FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00

Author	SHA1	Message	Date
Michael Niedermayer	87cc0b0474	avcodec/mjpegdec: Check for for the bitstream end in mjpeg_decode_scan_progressive_ac() Fixes timeout Fixes: 496/clusterfuzz-testcase-5805083497332736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3782656631fa8262528c07794acf7e9c2aab000d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Frank Liberato	d59582a567	avformat/flacdec: Check avio_read result when reading flac block header. Return AVERROR_INVALIDDATA if all four bytes aren't present. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 95bde49982a82bc10470c0adab5969ffe635d064) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Michael Niedermayer	17a9e90d1f	avcodec/utils: correct align value for interplay Fixes out of array access Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2080bc33717955a0e4268e738acf8c1eeddbf8cb) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Michael Niedermayer	3aca3f1257	avcodec/vp56: Check for the bitstream end, pass error codes on Fixes timeout Fixes: 446/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_VP6_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9e6a2427558a718be0c1fffacffd935f630a7a8d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Michael Niedermayer	9f2e4c26a0	avcodec/mjpegdec: Check remaining bitstream in ljpeg_decode_yuv_scan() Fixes timeout Fixes: 445/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer Fixes: 456/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_JPEGLS_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 755933cb5cd17decd1838d3d64e07d4157de5638) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Michael Niedermayer	1febd817b1	avcodec/pngdec: Fix off by 1 size in decode_zbuf() Fixes out of array access Fixes: 444/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_PNG_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e371f031b942d73e02c090170975561fabd5c264) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Tobias Rapp	3f3ee3e62f	avformat/avidec: skip odml master index chunks in avi_sync Fixes pts gaps when reading AVI files > 256GiB generated by FFmpeg. Signed-off-by: Tobias Rapp <t.rapp@noa-archive.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6d579d7c1bdc4126955cae7f385208e455685986) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:51 +01:00
Michael Niedermayer	8be687a81f	avcodec/mjpegdec: Check for rgb before flipping Fixes assertion failure due to unsupported case Fixes: 356/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 25d9643f1172ae6a210c671195ba3135895abaf3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	1827fe0989	avutil/random_seed: Reduce the time needed on systems with very low precission clock() This should fix issues on BSD CLOCKS_PER_SEC is 128 on BSD while SUSv2 requires it to be a million Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c4152fc42e480c41efb7f761b1bbe5f0bc43d5bc) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	02073b5ab1	avutil/random_seed: Improve get_generic_seed() with higher precission clock() Tested-by: Thomas Turner <thomastdt@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit da73d95bad4736c5e0a6b4b1a811f4dd4525bb4c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	1825f7670a	avformat/utils: Print verbose error message if stream count exceeds max_streams Reviewed-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f0bdd538712d8ed34120ab2b7bd1409fcc99fb45) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	2647ca4581	avformat/options_table: Set the default maximum number of streams to 1000 Fixes CVE-2016-9561, Note the security relevance of this is disputed as running out of memory can happen with valid files Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Reviewed-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 30581c51e72a7a7ea1572c1c6039f6e4c590a55c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	2e44b10418	avutil: Add av_image_check_size2() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f542b152aa2086b30d1089162d79f5c136905c0c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	c6fbff1358	avformat: Add max_streams option This allows user apps to stop OOM due to excessive number of streams Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1296f844955e513d19051c962656f829479d4fb9) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	774461ea62	avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated We are checking during encoding if there is enough space as version 4 needs that check. Fixes Ticket6005 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 