1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-18 03:19:31 +02:00
Commit Graph

86260 Commits

Author SHA1 Message Date
Michael Niedermayer
5f91786fc8 avcodec/wavpack: Fix: runtime error: signed integer overflow: 3 * -2147483648 cannot be represented in type 'int'
Fixes: 1776/clusterfuzz-testcase-minimized-6191258231898112

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-25 14:29:51 +02:00
Michael Niedermayer
5782e0ba8c avcodec/jpeg2000dec: Fix copy and paste error
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-25 11:29:12 +02:00
James Almer
954e2b3d34 avcodec/audiotoolboxdec: check packet side data for AAC extradata updates
Tested-by: rcombs
Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-25 01:26:02 -03:00
James Almer
8ea5ee10a2 avcodec/libopenh264dec: fix return error value when h264_mp4toannexb_bsf is not found 2017-05-24 23:31:59 -03:00
James Almer
94ec89eb67 doc/libav-merge: remove line about aac_adtstoasc
Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:01 -03:00
James Almer
f1cdc01e72 ffmpeg: remove bsf extradata propagation hack
The offending bitstream filter was fixed, so this is no longer needed.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:00 -03:00
James Almer
437ad467c2 avformat/mux: remove autobsf extradata propagation hack
The offending bitstream filter was fixed, so this is no longer needed.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:00 -03:00
James Almer
f63c351657 avcodec/aac_adtstoasc: propagate new extradata using packet side data
This removes the current API violating behavior of overwritting the stream's
extradata during packet filtering, something that should not happen after the
av_bsf_init() call.

The bitstream filter generated extradata is no longer available during
write_header(), and as such not usable with non seekable output. The FATE
tests are updated to reflect this.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:00 -03:00
James Almer
210388a197 avcodec/adtsenc: check packet side data for AAC extradata updates
This is in preparation for the following patch.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:00 -03:00
James Almer
8b3ec51de8 avformat/latmenc: check packet side data for AAC extradata updates
This is in preparation for a following patch.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:28:00 -03:00
James Almer
7631f14bb3 avformat/matroskaenc: check packet side data for AAC extradata updates
This adapts and merges commit f4bf236338
from libav, originally skipped in 13a211e632
as it was not necessary back then.

Is's applied now in preparation for the following patches, where the
aac_adtstoasc bitstream filter will start to correctly propagate the new
extradata through packet side data.

Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:27:59 -03:00
James Almer
f8c73e8753 avformat/movenc: always check for new extradata on a packet
Don't just look at zero sized packets, and also check for AAC extradata
updates, in preparation for the following patches.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-24 20:27:59 -03:00
Michael Niedermayer
cfec0d6475 avcodec/cllc: Check bitstream end before decoding pixels
Fixes timeout
Fixes: 1802/clusterfuzz-testcase-minimized-5008293510512640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-24 20:03:33 +02:00
Michael Niedermayer
bce362d36c avcodec/wavpack: Fix runtime error: left shift of negative value -1
Fixes: 1807/clusterfuzz-testcase-minimized-6258676199325696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-24 20:03:06 +02:00
Michael Niedermayer
89325417e7 avcodec/jpeg2000dec: Check tile offsets
Fixes: runtime error: signed integer overflow: 4096 - -2147483648 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-24 19:41:15 +02:00
Max Justicz
ca616b0f72 avcodec/sanm: Fix uninitialized reference frames
Fixes: poc.snm

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-24 15:51:11 +02:00
Michael Niedermayer
4bc3008d04 avcodec/jpeglsdec: Check get_bits_left() before decoding a picture
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-24 15:51:11 +02:00
James Almer
11827ea3f0 fate: add aac-al_sbr_ps_06_ur test
Signed-off-by: James Almer <jamrial@gmail.com>
2017-05-23 21:03:32 -03:00
Michael Niedermayer
fb75ad79cb avcodec/celp_filters: Fix runtime error: signed integer overflow: 1892453989 + 381702783 cannot be represented in type 'int'
Fixes: 1766/clusterfuzz-testcase-minimized-6562020075765760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 16:11:27 +02:00
Michael Niedermayer
948b54763b avcodec/lagarith: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 1764/clusterfuzz-testcase-minimized-5394243164045312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 16:11:27 +02:00
Michael Niedermayer
620b452a11 avcodec/aacdec_fixed: Fix multiple runtime error: shift exponent 127 is too large for 32-bit type 'int'
Fixes: 1762/clusterfuzz-testcase-minimized-5150981081792512

