Fixes: 1773/clusterfuzz-testcase-minimized-4832523987189760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fe533628b9604e2f8e5179d5c5dd17c3cb764265)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 431eccd61e155190a7762314938799076cffeb67)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Code suggested by ubitux
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 617f0c65e1bac8983a5b6521818c1b9b57f0804b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Prevents out of array accesses. Adressess ticket #6873
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 9d464dc3fccb53f1e7c83e3453084c1a7fb90503)
Signed-off-by: Jacob Trimble <modmaker@google.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 83ecdc9a920d7f0b69d1a25d63757adb887a1f25)
This leads to signed integer overflow.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit c5fd57f483d2ad8e34551b78509f1e14136f73c0)
When a channel formula ends with a subtraction, the next formula will
otherwise have its first coefficient negated.
(cherry picked from commit 4f4e19914ddca5096bf7639c7c99a9045e436e8b)
It allows us to specify what kind of audio parameter changes are allowed.
Should fix ticket #6721.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit d68a557df4937b695a5f6a14877d92647be95aaa)
Typically only a small subset of the SDL texture formats are supported directly
by the SDL renderer drivers, the rest is software emulated. It's better if
libswscale does the format conversion to a hardware-accelerated texture format
instead of SDL.
This should fix video render slowdowns with some texture formats after
3bd2228d05a05eab5f91ac00b01efac9cb07649b.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 415038f2bd321a3b41564d4e0c6c17d7a096c397)
Otherwise the frame size of the codec is not set in the buffersink.
Fixes ticket #6603 and the following simpler case:
ffmpeg -c aac -filter_complex "sine=d=0.1,asetnsamples=1025" out.aac
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit f4090940bd3024e69d236257d327f11d1e496229)
Since non-Haar wavelets need to look into pixels outside the frame, we
need to pad the buffer. The old factor of two seemed to be a workaround
that fact and only padded to the left and bottom. This correctly pads
by the slice size and as such reduces memory usage and potential
exploits.
Reported by Liu Bingchang.
Ideally, there should be no temporary buffer but the encoder is designed
to deinterleave the coefficients into the classical wavelet structure
with the lower frequency values in the top left corner.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
(cherry picked from commit 3228ac730c11eca49d5680d5550128e397061c85)
This was missed in e754c8e8 / e2710e790c0 since those functions
weren't exercised by checkasm.
Fixes ticket #6766.
(cherry picked from commit f1fd12ef858cf7efe843aa3063894a11b2d1e7d5)
Fixes: runtime error: signed integer overflow: 2 * -1094995530 cannot be represented in type 'int'
Fixes: 3512/clusterfuzz-testcase-minimized-4812747210489856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 393d6fc7395611a38792e3c271b2be42ac45e672)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is required for FLV files, for which duration_pts comes out to be zero.
Signed-off-by: Sasi Inguva <isasi@google.com>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b006ccf8318d84101ed83b75df4c9682a963217)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In the past XvMC forced simple_idct since
it was using FF_IDCT_PERM_NONE.
However now we have SIMD variants of simple_idct that
are using FF_IDCT_PERM_TRANSPOSE and if they are selected
XvMC would get coefficients in the wrong order.
The patch creates new FF_IDCT_NONE that
is used only for this kind of hardware decoding
and that fallbacks to the old C only simple idct.
Signed-off-by: Ivan Kalvachev <ikalvachev@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9054439bad3307dafd9fbadc57e66c276baf22e2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Should prevent some options from being added to cflags when they
don't exist and the compiler only warns about it.
Reviewd-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit ad56e8057d8af0201ed0cb65acc12e5889d4afcc)
The public functions av_alloc_vdpaucontext() and
av_vdpau_alloc_context() are allocating AVVDPAUContext
structure that is supposed to be placed in avctx->hwaccel_context.
However the rest of libavcodec/vdpau.c uses avctx->hwaccel_context
as struct VDPAUHWContext, that is bigger and does contain
AVVDPAUContext as first member.
The usage includes write to the new variables in the bigger stuct,
without checking for block size.
Fix by always allocating the bigger structure.
Signed-off-by: Ivan Kalvachev <ikalvachev@gmail.com>
(cherry picked from commit 3a6ded7cfcb33e06ade98c5791eae06453f65668)
We are not using dynamic loading for libndi.
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 58143b15adda6391ec07f3eb19e80ed91d801edd)
Name suggestion was from Helmut K. C. Tessarek
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 07e7ebf52de9257fef1398c1dc5edb847b78ab21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Load the specific bytes instead of MSA load.
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com>
Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Load the specific destination bytes instead of MSA load and pack.
Pack the data to half word before clipping.
Use immediate unsigned saturation for clip to max saving one vector register.
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com>
Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Remove loops and unroll as block sizes are known.
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com>
Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Replace generic with block size specific function.
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com>
Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Replace generic with block size specific function.
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com>
Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 2147483646 + 2 cannot be represented in type 'int'
Fixes: 3485/clusterfuzz-testcase-minimized-4940429332054016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array read
Should fix: 3516/clusterfuzz-testcase-minimized-4608518562775040 (not reprodoceable)
Found-by: Insu Yun, Georgia Tech.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: -104713 * 65536 cannot be represented in type 'int'
Fixes: 3453/clusterfuzz-testcase-minimized-5555554657239040
Fixes: 3528/clusterfuzz-testcase-minimized-6283628420005888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