38a7834bbb24ef62466b076715e0add60e1d6962) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	94a0a484b7	avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory() Fixes: part of 670190.ogg Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8258e363851434ad5662c19d036fddb3e3f27683) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	a127f51140	avformat/oggdec: Skip streams in duration correction that did not had their duration set. Fixes: part of 670190.ogg Fixes integer overflow Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ee2a6f5df8c6a151c3e3826872f1b0a07401c62a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Michael Niedermayer	07ca8300a6	avcodec/ffv1enc: Fix size of first slice Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cff1c0edaa797eca96663d9b83e4b8c1b609ff19) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-02-08 21:17:50 +01:00
Andreas Cadhalpun	f7e18dea7a	pgssubdec: reset rle_data_len/rle_remaining_len on allocation error The code relies on their validity and otherwise can try to access a NULL object->rle pointer, causing segmentation faults. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 842e98b4d83d8cf297e2bc2761f1f47eb89e49e4) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2017-02-01 02:29:08 +01:00
Michael Niedermayer	16c0d8aa46	update for ffmpeg 2.8.10 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n2.8.10	2016-12-06 03:50:50 +01:00
Michael Niedermayer	1ec9fd15b9	avformat/http: Match chunksize checks to master..3.0 Fixes warning about impossible condition Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 03:30:10 +01:00
Michael Niedermayer	4a947f4385	Changelog: fix typos Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 01:19:34 +01:00
Michael Niedermayer	e0cb113f9b	ffserver: Check chunk size Fixes out of array access Fixes: poc_ffserver.py Found-by: Paul Cher <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 00:59:22 +01:00
Michael Niedermayer	15abba737b	Avoid using the term "file" and prefer "url" in some docs and comments This should make it less ambigous that these are URLs Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a5f27a9c3aa973c543bd8bbf2a78363700bbc03e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 00:59:22 +01:00
Michael Niedermayer	5bfb0b02b6	avformat/rtmppkt: Check for packet size mismatches Fixes out of array access Found-by: Paul Cher <paulcher@icloud.com> Reviewed-by: Paul Cher <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7d57ca4d9a75562fa32e40766211de150f8b3ee7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 00:59:22 +01:00
Timothy Gu	c472c1b3e7	zmqsend: Initialize ret to 0 Fixes CID1396857. (cherry picked from commit d903b4e3ad4a81b3dd79f12c2f3b9cb16e511173) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-06 00:59:22 +01:00
James Almer	e8dfe3f34a	configure: check for strtoull on msvc Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit b52d3574d466e745834d1283b55570dee1e2d4cd)	2016-12-05 19:19:11 -03:00
Ronald S. Bultje	d3fc5c17de	http: move chunk handling from http_read_stream() to http_buf_read(). (cherry picked from commit 845bb401781ef04e342bd558df16a8dbf5f800f9)	2016-12-05 16:20:58 -05:00
Ronald S. Bultje	606b21353d	http: make length/offset-related variables unsigned. Fixes #5992, reported and found by Paul Cher <paulcher@icloud.com>. (cherry picked from commit 2a05c8f813de6f2278827734bf8102291e7484aa)	2016-12-05 16:20:40 -05:00
Michael Niedermayer	fb93771072	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n2.8.9	2016-12-04 01:42:53 +01:00
Michael Niedermayer	3f8bb78f3e	avcodec/flacdec: Fix undefined shift in decode_subframe() Fixes undefined behavior Fixes: 639961-media Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1f5630af51f24d79053b6bef5b8b3ba93d637306) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-04 01:05:02 +01:00
Michael Niedermayer	a5989651f0	avcodec/get_bits: Fix get_sbits_long(0) Fixes undefined behavior Fixes: 640889-media Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c72fa432349881d5a445cd110abf698cc94d490d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-04 01:03:53 +01:00
Michael Niedermayer	1e512388ee	avformat/ffmdec: Check media type for chunks Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e706e2e775730db5dfa9103628cd70704dd13cef) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-03 17:46:37 +01:00
Michael Niedermayer	31d46dc97d	avcodec/flacdec: Fix signed integer overflow in decode_subframe_fixed() Fixes undefined behavior Fixes: 640912-media Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 83a75bf6c31b3c0ce2ca7e1426d1f2e3df634239) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-03 17:32:54 +01:00