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 16:11:27 +02:00
Matthieu Bouron
37de7f7175 lavc/ffjni: add missing '\n' 2017-05-23 15:25:11 +02:00
Matthieu Bouron
fb3228bee8 lavc/mediacodec_wrapper: do not declare JNIAMedia{Codec,CodecList,Format}Fields on the stack 2017-05-23 15:25:07 +02:00
Matthieu Bouron
224bb46fb8 lavc/mediacodec_wrapper: fix local reference leaks 2017-05-23 15:25:03 +02:00
Max Justicz
3766aa7343 avcodec/fmvc: Fix use of uninitialized memory when the first frame is not a keyframe
Fixes: fmvc-poc.avi

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 11:52:29 +02:00
Timo Rothenpieler
a1652aca7e avcodec/nvenc: remove unnecessary alignment
Fixes #6260
2017-05-23 11:24:43 +02:00
Michael Niedermayer
504d5804ac avcodec/g723_1: Fix runtime error: signed integer overflow: -1013481472 + -1139123755 cannot be represented in type 'int'
See: LsptoA() and L_add()
Fixes: 1758/clusterfuzz-testcase-minimized-6054857184116736

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 03:45:29 +02:00
Michael Niedermayer
9726e9f809 avcodec/ffv1dec_template: Fix runtime error: signed integer overflow: 202 + 2147483615 cannot be represented in type 'int'
Fixes: 1748/clusterfuzz-testcase-minimized-6690208340770816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 03:25:21 +02:00
Michael Niedermayer
2002436b0c avcodec/xsubdec: Check that RLE coded image and colors fit in the buffer
Fixes: Timeout
Fixes: 1747/clusterfuzz-testcase-minimized-6035451213250560

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-23 00:21:25 +02:00
Michael Niedermayer
cfd1ecdc0b avcodec/asvdec: Check buf_size
Fixes Timeout
Fixes: 1746/clusterfuzz-testcase-minimized-6687393392361472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 23:54:33 +02:00
Michael Niedermayer
f95f9f9755 avcodec/takdec: Fix runtime error: signed integer overflow: 2146548196 + 2156738 cannot be represented in type 'int'
Fixes: 1743/clusterfuzz-testcase-minimized-4994834022531072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 22:19:52 +02:00
Michael Niedermayer
0ce7cf0c86 avcodec/takdec: Fix runtime error: left shift of negative value -360
Fixes: 1739/clusterfuzz-testcase-minimized-5399237707694080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 21:43:39 +02:00
Michael Niedermayer
64d0dad93c avcodec/takdec: Fix multiple runtime error: signed integer overflow: -512 * 4563386 cannot be represented in type 'int'
Fixes: 1706/clusterfuzz-testcase-minimized-6112772670619648

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 21:20:04 +02:00
Michael Niedermayer
42e42af76c avcodec/mlpdec: Fix runtime error: shift exponent -5 is negative
Fixes part of 1708/clusterfuzz-testcase-minimized-5035111957397504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 19:42:39 +02:00
Michael Niedermayer
da617408c8 avcodec/escape124: Check depth against num_superblocks
Fixes: runtime error: left shift of 66184 by 15 places cannot be represented in type 'int'
Fixes: 1707/clusterfuzz-testcase-minimized-6502767008940032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 19:42:39 +02:00
Clément Bœsch
ef01061225 lavf/hls: do not transfer custom IO flag
See 0dcac9c3f0
2017-05-22 17:31:32 +02:00
Clément Bœsch
0dcac9c3f0 lavf/concatdec: do not transfer custom IO flag
If the source is using a custom IO, setting this flag causes heavy leaks
since the segments will not have their avio context closed.

