Fixes part of 1709/clusterfuzz-testcase-minimized-4513580554649600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6310fc714de3cd73848416ead73228fcef8b6dc0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: index 8 out of bounds for type 'uint8_t [8]'
Fixes: 1699/clusterfuzz-testcase-minimized-6327177438035968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 64ea4d102a070b95832ae4a751688f87da7760a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1681/clusterfuzz-testcase-minimized-5970545365483520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3fb104f4476ad238e2ca768e9b80dc314e6e856d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1669/clusterfuzz-testcase-minimized-5287529198649344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a173f484b52ed63292439de5347e49bd78cad0ed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1658/clusterfuzz-testcase-minimized-4889937130291200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25c81e4b737bcc737b13c9a752cb301a28cb3906)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1657/clusterfuzz-testcase-minimized-4710000079405056
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 58ac7fb9c395ab91cb321fa4c8c9e127ce8147c3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The code was skipping the entire reported SEI message size regardless of
the amount of bits read.
While in theory safe for NALU where the picture timing SEI message is alone
or at the end as we're using the checked bitstream reader, it isn't in any
other situation, where every SEI message in the NALU after the picture
timing one would potentially fail to parse.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit f738140807f504c9af7850042067777832f05e88)
Conflicts:
libavcodec/hevc_sei.c
Free coded_frame and coded_side_data to prevent potential leaks.
Reviewed-by: Aaron Levinson <alevinsn@aracnet.com>
Tested-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit cac8de2da5c4935773128335c11b806faa73e19d)
Fixes: 1656/clusterfuzz-testcase-minimized-5900404925661184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 94d05ff15985d17aba070eaec82acd21c0da3d86)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: shift exponent 1073741824 is too large for 32-bit type 'int'
Fixes: 1654/clusterfuzz-testcase-minimized-5151903795118080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 53a502206a9ea698926694d7252526fe00d1ea44)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: -2147483627 - 22 cannot be represented in type 'int'
Fixes: 1637/clusterfuzz-testcase-minimized-5376582493405184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 355e27e24dc88d6ba8f27501a34925d9d937a399)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1636/clusterfuzz-testcase-minimized-5310494757879808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 552adf1dd3a38fb7a1a6109dd2b517d63290f20e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1635/clusterfuzz-testcase-minimized-4992749856096256
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 99c4c76cfbc4ae56dc8c37f5fab02f88f6b2cb48)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1626/clusterfuzz-testcase-minimized-6416580571299840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d9cb583c8f005a260d255853ef5f1c21e8599a0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1616/clusterfuzz-testcase-minimized-5119196578971648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5ea6bc2a166edac37042f2bbc28eb603a0fbeccb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1604/clusterfuzz-testcase-minimized-5312060206350336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a6eb006ad47beb6d5e5cc2c99f8185965209ec6b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes divission by 0
Fixes: clusterfuzz-testcase-minimized-5592896440893440
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f08122fbe039a56ab3c24f74636b4b0efea97d85)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1337/clusterfuzz-testcase-minimized-5212314171080704
Fixes the existence of a potentially invalid pointer intermediate
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 527f89e05922e840083ac6d49eeb838b1e350dd4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1362/clusterfuzz-testcase-minimized-6097275002552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4654baff125d937ae0b1037aa5f0bf53c7351658)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array read
Fixes: 1419/clusterfuzz-testcase-minimized-6108700873850880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 78aa93807b3e0674e34d32c0bf6f78d7f5b7927e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4f63b78b71e07dd2f5d49c032d9c3eef620c0f3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: left shift of 1610706944 by 1 places cannot be represented in type 'int'
Fixes: 1421/clusterfuzz-testcase-minimized-6239947507892224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 62c5949beca2c95d6af5c74985467438d2295a66)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1509/clusterfuzz-testcase-minimized-5129419876204544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 934572c5c3592732a30336afdf2df9926a8b4df2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1510/clusterfuzz-testcase-minimized-5826231746428928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit afb4632cc30e83287338690c785ebac180436a59)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It seems dual mono with a LFE channel is not forbidden
Fixes: 1570/clusterfuzz-testcase-minimized-6455337349545984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c55e637072b694a1db40e21948d218bfa2e744bb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1568/clusterfuzz-testcase-minimized-5944868608147456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b923213276777f33d6366b1cb9d1845a8658f365)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1567/clusterfuzz-testcase-minimized-5693653555085312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f2c539d3501111f10a2b4e9480ea54c0a3190680)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7796f290653349a4126f2d448d11bb4440b9f257)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array read
Fixes: 1557/clusterfuzz-testcase-minimized-6535013757616128
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8c5cd1c9d33b4b287f85d42efb1aecfaee31de6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1556/clusterfuzz-testcase-minimized-5027865978470400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 86b1b0d33dd7459f0d9c352c51ee2e374fd6f7fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 1541/clusterfuzz-testcase-minimized-6403410590957568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e3e51f8c14d22ae11684dcfe58df355f0f9e6401)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is needed in some corner cases that seem not to be forbidden
Fixes: out of array index
Fixes: 1538/clusterfuzz-testcase-minimized-4696904925446144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9351a156de724edb69ba6e1f05884fe806a13a21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1536/clusterfuzz-testcase-minimized-5973925404082176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a3508cc3fe643a8adad6a82a60bece3ea3c5dc63)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1535/clusterfuzz-testcase-minimized-5826695535788032
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 26227d91865ddfbfe35c9ff84853cc469e1c7daf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1489/clusterfuzz-testcase-minimized-5075102901207040
Fixes: out of array access
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 87b08ee6d2a3b0880f0a267c5d51dc7f415e81d7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1512/clusterfuzz-testcase-minimized-4713846423945216
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 74dc728a2c2cc353da20cdc09b8cdfbbe14b7be8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1440/clusterfuzz-testcase-minimized-5785716111966208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ccce2248bf56692fc7bd436ca2c9acca772d486a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1293/clusterfuzz-testcase-minimized-6054752074858496
See: [FFmpeg-devel] [PATCH] avcodec/avcodec: Limit the number of side data elements per packet
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d5711cb89121268e8d78ebe8563a68e67a236cbb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1505/clusterfuzz-testcase-minimized-4561688818876416
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f225003d17364cd38fd28f268ae2b29abd8e5024)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4c0245686bc2fcc545644101c7b328fed71f268)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1503/clusterfuzz-testcase-minimized-5369271855087616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit df640dbbc949d0f4deefaf43e86b8bd50ae997cc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