Michael Niedermayer	5790ce6273	avcodec/flacdsp_template: Fix undefined shift in flac_decorrelate_indep_c Fixes: left shift of negative value Fixes: 668346-media Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit acc163c6ab52d2235767852262c64c7f6b273d1c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-03 17:32:33 +01:00
Michael Niedermayer	f202fefdb0	avformat/oggparsespeex: Check frames_per_packet and packet_size The speex specification does not seem to restrict these values, thus the limits where choosen so as to avoid multiplicative overflow Fixes undefined behavior Fixes: 635422.ogg Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit afcf15b0dbb4b6429be5083e50b296cdca61875e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-03 04:10:31 +01:00
Michael Niedermayer	3af916db37	avformat/utils: Check start/end before computing duration in update_stream_timings() Fixes undefined behavior Fixes: 637428.ogg Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 90da187f1d334422477886a19eca3c1da29c59a7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-03 04:10:19 +01:00
Michael Niedermayer	518beeb72f	Changelog: Update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-02 00:47:39 +01:00
Michael Niedermayer	46edc6d5ef	avcodec/flac_parser: Update nb_headers_buffered Fixes infinite loop Fixes: fuzz.flac Found-by: Frank Liberato <liberato@google.com> Reviewed-by: Frank Liberato <liberato@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2475858889cde6221677473b663df6f985add33d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-01 23:50:40 +01:00
Michael Niedermayer	046cc06f5a	avformat/idroqdec: Check chunk_size for being too large Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 744a0b5206634e5de04d5c31f08cc3640faf800d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2016-12-01 23:50:40 +01:00
Andreas Cadhalpun	970781f5f2	Update Changelog	2016-11-27 00:47:03 +01:00
Andreas Cadhalpun	d8ec9e97b9	filmstripdec: correctly check image dimensions This prevents a division by zero in read_packet. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 25012c56448a48487cdc9699465e640871dbcd60) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:36 +01:00
Andreas Cadhalpun	028c87be95	mss2: only use error correction for matching block counts This fixes a heap-buffer-overflow in ff_er_frame_end when decoding mss2 with coded_width/coded_height larger than width/height. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 2566ad98b01538ea589e5ee07b69fc566aadc348) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:36 +01:00
Andreas Cadhalpun	b45e112bbd	softfloat: decrease MIN_EXP to cover full float range floats are not necessarily normalized, so a normalized softfloat needs MIN_EXP lowered by 23 to cover that range. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 2d6f46d801bab990b7e742b8a8e5c5b0cb70a80e) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	56b120630f	libopusdec: default to stereo for invalid number of channels This fixes an out-of-bounds read if avc->channels is 0. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 8c8f543b81aa2b50bb6a6cfd370a0061281492a3) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	22cd4aa221	sbgdec: prevent NULL pointer access Reviewed-by: Josh de Kock <josh@itanimul.li> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit dbefbb61b785cd77810c032f5cdb499d2a92df07) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	8a7b2fbf6f	smacker: limit recursion depth of smacker_decode_bigtree This fixes segmentation faults due to stack-overflow caused by too deep recursion. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 946ecd19ea752399bccc751c9339ff74b815587e) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	8f27508f1c	mxfdec: fix NULL pointer dereference in mxf_read_packet_old Metadata streams have priv_data set to NULL. Reviewed-by: Josh de Kock <josh@itanimul.li> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit fdb8c455b637f86e2e85503b7e090fa448164398) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	7552f6fc1b	libschroedingerdec: fix leaking of framewithpts Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 3c0328d58d98664b05efdd377d3fe66a569d385e) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00
Andreas Cadhalpun	70ca4ce17a	libschroedingerdec: don't produce empty frames They are not valid and can cause problems/crashes for API users. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit a86ebbf7f641bc797002ddea7fb517759722cd1b) Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	2016-11-27 00:46:35 +01:00

1 2 3 4 5 ...

75503 Commits