virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-24 13:56:33 +02:00
Code Issues Releases Activity
75,471 Commits 37 Branches 400 Tags
Commit Graph

75471 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
1e512388ee avformat/ffmdec: Check media type for chunks 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e706e2e775730db5dfa9103628cd70704dd13cef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-03 17:46:37 +01:00
Michael Niedermayer
31d46dc97d avcodec/flacdec: Fix signed integer overflow in decode_subframe_fixed() 
Fixes undefined behavior
Fixes: 640912-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 83a75bf6c31b3c0ce2ca7e1426d1f2e3df634239)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-03 17:32:54 +01:00
Michael Niedermayer
5790ce6273 avcodec/flacdsp_template: Fix undefined shift in flac_decorrelate_indep_c 
Fixes: left shift of negative value
Fixes: 668346-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit acc163c6ab52d2235767852262c64c7f6b273d1c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-03 17:32:33 +01:00
Michael Niedermayer
f202fefdb0 avformat/oggparsespeex: Check frames_per_packet and packet_size 
The speex specification does not seem to restrict these values, thus
the limits where choosen so as to avoid multiplicative overflow

Fixes undefined behavior
Fixes: 635422.ogg

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit afcf15b0dbb4b6429be5083e50b296cdca61875e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-03 04:10:31 +01:00
Michael Niedermayer
3af916db37 avformat/utils: Check start/end before computing duration in update_stream_timings() 
Fixes undefined behavior
Fixes: 637428.ogg

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 90da187f1d334422477886a19eca3c1da29c59a7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-03 04:10:19 +01:00
Michael Niedermayer
518beeb72f Changelog: Update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-02 00:47:39 +01:00
Michael Niedermayer
46edc6d5ef avcodec/flac_parser: Update nb_headers_buffered 
Fixes infinite loop
Fixes: fuzz.flac

Found-by: Frank Liberato <liberato@google.com>
Reviewed-by: Frank Liberato <liberato@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2475858889cde6221677473b663df6f985add33d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-01 23:50:40 +01:00
Michael Niedermayer
046cc06f5a avformat/idroqdec: Check chunk_size for being too large 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 744a0b5206634e5de04d5c31f08cc3640faf800d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-01 23:50:40 +01:00
Andreas Cadhalpun
970781f5f2 Update Changelog 2016-11-27 00:47:03 +01:00
Andreas Cadhalpun
d8ec9e97b9 filmstripdec: correctly check image dimensions 
This prevents a division by zero in read_packet.

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 25012c56448a48487cdc9699465e640871dbcd60)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:36 +01:00
Andreas Cadhalpun
028c87be95 mss2: only use error correction for matching block counts 
This fixes a heap-buffer-overflow in ff_er_frame_end when decoding mss2
with coded_width/coded_height larger than width/height.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 2566ad98b01538ea589e5ee07b69fc566aadc348)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:36 +01:00
Andreas Cadhalpun
b45e112bbd softfloat: decrease MIN_EXP to cover full float range 
floats are not necessarily normalized, so a normalized softfloat needs
MIN_EXP lowered by 23 to cover that range.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 2d6f46d801bab990b7e742b8a8e5c5b0cb70a80e)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
56b120630f libopusdec: default to stereo for invalid number of channels 
This fixes an out-of-bounds read if avc->channels is 0.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 8c8f543b81aa2b50bb6a6cfd370a0061281492a3)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
22cd4aa221 sbgdec: prevent NULL pointer access 
Reviewed-by: Josh de Kock <josh@itanimul.li>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit dbefbb61b785cd77810c032f5cdb499d2a92df07)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
8a7b2fbf6f smacker: limit recursion depth of smacker_decode_bigtree 
This fixes segmentation faults due to stack-overflow caused by too deep
recursion.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 946ecd19ea752399bccc751c9339ff74b815587e)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
8f27508f1c mxfdec: fix NULL pointer dereference in mxf_read_packet_old 
Metadata streams have priv_data set to NULL.

