virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00
Code Issues Releases Activity
102,260 Commits 37 Branches 400 Tags
Commit Graph

102260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
a71c87e4b5
avformat/ape: more bits in size for less overflows 
Fixes: signed integer overflow: 2147483647 + 3 cannot be represented in type 'int'
Fixes: 46184/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-4678059519770624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5f6707a7b91664491041526ef3cce7412258b89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:39 +02:00
Michael Niedermayer
e3a733ba8e
avformat/aviobuf: Check buf_size in ffio_ensure_seekback() 
buffer_size is an int

Fixes: signed integer overflow: 9223372036854775754 + 32767 cannot be represented in type 'long'
Fixes: 45691/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5263458831040512

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4b130e876fe9ac5875a2f2480e96de4fdac7760)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:39 +02:00
Michael Niedermayer
2ccfbc888c
avformat/bfi: Check offsets better 
Fixes: signed integer overflow: -2145378272 - 538976288 cannot be represented in type 'int'
Fixes: 45690/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5015496544616448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 35dc93ab44a57d78956414624c4e011414220e98)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:38 +02:00
Michael Niedermayer
8ea01dca10
avformat/asfdec_f: Check packet_frag_timestamp 
Fixes: signed integer overflow: -9223372036854775808 - 4607 cannot be represented in type 'long'
Fixes: 45685/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5280102802391040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ffc877215056e8f0feb1ff23ba7dc4c19277b94b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:38 +02:00
Michael Niedermayer
a6df0d5140
avcodec/texturedspenc: Fix indexing in color distribution determination 
Fixes CID1396405

MSE and PSNR is slightly improved, and some noticable corruptions disappear as
well.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit ade36d61de8ea5a5acb30a05a0cbcda069127143)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:38 +02:00
Michael Niedermayer
ff9dbf3b18
avformat/act: Check ff_get_wav_header() for failure 
Fixes: missing error check
Fixes: CID717495

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5982da87e3464e7df529a169352748560d70ba80)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:37 +02:00
Michael Niedermayer
b409640d3c
avcodec/libxavs2: Improve r redundancy in occured 
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f3b7ba21ba49b32b4476a8c7c5a9bcdad15e3943)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:37 +02:00
Michael Niedermayer
f24ca075ff
avformat/libzmq: Improve r redundancy in occured 
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
(cherry picked from commit e06b1ba7d79ac15f23fb08947949dcfec8bfb408)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:37 +02:00
Michael Niedermayer
1ea783dea6
avfilter/vsrc_mandelbrot: Check for malloc failure 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fbd22504c4148d2a01ccfe38df26c144f56db76b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:36 +02:00
Michael Niedermayer
519904111b
avfilter/vf_frei0r: Copy to frame allocated according to frei0r requirements 
Fixes: issues with non trivial linesize

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d353909e773ba8a8201fa13d6c35251351dd567a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:36 +02:00
Michael Niedermayer
d1620856da
avfilter/video: Add ff_default_get_video_buffer2() to set specific alignment 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d74078270198b97fdda258840f0d501a3ffcc693)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:36 +02:00
Michael Niedermayer
388ed57114
avformat/genh: Check sample rate 
Fixes: signed integer overflow: -2515507630940093440 * 4 cannot be represented in type 'long'
Fixes: 46318/clusterfuzz-testcase-minimized-ffmpeg_dem_GENH_fuzzer-5009637474172928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a3d790f1977ed6c326eb93bb61757297a7905dcc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:36 +02:00
Gyan Doshi
dd27929fdc
configure: bump year 
(cherry picked from commit 2f6360ff21a98f9db6af3e0932d39f1dc7b47d6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-25 13:51:35 +02:00
Anton Khirnov
768d4c2e2a lavc/videotoolbox: do not pass AVCodecContext to decoder output callback 
The opaque parameter for the callback is set in videotoolbox_start(),
called when the hwaccel is initialized. When frame threading is used,
avctx will be the context corresponding to the frame thread currently
doing the decoding. Using this same codec context in all subsequent
invocations of the decoder callback (even those triggered by a different
frame thread) is unsafe, and broken after
cc867f2c09d2b69cee8a0eccd62aff002cbbfe11, since each frame thread now
cleans up its hwaccel state after decoding each frame.

