socklen_t underlying type can be signed or unsigned depending on
platform. This is fine, just cast it to size_t before comparison.
Fixes: warning: result of comparison of unsigned expression < 0 is
always false [-Wtautological-unsigned-zero-compare]
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
Add type removed function wrappers to resolve UB of calling function
through pointer to incorrect function type.
Fixes: FATE-{hmac,srtp}
Fixes: call to function av_md5_init through pointer to incorrect
function type 'void (*)(void *)' and similar for others.
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
av_get_token() allocates an output buffer with the same size as the
input. Generally, this is harmless, but when the input string is large
and consists of many small tokens, calling av_get_token() repeatedly to
extract all tokens will significantly amplify memory allocations.
To fix this, after obtaining the return value, simply realloc the buffer
to the actual size needed for output string.
Fixes OOM when parsing filter graph string.
Fixes OSS-Fuzz: 394983446
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
It's RGB, so check instead if it's packed or planar.
Fixes: libavcodec/ffv1dec.c:461:43: runtime error: applying zero offset to null pointer
Signed-off-by: James Almer <jamrial@gmail.com>
It's not a value stored in the hvcC structure.
Fixes use of uninitialized variable errors under sanitizer when the input extradata is
already hvcC formatted, given we don't parse parameter sets for those.
Signed-off-by: James Almer <jamrial@gmail.com>
When no explicit CAs file is set, load the default locations,
else there is no way for verification to succeed.
This matches the behavior of other TLS backends.
When verification is enabled (using -tls_verify 1) now
the hostname will be verified properly too, while before
only other aspects of the certificate were checked.
Co-Authored-By: Marvin Scholz <epirat07@gmail.com>
For detect_range, the usage of vpbroadcast{b,w} requires the AVX512BW extension, and for
detect_alpha we don't want ZMM instructions downclocking old CPUs.
Signed-off-by: James Almer <jamrial@gmail.com>
This filter can detect various properties about the image, including
whether or not there are out-of-range values, or whether the input appears
to use straight or premultiplied alpha.
Of course, these can only be heuristics, with "undetermined" as the base
case. While we can definitely prove the existence of full range or
straight alpha colors, we can never infer the opposite.
The true problem happens in several previous get_vlc_symbol()
but checking that is more expensive (involving FFABS())
here its just a simple check between 2 variables we have.
Fixes: Assertion log >= k failed at libavcodec/golomb.h:406
Fixes: 429296194/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_DEC_fuzzer-4691594622337024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Add av_freep() to free new_elem to avoid memory leak.
Fixes: 3ca1e31e63 ("fftools/cmdutils: Atomically add elements to list of pointers, fix crash")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Don't rely on implicit zeroing.
Should fix fate failures on msvc targets.
Found-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
scale was never initialized. av_tx_init() will use default scale if we
pass NULL.
Fixes: b3117f376d
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
This was in else branch of `#if 1` since ever. No need to keep dead code
like that, if anyone needs it they can get it from git history.
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
In OSS-Fuzz build environment flags are handled by CFLAGS and LDFLAGS.
In local build use --toolchain=clang-fuzz-asan-ubsan or similar
combination depending on requested sanitizers.
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
