FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-28 20:53:54 +02:00

Author	SHA1	Message	Date
Michael Niedermayer	8c9e131d3a	avcodec/fits: Check bitpix Reference: Table 8: Interpretation of valid BITPIX value from FITS standard 4.0 Fixes: runtime error: division by zero Fixes: 14581/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FITS_fuzzer-5652382425284608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0b5c93b276`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	0060dc62f1	avcodec/jvdec: Use ff_get_buffer() when the content is not reused Fixes: Timeout (11sec -> 5sec) Fixes: 14473/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JV_fuzzer-5761630857592832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `09edcd3572`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	5ea8ce3b37	avcodec/truemotion2: Fix 2 integer overflows in tm2_update_block() Fixes: signed integer overflow: -2147483648 + -1 cannot be represented in type 'int' Fixes: 14107/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5694078680825856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f4a1b8d409`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	08d736d536	avcodec/gdv: Check input palette size before rescale() Fixes: Timeout (22sec -> 11sec) Fixes: 13576/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5681024577568768 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f857753f56`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	3f950b866a	avcodec/jpeg2000: Check stepsize before using it Fixes: value 1.87633e+10 is outside the range of representable values of type 'int' Fixes: Undefined behavior Fixes: 14246/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5758393601490944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `06ef186fa1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	d5ba641ff4	avcodec/aacdec_fixed: Fix undefined shift in noise_scale() Fixes: 13655/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5120559430500352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ea211ab79`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	d8bdc95457	avutil/avstring: Fix bug and undefined behavior in av_strncasecmp() The function in case of n=0 would read more bytes than 0. The end pointer could be beyond the allocated space, which is undefined. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6f0e9a8634`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	05a90821d0	avformat/mov: Skip stsd adjustment without chunks Fixes: Assertion failure Fixes: clusterfuzz-testcase-minimized-media_pipeline_integration_fuzzer-5683096400822272 Found-by: Clusterfuzz Reported-by: Dan Sanders <sandersd@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `18a567c369`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	9b4004c054	avformat/aadec: Check for scanf() failure Fixes: use of uninitialized variables Fixes: blank.aa Found-by: Chamal De Silva <chamal.desilva@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ed188f6dcd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	d39467262d	avcodec/ccaption_dec: Add a blank like at the end to avoid rollup reading from outside Fixes: index 20 out of bounds for type 'const char *[4][128]' Fixes: 14367/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CCAPTION_fuzzer-5718819672162304 Reviewed-by: Paul B Mahol <onemda@gmail.com> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f17e8e90bb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	92205c4a1d	avcodec/ivi: Move buffer/block end check to caller of ivi_dc_transform() Fixes: assertion failure Fixes: 14078/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO5_fuzzer-5760571284127744 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `110dce9633`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	fb3135ae97	avcodec/diracdec: Use 64bit in intermediate of global motion vector field generation It seems the specification does not limit the value to 32bit Fixes: signed integer overflow: -109611143 * 24 cannot be represented in type 'int' Fixes: 13477/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5648337460527104 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `837820f385`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Michael Niedermayer	6a0895bdf3	avcodec/truemotion2: Fix integer overflow in tm2_decode_blocks() Fixes: signed integer overflow: 255 + 2147483634 cannot be represented in type 'int' Fixes: 13472/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5712444142387200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0ad0533e91`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-06-27 17:50:47 +02:00
Andreas Rheinhardt	b5229a0b3e	movsub_bsf: Fix mov2textsub regression The mov flavour of timed text uses the first two bytes of the packet as a length field. And up until `11bef2fe` said length field has been read correctly in the mov2textsub bsf. But since then the next two bytes are read as if they were the length field. This is fixed in this commit. Reviewed-by: Philip Langdale <philipl@overt.org> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `800f618a34`)	2019-06-24 23:55:17 -03:00
Jun Zhao	72f03b2af4	lavc/libaomenc: Add a maximum constraint of 64 encoder threads. fixed the error in Intel(R) Xeon(R) Gold 6152 CPU like: [libaom-av1 @ 0x469f340] Failed to initialize encoder: Invalid parameter [libaom-av1 @ 0x469f340] Additional information: g_threads out of range [..MAX_NUM_THREADS] Signed-off-by: Jun Zhao <mypopydev@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `b87063c06d`)	2019-06-17 18:50:05 -03:00
