Fixes reading from freed data
Fixes part of Ticket3539
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes part of msan_uninit-mem_7f055dd0ab1b_9558_videopop_guitar_300k.swf
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes part of msan_uninit-mem_7f055dd0ab1b_9558_videopop_guitar_300k.swf
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes msan_uninit-mem_7f90d9cce964_9558_videopop_guitar_300k.swf
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'e70c5b034c4787377e82cab2d5565486baec0c2a':
swfdec: do better validation of tag length
Make LOCAL_ALIGNED syntactically similar on all systems
Conflicts:
libavformat/swfdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Avoids trying to read a packet with 0 or negative size.
Avoids a potential infinite loop due to seeking backwards.
Partially based on a patch by Michael Niedermayer.
* qatar/master: (24 commits)
yop: set channel layout
wtv: set channel layout for mpeg audio
westwood_aud: set channel layout
wc3movie: set channel layout
tmv: set channel layout
tiertexseq: set channel layout
swfdec: set channel layout
sol: set channel layout
smacker: set channel layout
siff: set channel layout
sierravmd: set channel layout
rtpdec_amr: set channel layout
rsodec: set channel layout
rmdec: set channel layout for RA version 3
qcp: set channel layout
psxstr: set channel layout
omadec: set channel layout
oggparsespeex: validate channel count and set channel layout
nuv: set channel layout
mxg: set channel layout
...
Conflicts:
libavformat/swfdec.c
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
We now only return in the middle of the refill in case of read error, so
inflate can be re-called if zlib needs an empty (z.avail_in=0) inflate
call for flushing.
* qatar/master:
mpegvideo_enc: don't use deprecated avcodec_encode_video().
cmdutils: refactor -codecs option.
avconv: make -shortest a per-output file option.
lavc: add avcodec_descriptor_get_by_name().
lavc: add const to AVCodec* function parameters.
swf(dec): replace CODEC_ID with AV_CODEC_ID
dvenc: don't use deprecated AVCODEC_MAX_AUDIO_FRAME_SIZE
rtmpdh: Do not generate the same private key every time when using libnettle
rtp: remove ff_rtp_get_rtcp_file_handle().
rtsp.c: use ffurl_get_multi_file_handle() instead of ff_rtp_get_rtcp_file_handle()
avio: add (ff)url_get_multi_file_handle() for getting more than one fd
h264: vdpau: fix crash with unsupported colorspace
amrwbdec: Decode the fr_quality bit properly
Conflicts:
Changelog
cmdutils.c
cmdutils_common_opts.h
doc/ffmpeg.texi
ffmpeg.c
ffmpeg.h
ffmpeg_opt.c
libavcodec/h264.c
libavcodec/options.c
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
g723.1: fix addition overflow
g723.1: simplify and fix multiplication overflow
g723.1: deobfuscate an expression
g723.1: remove unused #includes
ARM: add missing "cc" clobber in av_clipl_int32_arm()
rtmp: Factorize the code by adding handle_invoke_error
rtmp: Factorize the code by adding handle_invoke_status
rtmp: Factorize the code by adding handle_invoke_result
libavutil: remove unused av_abort() macro
ffmenc: replace if/abort with assert()
libavutil: drop offsetof() fallback definition
libavutil: drop fallback definitions of INTxx_MIN/MAX
configure: Check for a sctp struct instead of just the header
configure: suncc: Add -xc99 to dependency flags, required on Solaris
doxygen: Fix function parameter names to match the code
doc: Drop obsolete shared libs cflags hint to workaround Cygwin gcc bugs
swf: Move shared table out of the header file
swf: Move swf_audio_codec_tags table to the only place it is used
fate: add G.723.1 decoder tests
Conflicts:
configure
doc/platform.texi
libavformat/Makefile
libavutil/arm/intmath.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
mpc8: return more meaningful error codes.
mpc: return more meaningful error codes.
wv,mpc8: don't return apetag data in packets.
rtmp: do not warn about receiving metadata packets
x86: h264dsp: Adjust YASM #ifdefs
x86: yadif: Mark mmxext optimizations as such
h264: convert loop filter strength dsp function to yasm.
Improve descriptiveness of a number of codec and container long names
Conflicts:
libavcodec/flvdec.c
libavcodec/libopenjpegdec.c
libavformat/apetag.c
libavformat/mp3dec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (58 commits)
amrnbdec: check frame size before decoding.
cscd: use negative error values to indicate decode_init() failures.
h264: prevent overreads in intra PCM decoding.
FATE: do not decode audio in the nuv test.
dxa: set audio stream time base using the sample rate
psx-str: do not allow seeking by bytes
asfdec: Do not set AVCodecContext.frame_size
vqf: set packet parameters after av_new_packet()
mpegaudiodec: use DSPUtil.butterflies_float().