Reviewed-by: Josh de Kock <josh@itanimul.li>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit fdb8c455b637f86e2e85503b7e090fa448164398)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
7552f6fc1b libschroedingerdec: fix leaking of framewithpts 
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 3c0328d58d98664b05efdd377d3fe66a569d385e)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
70ca4ce17a libschroedingerdec: don't produce empty frames 
They are not valid and can cause problems/crashes for API users.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit a86ebbf7f641bc797002ddea7fb517759722cd1b)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
ccda73a711 softfloat: handle -INT_MAX correctly 
This is similar to commit 9ac61e73d0843ec4b83f4e3d47eded73234e406e.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 0edd569466eb45b134690b9f4efbb57eda86f58d)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
0b948b1b8d pnmdec: make sure v is capped by maxval 
Otherwise put_bits can be called with a value that doesn't fit in the
sample_len, causing an assertion failure.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit cdb5479c9ddc886f0b8661db585405ebab343e80)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:35 +01:00
Andreas Cadhalpun
f76947fd56 smvjpegdec: make sure cur_frame is not negative 
This fixes a heap-buffer-overflow detected by AddressSanitizer.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 360bc0d90aa66cf21e9f488e77d21db18e01ec9c)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
71fa32bbb7 icodec: correctly check avio_read return value 
It can read less than the requested amount, in which case buf contains
uninitialized data, causing problems like segmentation faults later on.

Also make sure that image->size is positive, so that it can't match a
negative error code.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 89eb398c7fc4cb9a15e55bdf2ab6435b5332e377)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
8a56b31e7c icodec: fix leaking pkt on error 
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 467eece1bea5c8325c6974190ba61f1bba88a3f3)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
2260c0776a dvbsubdec: fix division by zero in compute_default_clut 
This problem was introduced in commit
4b90dcb8493552c17a811c8b1e6538dae4061f9d.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit c82b8ef0e4f226423ddd644bfe37e6a15d070924)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
5c55f9881e proresdec_lgpl: explicitly check coff[3] against slice_data_size 
The implicit checks via v_data_size and a_data_size don't work in the case
'(hdr_size > 7) && !ctx->alpha_info'.

This fixes segmentation faults due to invalid reads.

This problem was introduced in commit
547c2f002a87f4412a83c23b0d60364be5e7ce58.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 1e33035ee7a8d9fb7a4b8b6cc54842e72b36ed70)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
dc821d42a2 escape124: reject codebook size 0 
It causes a cb_depth of 32, leading to assertion failures in get_bits.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 226d35c84591f1901c2a13819031549909faa1f5)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
b3ac458a5a mpegts: prevent division by zero 
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 1bbb18fe82fc77a10d45fa53bd2738d2c54de6c6)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
3148d1c25f matroskadec: fix NULL pointer dereference in webm_dash_manifest_read_header 
The code assumes that s->streams[0] is valid.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit ff100c9dd97d2f1f456ff38b192edf84f9744738)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:34 +01:00
Andreas Cadhalpun
f964046c58 mpegaudio_parser: don't return AVERROR_PATCHWELCOME 
The API does not allow returning AVERROR codes.

It triggers an assert in av_parser_parse2.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 5249706e9d2ec5ed1b07d8ffdbb8fb9104261f6d)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
0cc619e0d7 mxfdec: fix NULL pointer dereference 
Metadata streams have priv_data set to NULL.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 0efb6106118c17308b3fdc3190f5e5bf84b01d5c)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
0e8c44076d diracdec: check return code of get_buffer_with_edge 
If it fails, buffers aren't allocated, causing NULL pointer dereferencing.

Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit db79dedb1ae5dd38432eee3f09155e26f3f2d95a)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
a94f846e2d ppc: pixblockdsp: do unaligned block accesses correctly again 
This was broken by the following Libav commit:
4c387c7 ppc: dsputil: do unaligned block accesses correctly

The following tests fail due to this:
fate-checkasm
fate-vsynth1-dnxhd-2k-hr-hq fate-vsynth1-dnxhd-edge1-hr
fate-vsynth1-dnxhd-edge2-hr fate-vsynth1-dnxhd-edge3-hr
fate-vsynth1-dnxhd-hr-sq-mov fate-vsynth1-dnxhd-hr-hq-mov
fate-vsynth2-dnxhd-2k-hr-hq fate-vsynth2-dnxhd-edge1-hr
fate-vsynth2-dnxhd-edge2-hr fate-vsynth2-dnxhd-edge3-hr
fate-vsynth2-dnxhd-hr-sq-mov fate-vsynth2-dnxhd-hr-hq-mov
fate-vsynth3-dnxhd-2k-hr-hq fate-vsynth3-dnxhd-edge1-hr
fate-vsynth3-dnxhd-edge2-hr fate-vsynth3-dnxhd-edge3-hr
fate-vsynth3-dnxhd-hr-sq-mov fate-vsynth3-dnxhd-hr-hq-mov

Fixes trac ticket #5508.

Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 3932ccc472ad4f4d370dcfc1c2f574b0f3acb88c)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
c5fb9df38a mpeg12dec: unref discarded picture from extradata 
Otherwise another frame gets referenced into picture, triggering an assert
(from commit 13aae8) in av_frame_ref.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit a92f8edf0c51781e152651cce2e753ad6e359eb2)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
51ff17d6b9 cavsdec: unref frame before referencing again 
This fixes asserts (from commit 13aae8) in av_frame_ref and
av_frame_move_ref.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 1966ea012fd72abc8003e95dc3c8ad9e9f197913)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:33 +01:00
Andreas Cadhalpun
e14da0578c avformat: prevent triggering request_probe assert in ff_read_packet 
If probe_codec is called with pkt == NULL, it sets probe_packets to 0
and request_probe to -1.
However, request_probe can change when calling s->iformat->read_packet
and thus a probe_packets value of 0 doesn't guarantee a request_probe
value of -1.
In that case calling probe_codec again is necessary to prevent
triggering the assert.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit a5b4476a602f31e451b11ca0c18bc92be130a50e)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2016-11-27 00:46:30 +01:00
Michael Niedermayer
afd0f8f775 Update for 2.8.9 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
13c249e2b5 avformat/mpeg: Adjust vid probe threshold to correct mis-detection 
Fixes: _ij.mp3

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4e5049a2303ae7fe74216a83206239e4de42c965)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
698528207a avcodec/rv40: Test remaining space in loop of get_dimension() 
Fixes infinite loop
Fixes: 178/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_RV40_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1546d487cf12da37d90a080813f8d57ac33036bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
1e86f1a646 avcodec/ituh263dec: Avoid spending a long time in slice sync 
Fixes: 177/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_FLV1_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2baf36caed98cfdc7f6a2086fbf26f1a172f16cf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
ecc5bada26 avcodec/movtextdec: Add error message for tsmb_size check 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0eb319800567b79ca6b4cf0d90904318641b9e50)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
b0a5794e30 avcodec/movtextdec: Fix tsmb_size check==0 check 
Fixes: 173/fuzz-3-ffmpeg_SUBTITLE_AV_CODEC_ID_MOV_TEXT_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a609905723c01e356d35146425c3d45c090aae7b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
63504a2d44 avcodec/movtextdec: Fix potential integer overflow 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ea27157682200e5f78cadcabdb009eccd9dd9b1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:27 +01:00
Michael Niedermayer
f9e76d3304 avcodec/sunrast: Fix input buffer pointer check 
Fixes: out of array read
Fixes: poc.dat

Found-by: Bingchang, Liu @VARAS of IIE
Tested-by: bc L <l.bing.chang.bc@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 37138338ff602803d174b13fecd363a083bc2f9a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
3213adceb2 avcodec/tscc: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 979bca513424879ed0c653cb1b55fc4156a89576)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
744f78ce0d avcodec/rawdec: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5f0bc0215a0f7099a2bcba5dced2e045e70fee61)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
147a387fba avcodec/msvideo1: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 161ccdaa06d1d109e8f77d2535bda11ce02720f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
2312d1d979 avcodec/qpeg: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 16793504dfba44e738655807db3274301b9bc690)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
1604a2b1e6 avcodec/qtrle: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d196f2a5a48faf25fd904b33b1fd239daae9840)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
f39522b6e7 avcodec/msrle: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a6330119a099840c5279697cf80cb768df97a90a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00
Michael Niedermayer
09411a7d5e avcodec/kmvc: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2d99101d0964f754822fb4af121c4abc69047dba)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-11-26 15:12:26 +01:00