Fix this by passing hwaccel_priv_data as the opaque parameter, which
exists in a single instance forwarded between all frame threads.

The only other use of AVCodecContext in the decoder output callback is
as a logging context. For this purpose, store a logging context in
hwaccel_priv_data.

(cherry picked from commit d7f4ad88a0df3c1339e142957bf2c40cd056b8ce)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit ddf3bedfb8160883fd9fdfd4082050d904f51755)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2022-09-25 10:04:00 +02:00
Anton Khirnov
e24d23accc lavc/pthread_frame: always transfer stashed hwaccel state 
Fixes assertion failures after avcodec_flush_buffers(), where
stashed hwaccel state is present, but prev_thread is NULL.

Found-by: Wang Bin <wbsecg1@gmail.com>
(cherry picked from commit c504fb869264fbd8fba6e81c186b2f2848b62e26)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit fe741cd0afbbfe54f636c5dce9b452edc022f8f9)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2022-09-25 10:03:56 +02:00
James Cowgill
aa28df74ab avcodec/arm/sbcenc: avoid callee preserved vfp registers 
When compiling FFmpeg with GCC-9, some very random segfaults were
observed in code which had previously called down into the SBC encoder
NEON assembly routines. This was caused by these functions clobbering
some of the vfp callee saved registers (d8 - d15 aka q4 - q7). GCC was
using these registers to save local variables, but after these
functions returned, they would contain garbage.

Fix by reallocating the registers in the two affected functions in
the following way:
 ff_sbc_analyze_4_neon: q2-q5 => q8-q11, then q1-q4 => q8-q11
 ff_sbc_analyze_8_neon: q2-q9 => q8-q15

The reason for using these replacements is to keep closely related
sets of registers consecutively numbered which hopefully makes the
code more easy to follow. Since this commit only reallocates
registers, it should have no performance impact.

Signed-off-by: James Cowgill <jcowgill@debian.org>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 50a4dff69f6477b06f00eae1cac2a53ae22fe9a5)
Signed-off-by: Martin Storsjö <martin@martin.st>
 2022-09-20 11:22:18 +03:00
James Almer
944ee75106 avfilter/vf_scale: overwrite the width and height expressions with the original values 
Instead of the potentially adjusted ones. Otherwise, if config_props() is
called again and if using force_original_aspect_ratio, the already adjusted
values could be altered again.

Example command line
scale=size=1920x1000:force_original_aspect_ratio=decrease:force_divisible_by=2

user value 1920x1000 -> 1920x798 on init_dict() -> 1918x798 on frame
change when eval_mode == EVAL_MODE_INIT, which after e645a1ddb9 could be at the
very first frame.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit d9e3cb7e73c77ccddc4d29ed5c1be3920f72c226)
 2022-09-07 20:40:41 -03:00
Anton Khirnov
d4b7b3c03e lavc/pthread_frame: avoid leaving stale hwaccel state in worker threads 
This state is not refcounted, so make sure it always has a well-defined
owner.

Remove the block added in 091341f2ab5bd35ca1a2aae90503adc74f8d3523, as
this commit also solves that issue in a more general way.

