virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Code Issues Releases Activity
94,183 Commits 37 Branches 400 Tags 460 MiB
5f64f6058e
Commit Graph

181 Commits

Author SHA1 Message Date
Michael Niedermayer
5f64f6058e avcodec/alsdec: Fix integer overflow with buffer number 
Fixes: signed integer overflow: 65313 * 65313 cannot be represented in type 'int'
Fixes: 15290/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5738074249625600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
7f527021df avcodec/alsdec: Fixes signed integer overflow in LSB addition 
Fixes: signed integer overflow: 8 * 536870912 cannot be represented in type 'int'
Fixes: 15281/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5744458785619968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
0794494c8f avcodec/alsdec: Check opt_order / sb_length in ra_block handling 
Fixes: out of array access
Fixes: 15277/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5184853437317120
Fixes: 15280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5741062137577472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
a3bd4b260e avcodec/alsdec: Fix integer overflow with shifting samples 
Fixes: signed integer overflow: -346039050 * 8 cannot be represented in type 'int'
Fixes: 15283/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5692700268953600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
51f6870c37 avcodec/alsdec: Fix undefined behavior in decode_rice() 
Fixes: left shift of 72 by 26 places cannot be represented in type 'int'
Fixes: 15279/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5700665621348352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
e131568752 avcodec/alsdec: Fixes invalid shifts in read_var_block_data() and INTERLEAVE_OUTPUT() 
Fixes: left shift of negative value -6
Fixes: 15275/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5742361767837696
Fixes: signed integer overflow: 41582592 * 256 cannot be represented in type 'int'
Fixes: 15296/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5739558227935232

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-06 22:50:21 +02:00
Michael Niedermayer
f30be1ec98 avcodec/alsdec: Fix invalid shift in multiply() 
Fixes: shift exponent -24 is negative
Fixes: 15292/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5768533318828032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-06-26 21:31:29 +02:00
Umair Khan
55937bb4a7 libavcodec/als: fix address sanitization error in decoder 
Signed-off-by: Umair Khan <omerjerk@gmail.com>
 2017-11-16 23:37:11 +01:00
Umair Khan
e510a8251b libavcodec/als: remove check for predictor order of a block 
Reverts commit 18f94df8, fixes ticket #5297.

Signed-off-by: Umair Khan <omerjerk@gmail.com>
 2017-11-16 23:36:14 +01:00
Paul B Mahol
cbbd330abc avcodec/alsdec: fix some undefined shifts 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-07-04 09:24:54 +02:00
Paul B Mahol
c3f10ea4bb avcodec/alsdec: remove unused header 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-07-04 09:20:48 +02:00
Paul B Mahol
c8853568b1 avcodec/alsdec: call correct function for multi-channel coding 
Fixes #5942.

Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2017-07-02 16:45:15 +02:00
Clément Bœsch
549045254c Fix all -Wformat warnings raised by DJGPP 2017-03-29 14:49:29 +02:00
Thilo Borgmann
4d48add89b lavc/alsdec: use get_bitsz() to simplify reading of the mantissa 
Signed-off-by: James Almer <jamrial@gmail.com>
 2016-09-09 11:50:12 -03:00
Michael Niedermayer
037422178d avcodec/alsdec: Fix reading 0 mantisse bits 
Fixes assertion failure
Fixes: 848c24abc1721c9e3d1ba7bfee8d9fcc/asan_heap-oob_1d99eca_3709_567bba70d67e7d62714dcf56f26fb1da.mp4

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-09-08 22:16:48 +02:00
Michael Niedermayer
f2192e0f03 avcodec/alsdec: Fix raw_mantissa memleak 
Fixes: 0cee183a09bff5aa5108429717c35a4d/asan_heap-oob_1d99eca_3702_9ef60e80de79082a778d3d9ce8ef3b64.mp4

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-09-08 20:31:15 +02:00
Michael Niedermayer
837e72b016 avcodec/alsdec: Fix mlz memleak 
Fixes: 0cee183a09bff5aa5108429717c35a4d/asan_heap-oob_1d99eca_3702_172c75af9868d4c2556a79cc2413f4cc.mp4