FATE: add mp3 test for sample that exhibited false overreads
fate: add cdxl test for bit line plane arrangement
vmnc: return error on decode_init() failure.
libvorbis: add/update error messages
libvorbis: use AVFifoBuffer for output packet buffer
libvorbis: remove unneeded e_o_s check
libvorbis: check return values for functions that can return errors
libvorbis: use float input instead of s16
libvorbis: do not flush libvorbis analysis if dsp state was not initialized
libvorbis: use VBR by default, with default quality of 3
libvorbis: fix use of minrate/maxrate AVOptions
...
Conflicts:
Changelog
doc/APIchanges
libavcodec/avcodec.h
libavcodec/dpxenc.c
libavcodec/libvorbis.c
libavcodec/vmnc.c
libavformat/asfdec.c
libavformat/id3v2enc.c
libavformat/internal.h
libavformat/mp3enc.c
libavformat/utils.c
libavformat/version.h
libswscale/utils.c
tests/fate/video.mak
tests/ref/fate/nuv
tests/ref/fate/prores-alpha
tests/ref/lavf/ffm
tests/ref/vsynth1/prores
tests/ref/vsynth2/prores
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (40 commits)
swf: check return values for av_get/new_packet().
wavpack: Don't shift minclip/maxclip
rtpenc: Expose the max packet size via an avoption
rtpenc: Move max_packet_size to a context variable
rtpenc: Add an option for not sending RTCP packets
lavc: drop encode() support for video.
snowenc: switch to encode2().
snowenc: don't abuse input picture for storing information.
a64multienc: switch to encode2().
a64multienc: don't write into output buffer when there's no output.
libxvid: switch to encode2().
tiffenc: switch to encode2().
tiffenc: properly forward error codes in encode_frame().
lavc: drop libdirac encoder.
gifenc: switch to encode2().
libvpxenc: switch to encode2().
flashsvenc: switch to encode2().
Remove libpostproc.
lcl: don't overwrite input memory.
swscale: take first/lastline over/underflows into account for MMX.
...
Conflicts:
.gitignore
Makefile
cmdutils.c
configure
doc/APIchanges
libavcodec/Makefile
libavcodec/allcodecs.c
libavcodec/libdiracenc.c
libavcodec/libxvidff.c
libavcodec/qtrleenc.c
libavcodec/tiffenc.c
libavcodec/utils.c
libavformat/mov.c
libavformat/movenc.c
libpostproc/Makefile
libpostproc/postprocess.c
libpostproc/postprocess.h
libpostproc/postprocess_altivec_template.c
libpostproc/postprocess_internal.h
libpostproc/postprocess_template.c
libswscale/swscale.c
libswscale/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (22 commits)
frwu: Employ more meaningful return values.
fraps: Use av_fast_padded_malloc() instead of av_realloc()
mjpegdec: use av_fast_padded_malloc()
eatqi: use av_fast_padded_malloc()
asv1: use av_fast_padded_malloc()
avcodec: Add av_fast_padded_malloc().
swscale: enable dithering in MMX functions.
swscale: make rgb24 function macros slightly smaller.
avcodec.h: Remove some disabled cruft.
swscale: remove obsolete comment.
swscale-test: Drop unused argc and argv arguments from main().
zmbv: Employ more meaningful return values.
zmbvenc: Employ more meaningful return values.
vc1: prevent null pointer dereference on broken files
zmbv: check av_realloc() return values and avoid memleaks on ENOMEM
truespeech: align buffer
ac3: Do not read past the end of ff_ac3_band_start_tab.
dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936.
dv: Fix null pointer dereference due to ach=0
dv: check stype
...
Conflicts:
doc/APIchanges
libavcodec/asv1.c
libavcodec/avcodec.h
libavcodec/eatqi.c
libavcodec/fraps.c
libavcodec/frwu.c
libavcodec/zmbv.c
libavformat/dv.c
libswscale/swscale.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
rtpdec: Templatize the code for different g726 bitrate variants
rv40: move loop filter to rv34dsp context
lavf: make av_set_pts_info private.
rtpdec: Add support for G726 audio
rtpdec: Add an init function that can do custom codec context initialization
avconv: make copy_tb on by default.
matroskadec: don't set codec timebase.
rmdec: don't set codec timebase.
avconv: compute next_pts from input packet duration when possible.
lavf: estimate frame duration from r_frame_rate.
avconv: update InputStream.pts in the streamcopy case.
Conflicts:
avconv.c
libavdevice/alsa-audio-dec.c
libavdevice/bktr.c
libavdevice/fbdev.c
libavdevice/libdc1394.c
libavdevice/oss_audio.c
libavdevice/v4l.c
libavdevice/v4l2.c
libavdevice/vfwcap.c
libavdevice/x11grab.c
libavformat/au.c
libavformat/eacdata.c
libavformat/flvdec.c
libavformat/mpegts.c
libavformat/mxfenc.c
libavformat/rtpdec_g726.c
libavformat/wtv.c
libavformat/xmv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>