FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00

Author	SHA1	Message	Date
Michael Niedermayer	478c5d838b	avcodec/svq1enc: Do not print debug RD value before it has been computed Avoids floating point division by 0 Fixes: Ticket8191 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c297f7e57a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	159403fc9f	avcodec/aacpsy: Check bandwidth Fixes: Ticket8011 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `36dead4bc2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	27727d56bf	avcodec/aacenc: Do not divide by lambda_count if it is 0 Avoids Floating point division by 0 Fixes: Ticket8011 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c520b98691`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	2b70d3941f	avcodec/aacenc: Use FLT_EPSILON for lambda minimum (cherry picked from commit `4b89cf7aa4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	6e2b18a895	avfilter/vf_yadif: Fix handing of tiny images Fixes: out of array access Fixes: Ticket8240 Fixes: CVE-2020-22021 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7971f62120`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	cea03683b9	avfilter/vf_vmafmotion: Check dimensions Fixes: out of array access Fixes: Ticket8241 Fixes: Ticket8246 Fixes: CVE-2020-22019 Fixes: CVE-2020-22033 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `82ad1b7675`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	5f9f689497	avformat/movenc: Check pal_size before use Fixes: assertion failure Fixes: out of array read Fixes: Ticket8190 Fixes: CVE-2020-22015 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4c1afa2925`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	7fbea837fd	avcodec/lpc: Avoid floating point division by 0 Fixes: Ticket7996 Fixes: CVE-2020-20445 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38d18fb578`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	5828700d5c	avcodec/aacpsy: Avoid floating point division by 0 of norm_fac Fixes: Ticket7995 Fixes: CVE-2020-20446 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `223b5e8ac9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	05cca35df9	avcodec/aacenc: Avoid 0 lambda Fixes: Ticket8003 Fixes: CVE-2020-20453 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a7a7f32c8a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	43bdf562c3	avcodec/exr: More strictly check dc_count Fixes: out of array access Fixes: exr/deneme Found-by: Burak Çarıkçı <burakcarikci@crypttech.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `26d3c81bc5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	fa38dfc0ef	avcodec/exr: x/ymax cannot be INT_MAX The code uses x/ymax + 1 so the maximum is INT_MAX-1 Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 33158/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5545462457303040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `48342aa075`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	5d3c96cf11	avformat/avio: Check av_opt_copy() for failure Fixes: CID1477416 Unchecked return value Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f8611ae1ef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	95224c3ffb	avformat/moflex: Remove unneeded format variable Fixes: CID1477423 Uninitialized scalar variable Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `36a3a5050a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	567eacd42e	avformat/fifo: check for flushed packets and timeshift Fixes: CID1464151 Dereference after null check Reviewed-by: Marton Balint <cus@passwd.hu> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3e44bd068f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	a6bd1bdd12	avcodec/clearvideo: Check for 0 tile_shift Fixes: shift exponent -1 is negative Fixes: 33401/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-5908683596890112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `63e75e09ae`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	3f81371bd4	avcodec/vc1: Check remaining bits in ff_vc1_parse_frame_header() Fixes: Timeout Fixes: 33156/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-6259655027326976 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38c4761588`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	6f7a7b5ffb	avformat/mov: Ignore duplicate CoLL Fixes: memleak Fixes: 32146/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5377612845285376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9548dc74d8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	409c33e5f8	avformat/mov: Limit nb_chapter_tracks to input size Fixes: Timeout (15k loop iterations instead of 400m) Fixes: 31368/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6601583174483968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `299a56c900`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	ba1cc675eb	avformat/utils: Use 64bit earlier in r_frame_rate check Fixes: signed integer overflow: 1406796319 * 2 cannot be represented in type 'int' Fixes: 32777/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5632576913014784 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `578633fc1a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	