James Almer	7211e1ca93	avformat/aacdec: fix demuxing of small frames 10 bytes (id3v2 header amount of bytes) were being read before any checks were made on the bitstream. The result was that we were overreading into the next frame if the current one was 8 or 9 bytes long. Fixes tickets #7271 and #7869. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `d88193c219`)	2019-05-06 13:53:39 -03:00
Sergey Svechnikov	7c2dd1f969	avcodec/cuviddec: improve progressive frame detection There are 2 types of problems when using adaptive deinterlace with cuvid: 1. Sometimes, in the middle of transcoding, cuvid outputs frames with visible horizontal lines (as though weave deinterlace method was chosen); 2. Occasionally, on scene changes, cuvid outputs a wrong frame, which should have been shown several seconds before (as if the frame was assigned some wrong PTS value). The reason is that sometimes CUVIDPARSERDISPINFO has property progressive_frame equal to 1 with interlaced videos. In order to fix the problem we should check if the video is interlaced or progressive in the beginning of a video sequence (cuvid_handle_video_sequence). And then we just use this information instead of the property progressive_frame in CUVIDPARSERDISPINFO (which is unreliable). Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>	2019-04-23 12:52:02 +02:00
Tristan Matthews	cf7a5c655c	avformat/matroskaenc: fix leak on error Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `1ec777dcdd`)	2019-04-09 12:10:36 -03:00
Jeremy Dorfman	420fe39aff	avformat/av1: Initialize padding in ff_isom_write_av1c Otherwise, AV1 encodes with FFmpeg trigger use-of-uninitialized-value warnings under MemorySanitizer, and the output buffer potentially changes from run to run. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `bb5efd1727`)	2019-04-09 12:08:30 -03:00
James Almer	ec82b3ecbb	avcodec/cbs_av1: fix parsing spatial_id Reviewed-by: Mark Thompson <sw@jkqxz.net> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `461303f94a`)	2019-04-02 18:04:53 -03:00
Michael Niedermayer	4154f89678	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-04-01 10:33:02 +02:00
Michael Niedermayer	6c75df556f	avcodec/rscc: Check that the to be uncompressed input is large enough Fixes: Out of array access Fixes: 13984/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RSCC_fuzzer-5734128093233152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3a0ec1511e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-04-01 10:32:08 +02:00
James Almer	58cd70201e	avformat/movenc: free eac3 private data only when closing the stream This makes sure the data is available when writing the moov atom during the second pass triggered by the faststart movflag. Fixes ticket #7780 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `27c94c57dc`)	2019-03-31 20:36:41 -03:00
Michael Niedermayer	1d720b37f0	Update for 4.1.3 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:31:47 +02:00
Michael Niedermayer	f1ecebcdb7	avcodec/hevcdec: Avoid only partly skiping duplicate first slices Fixes: NULL pointer dereference and out of array access Fixes: 13871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5746167087890432 Fixes: 13845/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5650370728034304 This also fixes the return code for explode mode Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `54655623a8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Carl Eugen Hoyos	daca529112	lavc/bmp: Avoid a heap buffer overwrite for 1bpp input. Found by Mingi Cho, Seoyoung Kim, and Taekyoung Kwon of the Information Security Lab, Yonsei University. (cherry picked from commit `1e34014010`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	65f94b732a	avcodec/mpegpicture: Check size of edge_emu_buffer Fixes: OOM Fixes: 13710/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5633152942342144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `635067b75f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	ad0f4a7d10	avformat/mov: Fix potential integer overflow in entry check in mov_read_trun() No testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ff13a92a6f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	cb4768e7f2	avcodec/truemotion2: Fix integer overflow in tm2_null_res_block() Fixes: signed integer overflow: 1111638592 - -2122219136 cannot be represented in type 'int' Fixes: 13441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5732769815068672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1223696c72`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
James Almer	6972b353b4	avcodec/cbs_av1: fix range of values for Mastering Display Color Volume Metadata OBUs Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `40490b3a63`)	2019-03-25 19:59:28 -03:00
James Almer	abf36b76de	avcodec/av1_parser: don't abort parsing the first frame if extradata parsing fails The first frame contains the sequence header, which is needed to parse every following frame. This fixes parsing streams with broken extradata but correct packet data. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `699d0c2a30`)	2019-03-25 19:59:22 -03:00
Michael Niedermayer	a7cb7a2e43	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-21 09:02:44 +01:00