Regression since f5da453b06.
2017-05-22 16:55:30 +02:00
Hendrik Leppkes
9fb293cfd8 Use AVOnce as a static variable consistently
Using AVOnce as a stack variable makes no sense as the state is lost
when the function exits.

This fixes repeated calls to av(filter/device)_register_all
2017-05-22 12:36:32 +02:00
Paul B Mahol
49d0678181 avfilter/avf_showspectrum: properly initialize pts
Signed-off-by: Paul B Mahol <onemda@gmail.com>
2017-05-22 11:06:48 +02:00
Michael Niedermayer
8fb00b3e85 avcodec/ivi_dsp: Fix multiple runtime error: left shift of negative value -71
Fixes: 1734/clusterfuzz-testcase-minimized-5385630815092736

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 02:16:39 +02:00
Michael Niedermayer
a1cbf53c56 avcodec/dct32_template: Fix runtime error: signed integer overflow: -1071326067 - 1088238847 cannot be represented in type 'int'
Fixes: 1731/clusterfuzz-testcase-minimized-5123972414832640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 02:16:39 +02:00
Michael Niedermayer
40fa6a2fa2 avcodec/mjpegdec: Fix runtime error: signed integer overflow: -32767 * 130560 cannot be represented in type 'int'
Fixes: 1724/clusterfuzz-testcase-minimized-4842395432648704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-22 02:16:39 +02:00
Carl Eugen Hoyos
7f60dc03a0 lavf/img2: Add svg and svgz to allow reading image sequences.
Increase the return value for svg_probe() to make it != AVPROBE_SCORE_EXTENSION.
2017-05-22 01:09:21 +02:00
Carl Eugen Hoyos
017a68e8fb lavf/riff: Support more vlc fourcc's for 12 and 16 bit yuv4xx. 2017-05-21 23:39:54 +02:00
Michael Niedermayer
b5228e44c7 avcodec/aacdec_fixed: Fix runtime error: shift exponent 34 is too large for 32-bit type 'int'
Fixes: 1721/clusterfuzz-testcase-minimized-4719352135811072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 16:54:25 +02:00
Michael Niedermayer
efeb47fd5d avcodec/mpeg4videodec: Check for multiple VOL headers
Fixes multiple: runtime error: signed integer overflow: 2147115008 + 413696 cannot be represented in type 'int'
Fixes: 1723/clusterfuzz-testcase-minimized-5309409372667904
Fixes: 1727/clusterfuzz-testcase-minimized-5900685306494976
Fixes: 1737/clusterfuzz-testcase-minimized-5922321338466304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 16:05:20 +02:00
Michael Niedermayer
d4ee767808 avcodec/vp9block: fix runtime error: signed integer overflow: 196675 * 20670 cannot be represented in type 'int'
Fixes: 1710/clusterfuzz-testcase-minimized-4837032931098624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 15:39:07 +02:00
Michael Niedermayer
ec2b76aab4 avcodec/vmnc: Check location before use
Fixes: runtime error: signed integer overflow: 65535 * 64256 cannot be represented in type 'int'
Fixes: 1717/clusterfuzz-testcase-minimized-5491696676634624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 13:23:22 +02:00
Michael Niedermayer
955db41192 avcodec/takdec: Fix runtime error: signed integer overflow: 8192 * 524308 cannot be represented in type 'int'
Fixes: 1630/clusterfuzz-testcase-minimized-6326111917047808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 13:07:14 +02:00
Michael Niedermayer
3b09d7c264 avcodec/wavpack: Fix multiple runtime error: signed integer overflow: 548 * -2147483648 cannot be represented in type 'int'
Fixes: 1659/clusterfuzz-testcase-minimized-5396490639900672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-21 13:06:42 +02:00