This may be security relevant.
Based on 2 patches by chrome.
backport r19975 by michael
Originally committed as revision 22658 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
unlike the ARCH_ macros, COMPILE_ALTIVEC needs to be tested more carefully
Originally committed as revision 22488 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
in case altivec is disabled, even compilation of code using altivec
keywords or asm must be avoided.
backport r30869 from mplayer repo by siretart
Originally committed as revision 22436 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
backport r19270 by rbultje:
Remove any reference to ASFContext.packet_size and replace it with
AVFormatContext.packet_size. See "[PATCH] asf*.c/h: use
AVFormatContext->packet_size instead of own copy" thread on ML.
and r19361 by reimar:
Check for packet_length 0, it is already treated as invalid by the padding check,
but that resulted in a confusing/wrong error message.
Originally committed as revision 22147 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
As discussed with Diego, we'll go for bumping micro in 0.5 and will
consider adding a RELEASEVERSION macro for trunk and 0.6 seperatly
Originally committed as revision 22087 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
First commit:
Make decode_init fail if the huffman tables are invalid and thus init_vlc fails.
Otherwise this will crash during decoding because the vlc tables are NULL.
Partially fixes ogv/smclock.ogv.1.101.ogv from issue 1240.
backport r19355 by reimar
Second commit:
Add extra validation checks to ff_vorbis_len2vlc.
They should not be necessary, but it seems like a reasonable precaution.
r19374 by reimar
Originally committed as revision 22076 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
now compiles with x264 API versions 65 up to 85
patch prepared by darkshikari
Originally committed as revision 22042 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
Update ffmpeg documentation regarding metadata setting. -title,
-author, -copyright, -track, -album, and -year options have been
dropped in favor of -metadata.
Add an explanation and complete the metadata usage example.
backported revisions r19285, r19287 and r19320 by stefano.
Originally committed as revision 21858 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
backported r20083 by diego
This commit does not introduce functional changes. It was applied in
order to faciliate reviewing the proposed libx264.c backport
Originally committed as revision 21832 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
Probably only DoS, init_get_bits sets buffer to NULL, thus causing a
NULL-dereference directly after.
backport r21426 by reimar
Originally committed as revision 21759 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
This might have been exploitable.
Fixes first crash of issue840.
backport r18388 by michael
Originally committed as revision 21757 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
as discussed with diego on irc, the spurious newline deletion and the
LIBAVCODEC_VERSION_MINOR bump are being reverted based on comments on
ffmpeg-cvslog by ramiro, uoti and michael.
See http://comments.gmane.org/gmane.comp.video.ffmpeg.cvs/28112 for the
full context.
Originally committed as revision 21755 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
Allows an application to register a callback that manages mutexes
on behalf of FFmpeg.
With this callback registered FFmpeg is fully thread safe.
backport r19025 by andoma
NB: This is a feature backport with little regression potential. It was
requested at FOSDEM 2010 by ben@geexbox.org for use by geexbox and the
enna mediacenter in the upcoming debian/squeeze and ubuntu/lucid
release.
Approved by DonDiego on #ffmpeg-devel
Originally committed as revision 21731 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
10_vorbis_submap_indexes.patch by chrome.
I am applying this even though Reimar had some comments to improve it as it fixes
a serious security issue and I do not want to leave such things unfixed.
backport r20001 by michael
Originally committed as revision 21730 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
23_vorbis_sane_partition.patch by chrome.
Also this should be better documented but i prefer not to leave potential
security issues open due to missing documentation.
r19996 by michael
Originally committed as revision 21729 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
12_vorbis_mode_indexes.patch by chrome
maybe exploitable
r19990 by michael
Originally committed as revision 21726 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
26_vorbis_mag_angle_index.patch by chrome
backport r19983 by michael
Originally committed as revision 21723 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
27_vorbis_residue_loop_error.patch by chrome
backport r19982 by michael
Originally committed as revision 21722 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
Based on 28_theora_malloc_checks.patch from the Google Chrome team.
backport r20008 by melanson
Originally committed as revision 21720 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
18_fix_theora_header_bit_len.patch by chrome
backport r19993 by michael
Originally committed as revision 21719 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
based on 31_mp3_outlen.patch by chrome.
backported r19988 by michael
Originally committed as revision 21718 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
First, make s signed, so that comparisons against end - p will not be made as
unsigned, making the check incorrectly pass if p is beyond end.
Also ensure that p will never be > end, so the code is correct also if
buf is not padded.
backported r20014 by reimar
Originally committed as revision 21711 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
if no header was found the parser was not initialized and thus will
crash when trying to use it.
Originally committed as revision 21708 to svn://svn.ffmpeg.org/ffmpeg/branches/0.5