0dc1c85644	avcodec/alsdec: Fix decoding error with mono audio files highest_decoded_channel is modified to serve as meant. Reported-by: Noboru Harada <noboru@ieee.org> Regression since: `a11aa5f3ed` Fixes: Sin48k16bit1ch.mp4 Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f7987ce966`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	5f0c0883c2	avformat/mvdec: Check sample rate in parse_audio_var() Fixes: signed integer overflow: -635424002382840000 * 16 cannot be represented in type 'long' Fixes: 33612/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5704741108711424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0ff60249a5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	89d8eae0c6	avcodec/faxcompr: Check for end of bitstream in decode_group3_1d_line() and decode_group3_2d_line() Fixes: infinite loop Fixes: 33674/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4816457818046464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `08d2df4153`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	82de510a59	avcodec/utils: treat PAL8 for jpegs similar to other colorspaces Fixes: out of array access Fixes: 33713/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5778775641030656 Fixes: 33717/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-4960397238075392 Fixes: 33718/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-5314270096130048.fuzz Fixes: 33719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5352721864589312 Fixes: 33721/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5938892055379968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f0ce023ddb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	1abd61e006	avcodec/jpeglsdec: Set alpha plane in PAL8 so image is not 100% transparent Fixes: tickets/3933/128.jls Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `011006874c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	2d177dba88	avformat/asfdec_o: Use ff_get_extradata() Fixes: OOM Fixes: 27240/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-5937469859823616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `098314e1e5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	6f83f6de04	avformat/id3v2: Check end for overflow in id3v2_parse() Fixes: signed integer overflow: 9223372036840103978 + 67637280 cannot be represented in type 'long' Fixes: 33341/clusterfuzz-testcase-minimized-ffmpeg_dem_DSF_fuzzer-6408154041679872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `efdb564504`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	f0d9b5899a	avformat/mxfdec: Fix file position addition Fixes: signed integer overflow: 9223372036854775805 + 4 cannot be represented in type 'long' Fixes: 29927/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5579985228267520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f7c3484b26`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	c1d3a0638a	avformat/wtvdec: Improve size overflow checks in parse_chunks() Fixes: signed integer overflow: 32 + 2147483647 cannot be represented in type 'int Fixes: 32967/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-5132856218222592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f8ec1da8ac`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	7f0353bc55	avcodec/faxcompr: Check remaining bits on error in decode_group3_1d_line() Fixes: Timeout Fixes: 32886/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4779761466474496 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7b3881f0da`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	26369e6ca9	avformat/mov: check for pts overflow in mov_read_sidx() Fixes: signed integer overflow: 9223372036846336888 + 4278255871 cannot be represented in type 'long' Fixes: 32782/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6059216516284416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ee53bb2399`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	246b3d58a9	avcodec/utils: Check ima wav duration for overflow Fixes: signed integer overflow: 44331634 * 65 cannot be represented in type 'int' Fixes: 32120/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-5760221223583744 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f40e9b1355`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	f4c5abe2d0	avcodec/rv10: Execute whole size check earlier for rv20 Fixes: Timeout Fixes: 31380/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RV20_fuzzer-5230899257016320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f8556b632f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	3d2af8afef	avformat/cafdec: Check channels Fixes: signed integer overflow: -1184429040541376544 * 32 cannot be represented in type 'long' Fixes: 31788/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6236746338664448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `641c1db22b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	48be6b27e7	avcodec/exr: increase vlc depth Fixes: shift exponent -4 is negative Fixes: 32265/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-465133454137753 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3344079d30`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	b3f458f89f	avcodec/dpx: Check bits_per_color earlier Fixes: shift exponent 251 is too large for 32-bit type 'int' Fixes: 32147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DPX_fuzzer-5519111675314176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c093eb3031`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Michael Niedermayer	b2a94f5937	avformat/mvi: Check audio_data_size to be non negative Fixes: left shift of negative value -224 Fixes: 32144/clusterfuzz-testcase-minimized-ffmpeg_dem_MVI_fuzzer-4971479323246592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7e241a1b73`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-06-18 20:53:56 +02:00
