1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-12 19:18:44 +02:00
Commit Graph

15 Commits

Author SHA1 Message Date
Michael Niedermayer
ba1a19bc35 Merge commit '16158da9607f2f84232d3dd381406b2f2449ec74'
* commit '16158da9607f2f84232d3dd381406b2f2449ec74':
  hnm4: Use av_image_check_size

See: e23b18321f
Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-25 12:19:08 +01:00
Luca Barbato
16158da960 hnm4: Use av_image_check_size
As done for all the other codecs not calling it indirectly.

CC: libav-stable@libav.org
Bug-Id: CID 1135770 / CID 1135771
2014-11-25 02:00:06 +00:00
Michael Niedermayer
4d7d9a5782 avcodec/hnm4video: check offset before subtraction in decode_interframe_v4a()
Fixes out of array read
Fixes: signal_sigsegv_1326a09_1752_cov_245452111_GRTH301.HNS
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-02-03 03:11:48 +01:00
Michael Niedermayer
e23b18321f avcodec/hnm4video: change width/height to int
Fixes hypothetical integer overflows
Related to CID1135770 & CID1135771

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-12-10 23:50:08 +01:00
Michael Niedermayer
321b338762 avcodec/hnm4video: allocate frame only when theres a coded frame
Fixes memleak
Fixes: asan_heap-oob_e76bdf_2224_MOTHOO.HNM

This patch also removes the setting of palette_has_changed,
which was set on a frame that was never returned

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-23 21:05:29 +01:00
Michael Niedermayer
ffe31c654d avcodec/hnm4video: check writeoffset in decode_interframe_v4a()
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 23:52:08 +01:00
Michael Niedermayer
bd8d28e2d2 avcodec/hnm4video: check dimensions for validity
Fixes out of array read
Fixes: asan_heap-oob_e76e18_1244_CASSE.HNM
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 23:52:08 +01:00
Michael Niedermayer
b33f3246e2 avcodec/hnm4video: fix missing newlines in error messages
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 22:31:47 +01:00
Michael Niedermayer
78446f0d9d avcodec/hnm4video: fix write offset checks in decode_interframe_v4()
Fixes: asan_heap-oob_e76a51_1244_CASSE.HNM

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 22:31:46 +01:00
Michael Niedermayer
5a08ba5381 avcodec/hnm4video: check offset in decode_interframe_v4() more completely
Fixes out of array reads
Fixes: signal_sigsegv_e74c1e_1092_BROCIME.HNM
Fixes: signal_sigsegv_e74e85_2620_PLAQUE0.HNM

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 22:12:27 +01:00
Michael Niedermayer
0398b7cbd3 avcodec/hnm4video: check intraframe size
Fixes hypothetical integer overflow with HNM4_CHUNK_ID_IZ

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 17:02:00 +01:00
Michael Niedermayer
ba992711f7 avcodec/hnm4video: check that packetsize is at least 8
Fixes integer overflow and assertion failure
Fixes: signal_sigabrt_7ffff7126425_1243_CASSE.HNM

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-22 17:02:00 +01:00
Paul B Mahol
315e3cf047 avcodec/hnm4video: remove redundant log message
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2013-11-07 14:04:21 +00:00
Michael Niedermayer
a2bfee36b7 Merge commit '9af7a8523a6bb517834ebed36093bdab11a8b38e'
* commit '9af7a8523a6bb517834ebed36093bdab11a8b38e':
  HNM4/HNM4A demuxer & video decoder

Conflicts:
	Changelog
	doc/general.texi
	libavcodec/Makefile
	libavcodec/allcodecs.c
	libavcodec/avcodec.h
	libavcodec/version.h
	libavformat/Makefile
	libavformat/allformats.c
	libavformat/version.h

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2013-11-01 10:46:39 +01:00
David Kment
9af7a8523a HNM4/HNM4A demuxer & video decoder
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2013-10-31 17:45:46 +01:00