Michael Niedermayer	b429df281d	avcodec/dfa: Check the chunk header is not truncated Fixes: Timeout (11sec -> 3sec) Fixes: 13218/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DFA_fuzzer-5661074316066816 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f20760fadb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-21 09:01:42 +01:00
Michael Niedermayer	7ce56329e7	avcodec/clearvideo: Check remaining data in P frames Fixes: Timeout (19sec -> 419msec) Fixes: 13411/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-5733153811988480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `41f93f9411`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-21 09:01:42 +01:00
James Almer	dbef08b60f	avcodec/hevcdec: decode at most one slice reporting being the first in the picture Fixes deadlocks when decoding packets containing more than one of the aforementioned slices when using frame threads. Tested-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `70c8c8a818`)	2019-03-20 20:28:04 -03:00
Michael Niedermayer	77d244e7a9	Update for 4.1.2 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 17:31:54 +01:00
Michael Niedermayer	8cee4190f3	avcodec/dvbsubdec: Check object position Reference: ETSI EN 300 743 V1.2.1 7.2.2 Region composition segment Fixes: Timeout Fixes: 13325/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer-5143979392237568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a8c5ae4511`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:54:31 +01:00
Michael Niedermayer	04ce4cc072	avcodec/cdgraphics: Use ff_set_dimensions() Fixes: Timeout (17 sec -> 65 milli sec) Fixes: 13264/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CDGRAPHICS_fuzzer-5711167941509120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9a9f0e239c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:54:10 +01:00
Michael Niedermayer	5d208aac52	avformat/gdv: Check fps Fixes: Division by 0 Fixes: ffmpeg_zero_division.bin Found-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38381400fc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:53:57 +01:00
Guo, Yejun	83bfd4f3b5	configure: use vpx_codec_vp8_dx/cx for libvpx-vp8 checking Signed-off-by: Guo, Yejun <yejun.guo@intel.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `d9b2668766`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 11:51:09 +01:00
Guo, Yejun	9bf40978c6	configure: add missing pthreads extralibs dependency for libvpx-vp9 Signed-off-by: Guo, Yejun <yejun.guo@intel.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `402bf26237`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 11:49:55 +01:00
Michael Niedermayer	1e50a327c6	avcodec/mpeg4videodec: Check idx in mpeg4_decode_studio_block() Fixes: Out of array access Fixes: 13500/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5769760178962432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Kieran Kunhya <kierank@obe.tv> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d227ed5d59`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	ad12d9df1e	avcodec/dxv: Correct integer overflow in get_opcodes() Fixes: 13099/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXV_fuzzer-5665598896340992 Fixes: signed integer overflow: 2147483647 + 7 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6e0b5d3a20`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	67d030787e	avcodec/scpr: Fix use of uninitialized variable Fixes: Undefined shift Fixes: 12911/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5677102915911680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `53248acfb3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	c90836cc3d	avcodec/qpeg: Limit copy in qpeg_decode_intra() to the available bytes Fixes: Timeout (27 sec -> 39 milli sec) Fixes: 13151/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QPEG_fuzzer-5717536023248896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b819472995`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	6c0124d392	avcodec/aic: Check remaining bits in aic_decode_coeffs() Fixes: Timeout (78 seconds -> 2 seconds) Fixes: 13186/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-5639516533030912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `951bb7632f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	29619a8ac2	avcodec/gdv: Check for truncated tags in decompress_5() Testcase: 13169/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5666354038833152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5cf42f65b6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	09683e1f4e	avcodec/bethsoftvideo: Check block_type Fixes: Timeout (17 seconds -> 1 second) Fixes: 13184/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BETHSOFTVID_fuzzer-5711446296494080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b8ecadec05`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	662b6351c8	avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int() Fixes: runtime error: signed integer overflow: 2147483598 + 128 cannot be represented in type 'int' Fixes: 12926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5705100733972480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4801eea0d4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	b8dd1d2d4b	avcodec/error_resilience: Use a symmetric check for skipping MV estimation This speeds up the testcase by a factor of 4 Fixes: Timeout Fixes: 13100/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5767533905313792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e4289cb253`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00

1 2 3 4 5 ...

92492 Commits