Timo Rothenpieler	8d172d9409	avcodec/nvenc: disable s12m timestamps by default Leads to weird crashes with valid looking input data for otherwise unknown reasons.	2021-05-29 23:29:06 +02:00
Martin Storsjö	c813f5e343	aarch64: hevc_idct: Fix overflows in idct_dc This is marginally slower, but correct for all input values. The previous implementation failed with certain input seeds, e.g. "checkasm --test=hevc_idct 98". Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit `f27e3ccf06`)	2021-05-22 22:33:20 +03:00
Fei Wang	f7468a9c40	avcodec/vaapi_av1: pass full buffer size for each tile Previously, only the size of a given tile was passed, making the offset and size marked in VASliceParameterBufferAV1 invalid with multiple tiles. Signed-off-by: Fei Wang <fei.w.wang@intel.com> (cherry picked from commit `9b131e8500`)	2021-05-20 17:12:40 +03:00
Zane van Iperen	49e3dd7709	avcodec/videotoolboxenc: #define TARGET_CPU_ARM64 to 0 if not provided by the SDK Fixes build failure on older SDKs without it. Fixes #9242 (cherry picked from commit `f9eb440e78`) Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>	2021-05-19 10:40:30 +10:00
Anton Khirnov	e87e006121	lavc/pngdec: fix updating reference frames for APNG_DISPOSE_OP_BACKGROUND They should be treated the same as APNG_DISPOSE_OP_NONE. Broken in `5663301560`. Fixes #9184. (cherry picked from commit `aa726eaed9`) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2021-05-14 11:17:33 +02:00
Jan Ekström	70405dd7e3	ffmpeg: return no chosen output if an uninitialized stream is unavailable Otherwise the rate emulation logic in `transcode_step` never gets hit, and the unavailability flag never gets reset, leading to an eternal loop with some rate emulation use cases. This change was missed during the rework of ffmpeg.c, in which encoder initialization was moved further down the time line in commit `67be1ce0c6` . Previously, as the encoder initialization had happened earlier, this state was not possible (flow getting as far as hitting the rate emulation logic, yet not having the encoder initialized yet). Fixes #9160 (cherry picked from commit `ec20b81302`)	2021-05-13 18:12:02 +03:00
Andreas Rheinhardt	74bcfe5f85	avcodec/h263, h263data: Move ff_h263_init_rl_inter to h263.c The SVQ1 decoder does not need mpegvideo or rl.c, but it uses stuff from h263data.c. But since `61fe481586` h263data.c called ff_rl_init() and this of course led to build errors when the SVQ1 decoder is enabled and mpegvideo disabled. Fix this by moving ff_h263_init_rl_inter() to h263.c. Fixes ticket #9224. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `e2301feabc`)	2021-05-12 07:03:32 +02:00
Andreas Rheinhardt	01701019e0	configure: Add missing mpegvideo dependency for IPU decoder Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `8f588eea8e`)	2021-05-12 07:02:58 +02:00
Andreas Rheinhardt	70d1af5690	avcodec/ttmlenc: Don't confuse capabilities and caps_internal Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `14a6025384`)	2021-05-10 22:20:22 +02:00
James Almer	75c3969292	avformat/mpegts: add missing sample_rate value to Opus extradata Finishes fixing ticket #9190. Signed-off-by: James Almer <jamrial@gmail.com>	2021-05-02 20:54:59 -03:00
James Almer	40b896a781	avformat/movenc: fix writing dOps atoms Don't blindly copy all bytes in extradata past ChannelMappingFamily. Instead check if ChannelMappingFamily is not 0 and then only write the correct amount of bytes from ChannelMappingTable, as defined in the spec[1]. Fixes part of ticket #9190. [1] https://opus-codec.org/docs/opus_in_isobmff.html#4.3.2 Signed-off-by: James Almer <jamrial@gmail.com>	2021-05-02 20:54:59 -03:00
James Almer	ede71f4f57	avcodec/av1_metadata: don't store the inserted TD OBU in stack Fixes: stack-use-after-return Fixes: clusterfuzz-testcase-minimized-ffmpeg_BSF_AV1_METADATA_fuzzer-5931515701755904 Fixes: clusterfuzz-testcase-minimized-ffmpeg_BSF_AV1_METADATA_fuzzer-6105676541722624 Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: James Almer <jamrial@gmail.com>	2021-05-02 20:52:34 -03:00
Andreas Rheinhardt	023bc5d926	avcodec/nellymoserenc: Fix segfault when using unsupported channels/rate NellyMoserEncodeContext.avctx is only set in init after these checks, yet it is used by encode_end(). This is a regression since `0a56bfa71f`. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `652279e35b`)	2021-04-29 02:28:20 +02:00

1 2 3 4 5 ...

101842 Commits