(cherry picked from commit cc867f2c09d2b69cee8a0eccd62aff002cbbfe11)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 35aa7e70e7ec350319e7634a30d8d8aa1e6ecdda)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
 2022-09-06 10:05:03 +02:00
Christopher Degawa
7ffb7d4b04 configure: extend SDL check to accept all 2.x versions 
sdl2 recently changed their versioning, moving the patch level to minor level
cd7c2f1de7
and have said that they will instead ship sdl3.pc for 3.0.0

Fixes ticket 9768

Signed-off-by: Christopher Degawa <ccom@randomderp.com>
Signed-off-by: Gyan Doshi <ffmpeg@gyani.pro>
 2022-06-10 13:57:21 +02:00
Timo Rothenpieler
8e98dfc57f lavf/tls_mbedtls: add support for mbedtls version 3 
- certs.h is gone. Only contains test data, and was not used at all.
- config.h is renamed. Was seemingly not used, so can be removed.
- MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE is gone, instead
  MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE will be thrown.
- mbedtls_pk_parse_keyfile now needs to be passed a properly seeded
  RNG. Hence, move the call to after RNG seeding.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2022-04-27 18:47:11 +02:00
Michael Niedermayer
d61977cbe4 Changelog: update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n4.4.2 		2022-04-14 21:48:15 +02:00
James Almer
869683430d fate: update reference files after the recent dash manifest muxer changes 
Missed in 487b49d8f2e1e81dce86230fc957ca2ee9de00ee.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit aa0829d834232b13e513fb88b2b9a2b74918e05c)
 2022-04-08 16:11:00 -03:00
James Almer
472af5873f avformat/webmdashenc: fix on-demand profile string 
Fixes ticket #9596

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 487b49d8f2e1e81dce86230fc957ca2ee9de00ee)
 2022-04-08 00:05:40 -03:00
Michael Niedermayer
dcb2ad9125 Update for FFmpeg 4.4.2 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:29:51 +02:00
Michael Niedermayer
15006f48cd avcodec/exr: Avoid signed overflow in displayWindow 
The inputs are unused except for this computation so wraparound
does not give an attacker any extra values as they are already fully
controlled

Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int'
Fixes: 45820/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5766159019933696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1291568c9834c02413ab5d87762308f15b4ae9c6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
977cfb7197 avcodec/diracdec: avoid signed integer overflow in global mv 
Fixes: signed integer overflow: -128275513086 * -76056576 cannot be represented in type 'long'
Fixes: 45818/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5129799149944832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7f1279684e8e1e33c78577b7f0265c062e4e6232)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
30194a348e avcodec/takdsp: Fix integer overflow in decorrelate_sf() 
Fixes: signed integer overflow: -101 * 71041254 cannot be represented in type 'int'
Fixes: 45938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-4687974320701440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01d8c887f63bcb1f870034ed441504b3daffc645)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
27a609a8b9 avcodec/apedec: fix a integer overflow in long_filter_high_3800() 
Fixes: signed integer overflow: -2146549696 - 3923884 cannot be represented in type 'int'
Fixes: 45907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5992380584558592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b085b400becb93ccc68d786ab738b1fc50408b89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Oneric
7ccd77a8ff avfilter/vf_subtitles: pass storage size to libass 
Due to a quirk of the ASS format some tags depend on the exact storage
resolution of the video, so tell libass via ass_set_storage_size.
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
b90c01a501 avformat/aqtitledec: Skip unrepresentable durations 
Fixes: signed integer overflow: -5 - 9223372036854775807 cannot be represented in type 'long'
Fixes: 45665/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-475618463934054

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c2d1597a8a6470045a8da241d4f65c81f26c3107)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
fde82db169 avformat/cafdec: Do not store empty keys in read_info_chunk() 
Fixes: Timeout
Fixes: 45543/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5684953164152832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7ec28e1d4cef723485f50f7a08859752b79b570c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
45a021aba1 avformat/mxfdec: Do not clear array in mxf_read_strong_ref_array() before writing 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7aebdb8bf1fc3e09263617a7f49101cba2d43804)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
2ad47d59af avformat/mxfdec: Check for avio_read() failure in mxf_read_strong_ref_array() 
Fixes: 42827/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4900528511909888

Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8d6f49cfc339825f3f3f8a910e4bb4c0f822db1f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
2a549b2e7d avformat/mxfdec: Check count in mxf_read_strong_ref_array() 
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3015c556f316d4ab364ed55e8bc97cc0f2cc57a3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
79ad18ddbd avformat/hls: Check target_duration 
Fixes: signed integer overflow: 77777777777777 * 1000000 cannot be represented in type 'long long'
Fixes: 45545/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-6438101247983616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a8fd3f7fab83e1beea1c441e1a2e538e7aa431a5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
b27833f066 avcodec/pixlet: Avoid signed integer overflow in scaling in filterfn() 
Fixes: signed integer overflow: 11494 * 1073741824000000 cannot be represented in type 'long'
Fixes: 26586/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5752633970917376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0c1f20c6c858b753effda274b58ef635d1924915)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
78eed60822 avformat/matroskadec: Check pre_ns 
Fixes: division by 0
Fixes: 44615/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6681108677263360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 710e51677a6f3a5c2b37dc31a597957a22a5e531)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
cd310f0502 avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior 
Fixes: signed integer overflow: -1094995529 * 24 cannot be represented in type 'int'
Fixes: 44436/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-4874459459223552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 28008bf95ed9b2ab5945ae6658358ad7c7f1df35)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
cc53ce7e5b avcodec/libuavs3d: Check ff_set_dimensions() for failure 
Untested, no testcase

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e88b99afdffce269e7a6a588948c4e00b86536f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
1064cf413a avcodec/mjpegbdec: Set buf_size 
Fixes: Timeout
Fixes: 45170/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-5874820431085568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
326dafe40a avformat/matroskadec: Use rounded down duration in get_cue_desc() check 
Floating point is evil, it would be better if duration was not a double

Fixes: Infinite loop
Fixes: 45123/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6725052291219456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd3a03db9aef72ee36a7cc964171e9f52967f4bc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
310a060e77 avcodec/argo: Check packet size 
Fixes: Timeout
Fixes: 45052/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-6033489206575104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1bed27acefaab1b4c1813b8adc6468ca952a43f3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
e9e2ddbc6c avcodec/g729_parser: Check channels 
Fixes: signed integer overflow: 10 * 808464428 cannot be represented in type 'int'
Fixes: assertion failure
Fixes: ticket9651

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 757da974b21833529cc41bdcc9684c29660cdfa8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
061f8b941e avformat/avidec: Check height 
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: Ticket8486

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec8ff659f57786c4cb089b07dfeab7e5cbab8d52)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
261557160f avformat/rmdec: Better duplicate tags check 
Fixes: memleaks
Fixes: 44810/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5619494647627776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 15a646e5018078a0954918f510f819a5599f0445)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
338444c016 avformat/mov: Disallow empty sidx 
It appears this is not allowed "Each Segment Index box documents how a (sub)segment is divided into one or more subsegments
(which may themselves be further subdivided using Segment Index boxes)."
Fixes: Null pointer dereference
Fixes: Ticket9517

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4419433d77278cb742944c4514be5f72a04103c0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
811047f7c2 avformat/argo_asf: Fix order of operations in error check in argo_asf_write_trailer() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c8c12fb5d69107f94c5a0be14d0f3646861c60d1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
5cdceec2f2 avformat/matroskadec: Check duration 
Fixes: -nan is outside the range of representable values of type 'long'
Fixes: 44614/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6216204841254912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 36680078ca3302496d9b0b8a8d7168ce9eabb2bc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
166ee5fa68 avformat/mov: Corner case encryption error cleanup in mov_read_senc() 
Fixes: memleak
Fixes: 42341/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4566632823914496

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8ee0e4abcb8af36cae4eb24d4d6229461c1e3333)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00
Michael Niedermayer
badf284b52 avcodec/jpeglsdec: Fix if( code style 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f306b8e80ab04cfd8f6cd577a4484cb791d6e765)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-06 20:27:35 +02:00