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-09-08 20:31:15 +02:00
Michael Niedermayer
ebb9a320d7 avcodec/alsdec: Remove unused variable 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-08-22 17:36:56 +02:00
Umair Khan
dcfd24b10c avcodec/alsdec: Implement floating point sample data decoding 
It conforms to the RM22 version of the reference encoder

Signed-off-by: Umair Khan <omerjerk@gmail.com>
 2016-08-22 15:28:19 +02:00
Michael Niedermayer
c36fc857b5 avcodec/alsdec: Check r to prevent out of array read 
No testcase known

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-06-07 21:10:22 +02:00
Umair Khan
a2ba50b03a avcodec/alsdec: Fix bitstream reading 
Signed-off-by: Umair Khan <omerjerk@gmail.com>
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-04-27 13:15:12 +02:00
Umair Khan
5d64ba9d18 avcodec/alsdec: fix max bits in ltp prefix code 
The maximum number of bits int the prefix code for
p(0) is 4. By setting it as 3, we were missing the
last 0 bit.
This fixes bug #4715 present on the trac.

Signed-off-by: Umair Khan <omerjerk@gmail.com>
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-03-12 01:56:58 +01:00
Carl Eugen Hoyos
144ef773c7 Use correct msvc type specifiers for ptrdiff_t and size_t. 2016-03-09 14:00:22 +01:00
Umair Khan
7d6c264e02 avcodec/alsdec: treat quant_cof as a signed value 
Signed-off-by: Umair Khan <omerjerk@gmail.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-03-06 13:11:29 +01:00
Michael Niedermayer
444e9874a7 Merge commit 'def97856de6021965db86c25a732d78689bd6bb0' 
* commit 'def97856de6021965db86c25a732d78689bd6bb0':
  lavc: AV-prefix all codec capabilities

Conflicts:
	cmdutils.c
	ffmpeg.c
	ffplay.c
	libavcodec/8svx.c
	libavcodec/aacenc.c
	libavcodec/ac3dec.c
	libavcodec/adpcm.c
	libavcodec/alac.c
	libavcodec/atrac3plusdec.c
	libavcodec/bink.c
	libavcodec/dnxhddec.c
	libavcodec/dvdec.c
	libavcodec/dvenc.c
	libavcodec/ffv1dec.c
	libavcodec/ffv1enc.c
	libavcodec/fic.c
	libavcodec/flacdec.c
	libavcodec/flacenc.c
	libavcodec/flvdec.c
	libavcodec/fraps.c
	libavcodec/frwu.c
	libavcodec/gifdec.c
	libavcodec/h261dec.c
	libavcodec/hevc.c
	libavcodec/iff.c
	libavcodec/imc.c
	libavcodec/libopenjpegdec.c
	libavcodec/libvo-aacenc.c
	libavcodec/libvorbisenc.c
	libavcodec/libvpxdec.c
	libavcodec/libvpxenc.c
	libavcodec/libx264.c
	libavcodec/mjpegbdec.c
	libavcodec/mjpegdec.c
	libavcodec/mpegaudiodec_float.c
	libavcodec/msmpeg4dec.c
	libavcodec/mxpegdec.c
	libavcodec/nvenc_h264.c
	libavcodec/nvenc_hevc.c
	libavcodec/pngdec.c
	libavcodec/qpeg.c
	libavcodec/ra288.c
	libavcodec/rv10.c
	libavcodec/s302m.c
	libavcodec/sp5xdec.c
	libavcodec/takdec.c
	libavcodec/tiff.c
	libavcodec/tta.c
	libavcodec/utils.c
	libavcodec/v210dec.c
	libavcodec/vp6.c
	libavcodec/vp9.c
	libavcodec/wavpack.c
	libavcodec/yop.c

Merged-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-27 22:50:18 +02:00
Vittorio Giovara
def97856de lavc: AV-prefix all codec capabilities 
Express bitfields more simply.

Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
 2015-07-27 15:24:58 +01:00
Michael Niedermayer
c265763318 avcodec/alsdec: Check for overread 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-06-04 23:10:56 +02:00
Andreas Cadhalpun
60f1cc4a1f alsdec: only adapt order for positive max_order 
For max_order = 0 the clipping range is invalid. (amin = 2, amax = 1)

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2015-05-05 16:10:52 +02:00
Andreas Cadhalpun
94bb1ce882 alsdec: check sample pointer range in revert_channel_correlation 
Also change the type of begin, end and smp to ptrdiff_t to make the
comparison well-defined.

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2015-05-05 16:06:58 +02:00
Andreas Cadhalpun
e191aaca44 alsdec: limit avctx->bits_per_raw_sample to 32 
avctx->bits_per_raw_sample is used in get_sbits_long, which only
supports up to 32 bits.

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2015-05-05 10:22:29 +02:00
Andreas Cadhalpun
58d605ee9b alsdec: only adapt order for positive max_order 
For max_order = 0 the clipping range is invalid. (amin = 2, amax = 1)

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-23 16:51:46 +02:00
Andreas Cadhalpun
afc7748d1f alsdec: check sample pointer range in revert_channel_correlation 
Also change the type of begin, end and smp to ptrdiff_t to make the
comparison well-defined.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-22 12:02:25 +02:00
Michael Niedermayer
8f7b022c8c Merge commit '6a85dfc830f51f1f5c2d36d4182d265c1ea3ba25' 
* commit '6a85dfc830f51f1f5c2d36d4182d265c1ea3ba25':
  lavc: Replace av_dlog and tprintf with internal macros

Conflicts:
	libavcodec/aacdec.c
	libavcodec/audio_frame_queue.c
	libavcodec/bitstream.c
	libavcodec/dcadec.c
	libavcodec/dnxhddec.c
	libavcodec/dvbsubdec.c
	libavcodec/dvdec.c
	libavcodec/dvdsubdec.c
	libavcodec/get_bits.h
	libavcodec/gifdec.c
	libavcodec/h264.h
	libavcodec/h264_cabac.c
	libavcodec/h264_cavlc.c
	libavcodec/h264_loopfilter.c
	libavcodec/h264_refs.c
	libavcodec/imc.c
	libavcodec/interplayvideo.c
	libavcodec/jpeglsdec.c
	libavcodec/libopencore-amr.c
	libavcodec/mjpegdec.c
	libavcodec/mpeg12dec.c
	libavcodec/mpegvideo_enc.c
	libavcodec/mpegvideo_parser.c
	libavcodec/pngdec.c
	libavcodec/ratecontrol.c
	libavcodec/rv10.c
	libavcodec/svq1dec.c
	libavcodec/vqavideo.c
	libavcodec/wmadec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-20 04:10:10 +02:00
Vittorio Giovara
6a85dfc830 lavc: Replace av_dlog and tprintf with internal macros 2015-04-19 12:41:59 +01:00
Andreas Cadhalpun
faf9fe2c22 alsdec: validate time diff index 
If begin is smaller than t, the subtraction 'begin -= t' wraps around,
because begin is unsigned. The same applies for end < t.

This causes segmentation faults.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-19 00:49:42 +02:00
Andreas Cadhalpun
4c2b88678b alsdec: limit avctx->bits_per_raw_sample to 32 
avctx->bits_per_raw_sample is used in get_sbits_long, which only
supports up to 32 bits.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-18 21:00:25 +02:00
Michael Niedermayer
7e104647a3 avcodec/alsdec: Use av_mallocz_array() for chan_data to ensure the arrays never contain random data 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-18 20:50:23 +02:00
Andreas Cadhalpun
ef16501aeb alsdec: ensure channel reordering is reversible 
If the same idx is used for more than one i, at least one entry in
sconf->chan_pos remains uninitialized.

