Fixes assertion failure
Found-by: durandal117
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 28343139330f557e00293933a4697c7d0fc19c56)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit deabcd2c05b2b01689d91394bbf3908da17234ed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
When there is only one stream and stream_index has not specified,
The ts has been transferd by the timebase of stream0 without modifying the stream_index
In this condation it cause seek failure.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ecc04b4f2f29ac676e6c1d1ebf20ec45f5385f1e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1.poc
Fixes out of array read
Found-by: 连一汉 <lianyihan@360.cn>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a5af1240fce845f645440364c1335e0f8e44ee6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is simpler and fixes an out of array read, fixing it with AVBuffers
would be more complex
Fixes: e00d9e6e50e5495cc93fea41147b97bb/asan_heap-oob_12dcdbb_8798_b32a97ea722dd37bb5066812cc674552.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 752e6dfa3ea97e7901870bdd9e5a51f860607240)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Actual allocation size is computed as (count + 1)*sizeof(meta_keys), so
we need to check that (count + 1) won't cause overflow.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 347cb14b7cba7560e53f4434b419b9d8800253e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e57d99dd4e0d8fe2992da0d65b563580e35ce728)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 47bc1bdafb0950ccf128eaa491d8fd7cc0978813)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5800
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c75273310cf1becffee79bab0e2bba0b1606afb7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes occurance of NaN/Inf leading to assertion failures and out of array access
Fixes: d1c38a09acc34845c6be3a127a5aacaf/signal_sigsegv_3982225_6121_d18bd5451d4245ee09408f04badd1b83.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 77bf96b04710b98a52aaddb93bfd32da0d506191)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array read
Fixes: 049fdf78565f1ce5665df236d90f8657/asan_heap-oob_10a5a97_1026_42f9d4855547329560f385768de2f3fb.wtv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cc5e5548df4af48674c7aef518e831b19e99f9fc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The implementation does not currently support len=2
Fixes out of array accesses
Fixes: 29d1b3db5ba2205e82b0b3a533e057a3/asan_heap-oob_12b650c_9254_3b8c4e4d931eb2c32841c18ebb297f1d.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b8b36717217c6f45db71c77ad4e7c65521e7d9ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array access
Fixes: 6b73fa392ac808f02e95a4e0a5770026/asan_static-oob_1b15f9a_1969_e7778535e5f27225fe0d6ded14721430.AVI
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9ffe44c5c75c485b4cbb12751e228f18da219df3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
They may contain 0xFFs, confusing the start code finding algorithm.
Fixes ticket #5819.
(cherry picked from commit cef5bc0e6e2320d3903cf063d59cef83e91dbc3c)
Conflicts:
libavcodec/mjpegdec.c
It's only available on Windows XP or newer.
Should fix compilation with mingw32 using the default OS target.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
Reviewed-by: Matt Oliver <protogonoi@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3bf142c77337814458ed8e036796934032d9837f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bbec14de3126dbc4e1ec2b32ed714dab173386aa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5736
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c1bfeda5a34631787e07702f7a3569a41751caeb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If negative pts are possible for some codecs in ogg then the code needs to be
changed to use signed values.
Found-by: Thomas Guilbert <tguilbert@google.com>
Fixes: clusterfuzz_usan-2016-08-02
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c5cc3b08e56fc95665977544486bd9f06e4b7a72)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found-by: Thomas Guilbert <tguilbert@google.com>
Fixes: clusterfuzz_usan-2016-08-02
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6cd9a8b67a95a136ea15bfe3c3bab6cf5e6d1cc9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes crash in avformat_open_input() when accessing
protocol_whitelist field.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e947b75b1c76ef6793209c2c445b8c224a28717a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fix const corectness and zero init the struct. This example code would actually crash when initializing string.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69630f4d304a4e35d90957d6a170744af87cbf93)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 282477bf4534439ecb06f14d46446a4f1ab82284)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4cc896ea5f06f8b1ebcde6d876d9c5b59ef9a016)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5428
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d0b21b28a3d348c0302c98cee23c4820cd13e1e2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes regression from Ticket5428
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b0b3676e136a09a13767859f429a0aa416d929cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes part of Ticket5648
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e8931d79cc4d3a807860c0d4a223a77b149d2e9e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The caps_internal field has moved without major bump and direct
access causes crashes, found when testing 3.1
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d0ee2e3ae6a7b58363b5e1ae518b242d0666f82b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes mis-detection of tiff as mpegts
Fixes Ticket5565
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00c4861f13d9ec302348cfa1e2d4f1c796e9e86b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5478
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b21f674876badefc68e4deecdb4a1d46de10b67c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Improves score for 1000-frames-of-noise-encoded-with-lame.mp3 without file extension
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5fd73948bb684efcadc1f95fd2028b58d675f3ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes Ticket5215
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 056a4ae771b00645184c639fe9fd6b7217eb6d87)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is allocated before, this cannot work
Fixes Ticket5613
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 24f513619680b5bef40b02db6ca07a8a009c2ece)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
x86 is maintained entirely by others these days
ML, mostly too
remove myself from a few spots that have other maintainers and where i
just dont know the code that well anyway to do an ideal job
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bb5bc08ba6f88af2a4a2e00ea03261b142f79f8f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
