This validates that the common encryption saio/saiz atoms only appear
when the data is actually encrypted. This also ignores those atoms
in clear content.
Found by Chrome's ClusterFuzz: http://crbug.com/850389
Signed-off-by: Jacob Trimble <modmaker@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 3 * 1006632960 cannot be represented in type 'int'
Fixes: 8278/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5692857166856192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of negative value -9
Fixes: 8571/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5715966875926528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of negative value -9057
Fixes: 8527/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5666853924896768
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: OOM
Fixes: 8195/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5179785826271232
The reference software appears to use longs for 32bits and it uses int for nmeans
hinting that the intended maximum size was not 32bit.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fix a build error on Windows:
C2440: connot convert from 'void (__cdecl *) (...)' to 'void (__stdcall *)(...)'.
Signed-off-by: Ruiling Song <ruiling.song@intel.com>
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 8024/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5109204648984576
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 32768 + 2147450880 cannot be represented in type 'int'
Fixes: 7885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5298834394578944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 1077952576 + 1077952576 cannot be represented in type 'int'
Fixes: 7712/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5056281753681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If start_time is not set, ffmpeg takes the duration from the global
movie instead of the per stream duration.
Signed-off-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
We already do this for audio, but it should be done for video too.
If we don't, seeking back to the start of the file, for example, can
become quite broken, since the first N packets will have repeating
and nonmonotonic PTS, yet they need to be decoded even if they are
to be discarded.
Signed-off-by: Sasi Inguva <isasi@isasi.mtv.corp.google.com>
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Fixes: runtime error: signed integer overflow: -1440457022 - 785819492 cannot be represented in type 'int'
Fixes: 7700/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OPUS_fuzzer-6595838684954624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This restructures the code slightly toward D_UTIL_dec_synthesis()
Fixes: 7420/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMRWB_fuzzer-6577305112543232
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Forced key frames generation functionality was assuming the first PTS
value as zero, but, when 'copyts' is enabled, the first PTS can be any
big number. This was eventually forcing all the frames as key frames.
To resolve this issue, update has been made to use first input pts as
reference pts.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Out-of-bounds reference pixel replication should take into account the frame
coding mode of the reference frame(s), not the frame coding mode of the
current frame.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
HMS is formatted as HH:MM:SS.mmm, but, HH part is not limited to
24 hours. For example, the the drawn text may look like this:
243029:20:30.342. To present the timestamp in more readable and
user friendly format, this patch provides an additional option
to limit the hour part in the range 0-23.
Note: Actually the above required format can be obtained with
format options 'localtime' and 'gmtime', but, milliseconds part
is not supported in those formats.
Fixes: regression
Found-by: Frank Liberato <liberato@google.com>
Tested-by: Frank Liberato <liberato@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
These files depend on libavformat, and the vf_srcnn filter
currently is the only thing utilizing these dnn_* files and
already happens to have a dependency on libavformat.
This fixes compilation in cases where libavformat is not a
dependency for libavfilter.
Reported by Kam_ on IRC.