This can cause segmentation faults.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-04-18 19:26:17 +02:00
Paul B Mahol
c2fc466351 avcodec/alsdec: use av_malloc(z)_array() 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2015-04-14 13:06:15 +00:00
Michael Niedermayer
a94eba6f0c Merge commit '7f9f771eac0d37a632e0ed9bd89961d57fcfb7e0' 
* commit '7f9f771eac0d37a632e0ed9bd89961d57fcfb7e0':
  avcodec: Don't anonymously typedef structs

Conflicts:
	libavcodec/alac.c
	libavcodec/cinepak.c
	libavcodec/cscd.c
	libavcodec/dcadec.c
	libavcodec/g723_1.c
	libavcodec/gif.c
	libavcodec/iff.c
	libavcodec/kgv1dec.c
	libavcodec/libopenjpegenc.c
	libavcodec/libspeexenc.c
	libavcodec/ra288.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2015-02-14 21:18:17 +01:00
Diego Biurrun
7f9f771eac avcodec: Don't anonymously typedef structs 2015-02-14 10:13:49 -08:00
Paul B Mahol
dccd648f9f avcodec/alsdec: use init_get_bits8() 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2015-02-05 09:48:54 +00:00
Michael Niedermayer
35bb74900b Merge commit 'c67b449bebbe0b35c73b203683e77a0a649bc765' 
* commit 'c67b449bebbe0b35c73b203683e77a0a649bc765':
  dsputil: Split bswap*_buf() off into a separate context

Conflicts:
	configure
	libavcodec/4xm.c
	libavcodec/ac3dec.c
	libavcodec/ac3dec.h
	libavcodec/apedec.c
	libavcodec/eamad.c
	libavcodec/flacenc.c
	libavcodec/fraps.c
	libavcodec/huffyuv.c
	libavcodec/huffyuvdec.c
	libavcodec/motionpixels.c
	libavcodec/truemotion2.c
	libavcodec/x86/Makefile
	libavcodec/x86/dsputil_init.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2014-06-23 13:31:26 +02:00
Diego Biurrun
c67b449beb dsputil: Split bswap*_buf() off into a separate context 2014-06-22 18:22:31 -07:00
Michael Niedermayer
6e6bd5481c avcodec/alsdec: Clear MPEG4AudioConfig so that no use of uninitialized memory is possible 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2014-06-08 14:30:30 +02:00
Michael Niedermayer
8d024c5107 Merge commit 'cc8163e1a3601a56f722a4720516e860bf1c6198' 
* commit 'cc8163e1a3601a56f722a4720516e860bf1c6198':
  avcodec: more correct printf specifiers

Conflicts:
	libavcodec/4xm.c
	libavcodec/alsdec.c
	libavcodec/dfa.c
	libavcodec/h264_ps.c
	libavcodec/jpeg2000dec.c
	libavcodec/lagarith.c
	libavcodec/mpeg12dec.c
	libavcodec/rv10.c
	libavcodec/svq3.c
	libavcodec/wmaprodec.c
	libavcodec/xwddec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2014-03-22 18:43:40 +01:00
Diego Biurrun
cc8163e1a3 avcodec: more correct printf specifiers 2014-03-22 14:08:20 +01:00
Michael Niedermayer
18f94df8af avcodec/alsdec: check predictor order against block length 
Fixes out of array access
Fixes: abd3c041acbcb816be113455d138166b-asan_heap-oob_b11634_3707_cov_1707137151_als_05_2ch48k16b.mp4
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2014-02-16 13:13:34 +01:00
Michael Niedermayer
5c74fa6ce0 avcodec/alsdec: skip cases where the master channel equals the current channel 
Fixes: msan_uninit-mem_7f6c73c97cf9_3571_als_04_2ch48k16b.mp4
Fixes use of uninitialized memory
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-12-29 12:35:57 +01:00
Michael Niedermayer
43f9255368 Merge remote-tracking branch 'qatar/master' 
* qatar/master:
  alsdec: check block length

See: 0ceca269b6
Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-12-11 01:24:35 +01:00