frame twice, which will result in a crash due it being
effectively mapped and unmapped twice.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2018-01-28 13:27:24 +01:00
Rodger Combs
ad85d9af13 lavc/aarch64/sbrdsp_neon: fix build on old binutils 
(cherry picked from commit 77237504757b97c068796a4e9ef81b9653618616)
 2018-01-26 13:31:46 -03:00
wm4
4a53ecb12e hwcontext_dxva2: initialize D3DDISPLAYMODEEX correctly 
(cherry picked from commit 18fbfd7bf86effb49c0341b37b9c1d73940d688e)
 2018-01-04 18:20:54 -03:00
Humberto Ribeiro
7c3d519df9 libavutil/hwcontext_dxva2: Add check for possible errors from GetAdapterDisplayModeEx 
This prevents a possible crash in CreateDeviceEx when using faulty
response from GetAdapterDisplayModeEx and allows ffmpeg to fallback to
classic d3d9.

Signed-off-by: wm4 <nfxjfg@googlemail.com>
(cherry picked from commit 59b126f92225316e0cd77bb952d630553801dc85)
 2018-01-04 18:20:43 -03:00
James Almer
d8104977bb avcodec/libx264: set supported pix_fmts at runtime rather than build time 
This partially reverts a change in behavior introduced in 2a111c99a60fdf4fe5eea2b073901630190c6c93.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 7e60c74329353db28db00552028bc88cd2a52346)
 2017-12-26 19:45:29 -03:00
James Almer
650cb712ef avcodec/libx264: fix compilation with x264 builds >= 153 
x264 now supports multibitdepth builds, with a slightly changed API to
request bitdepth during initialization.

Reviewed-by: Ricardo Constantino <wiiaboo@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 2a111c99a60fdf4fe5eea2b073901630190c6c93)
 2017-12-26 12:56:02 -03:00
James Almer
31d6f3df25 avcodec/libx264: use the pixfmt descriptor to check for high bit depths 
The x264_bit_depth constant has been removed in newer x264 builds.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 89f704cabab446afc8ba6ecea76714a51b1df32b)
 2017-12-26 12:55:54 -03:00
Michael Niedermayer
bc839fb39d Changelog: Update for the last 3 commits 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n3.4.1 		2017-12-10 21:20:05 +01:00
Michael Niedermayer
1fab842fbb avcodec/vp9_superframe_split_bsf: Fix integer overflow in frame_size/total_size checks 
Fixes: signed integer overflow: -1698586465 + -551542752 cannot be represented in type 'int'
Fixes: 4490/clusterfuzz-testcase-minimized-5210014592532480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eaff5fcb7cde8d1614755269773d471d3a3d1bfc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-10 20:25:14 +01:00
Michael Niedermayer
60d250386b avcodec/amrwbdec: Fix division by 0 in voice_factor() 
The added value matches "Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; Extended Adaptive Multi-Rate - Wideband (AMR-WB+) codec; Floating-point ANSI-C code (3GPP TS 26.304 version 14.0.0 Release 14)
Extended Adaptive Multi-Rate - Wideband (AMR-WB+) codec; Floating-point ANSI-C code"

Fixes: runtime error: division by zero
Fixes: 4415/clusterfuzz-testcase-minimized-4677752314658816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1d0817d56b66797118880358ea7d7a2acfdca429)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-10 20:25:14 +01:00
Michael Niedermayer
c5fd23879a avformat/utils: Fix warning: ISO C90 forbids mixed declarations and code 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-10 20:25:14 +01:00
James Cowgill
d8d1689f92 avcodec/decode: reset codec on receiving packet after EOF in compat_decode 
In commit 061a0c14bb57 ("decode: restructure the core decoding code"), the
deprecated avcodec_decode_* APIs were reworked so that they called into the
new avcodec_send_packet / avcodec_receive_frame API. This had the side effect
of prohibiting sending new packets containing data after a drain
packet, but in previous versions of FFmpeg this "worked" and some
applications relied on it.

To restore some compatibility, reset the codec if we receive a new non-drain
packet using the old API after draining has completed. While this does
not give the same behaviour as the old API did, in the majority of cases
it works and it does not require changes to any other part of the decoding
code.

Fixes ticket #6775
Signed-off-by: James Cowgill <jcowgill@debian.org>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 02ba4b91b5616ecbebee5c9565e1be7af2a6b980)
 2017-12-09 21:40:47 +01:00
Michael Niedermayer
c741095eec Update for 3.4.1 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-08 10:22:30 +01:00
Michael Niedermayer
b2169c8bcc avcodec/diracdsp: Fix integer overflow in PUT_SIGNED_RECT_CLAMPED() 
Fixes: runtime error: signed integer overflow: 2147483646 + 2048 cannot be represented in type 'int'
Fixes: 4479/clusterfuzz-testcase-minimized-6529894147162112

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 610dd74502a58e8bb0f1d8fcbc7015f86b78d70e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
3a6140e4cf avcodec/dirac_dwt: Fix integer overflows in COMPOSE_DAUB97* 
Fixes: 4478/clusterfuzz-testcase-minimized-4752113767809024
Fixes: runtime error: signed integer overflow: -2147483626 + -319489 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5e9a13a5a33bf7566591216e335f2529612100bb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Nikolas Bowe
a749f4864e avcodec/extract_extradata_bsf: Fix leak discovered via fuzzing 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5a412a5c3cc216ae1d15e6b884bda7214b73a5b0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
c147aefc3e avcodec/vorbis: Fix another 1 << 31 > int32_t::max() with 1u. 
Didn't notice this one when 9648cc6d was landed.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 95bacb521af8cd28f146f045437c9f75717a493a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
23319f7764 avcodec/vorbis: 1 << 31 > int32_t::max(), so use 1u << 31 instead. 
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9648cc6d7fdbb0a260bed1e3e23300569cff9579)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
36db62ca98 avformat/utils: Prevent undefined shift with wrap_bits > 64. 
2LL << (wrap_bits=64 - 1) does not fit in int64_t; change the
code to use a uint64_t (2ULL) and add an av_assert2() to
ensure wrap_bits <= 64.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 03fbc0daa7e37af024f8b017a28105c32bbe25ca)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
17f05ff656 avcodec/j2kenc: Fix out of array access in encode_cblk() 
Fixes: 4427/clusterfuzz-testcase-minimized-5106919271301120

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0674087004538599797688785f6ac82358abc23b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
0ccbbf034d avcodec/hevcdsp_template: Fix undefined shift in put_hevc_epel_bi_w_h() 
Fixes: runtime error: left shift of negative value -127
Fixes: 4397/clusterfuzz-testcase-minimized-4779061080489984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0409d333115e623b5ccdbb364d64ca2a52fd8467)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
John Stebbins
f7357facd8 lavf/mov: fix huge alloc in mov_read_ctts 
An invalid file may cause huge alloc.  Delay expansion of ctts entries
until the number of samples is known in mov_build_index.

Fixes: 23

Found-by: zhao dongzhuo, AD-lab of Venustech
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2d015d3bf9fed59c65a3819a35fedbb8b7dde623)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
ed87667bd3 avcodec/mlpdsp: Fix signed integer overflow, 2nd try 
The outputted bits should match what is used in the lossless check

Fixes: runtime error: signed integer overflow: -538697856 * 256 cannot be represented in type 'int'
Fixes: 4326/clusterfuzz-testcase-minimized-5689449645080576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 97c00edaa043043c29d985653e7e1687b56dfa23)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
983d119c9b avcodec/h264idct_template: Fix integer overflow in ff_h264_idct8_add 
Fixes: signed integer overflow: 452986184 - -2113885312 cannot be represented in type 'int'
Fixes: 4196/clusterfuzz-testcase-minimized-5580648594014208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9cc926da7d9920d17b76584e7212309ab5c02387)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
e56f691283 avcodec/kgv1dec: Check that there is enough input for maximum RLE compression 
Fixes: Timeout
Fixes: 4271/clusterfuzz-testcase-4676667768307712

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3aad94bf2b140cfba8ae69d018da05d4948ef37f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
3ae71b648a avformat/aacdec: Fix leak in adts_aac_read_packet() 
Fixes: chromium-773637/clusterfuzz-testcase-minimized-6418078673141760

Found-by: ossfuzz/chromium
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2779d33ed99898675e0b3884fabe1ce6839f36d1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
f2f0273588 avcodec/dirac_dwt: Fix integer overflow in COMPOSE_FIDELITYi* 
Fixes: runtime error: signed integer overflow: -2143827186 - 7404944 cannot be represented in type 'int'
Fixes: 4354/clusterfuzz-testcase-minimized-4671122764201984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b6964f764382742bb052a1ee3b7167cac35332f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
de20dad15e avcodec/sbrdsp_fixed: Fix integer overflow 
Fixes: signed integer overflow: 2147483598 + 64 cannot be represented in type 'int'
Fixes: 4337/clusterfuzz-testcase-minimized-6192658616680448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 12a511f2c265d6319b7fdc332a6aa8aca1535309)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Michael Niedermayer
1549890035 avcodec/mpeg4videodec: Check also for negative versions in the validity check 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0e7865ce4152f8b04cda6a698bbee4fd4a94009d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
35c7a1df8a Close ogg stream upon error when using AV_EF_EXPLODE. 
Without this there can be multiple memory leaks for unrecognized
ogg streams.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bce8fc0754c4b31f574a4372c6d7996ed29f7c2a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
f8fcb6bbf0 Fix undefined shift on assumed 8-bit input. 
decode_user_data() attempts to create an integer |build|
value with 8 bits of spacing for 3 components. However
each component is an int32_t, so shifting each component
is undefined for values outside of the 8 bit range.

This patch simply clamps input to 8-bits per component
and prints out a warning that the values were clamped.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7010dd98b575d2e39fca947e609b85be7490b269)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00
Dale Curtis
50c93ce5ef Use ff_thread_once for fixed, float table init. 
These tables are static so they should only be initialized once
instead of on every call to ff_mpadsp_init().

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5eaaffaf64d1854493f0fe9ec822eed1b3cd9fe1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-12-07 23:38:06 +01:00