FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-29 22:00:58 +02:00

Author	SHA1	Message	Date
James Almer	58cd70201e	avformat/movenc: free eac3 private data only when closing the stream This makes sure the data is available when writing the moov atom during the second pass triggered by the faststart movflag. Fixes ticket #7780 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 27c94c57dc84da8125225fda7d241be57d19b391)	2019-03-31 20:36:41 -03:00
Michael Niedermayer	1d720b37f0	Update for 4.1.3 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:31:47 +02:00
Michael Niedermayer	f1ecebcdb7	avcodec/hevcdec: Avoid only partly skiping duplicate first slices Fixes: NULL pointer dereference and out of array access Fixes: 13871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5746167087890432 Fixes: 13845/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5650370728034304 This also fixes the return code for explode mode Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 54655623a82632e7624714d7b2a3e039dc5faa7e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Carl Eugen Hoyos	daca529112	lavc/bmp: Avoid a heap buffer overwrite for 1bpp input. Found by Mingi Cho, Seoyoung Kim, and Taekyoung Kwon of the Information Security Lab, Yonsei University. (cherry picked from commit 1e34014010dba9325fc5430934b51a61a5007c63) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	65f94b732a	avcodec/mpegpicture: Check size of edge_emu_buffer Fixes: OOM Fixes: 13710/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5633152942342144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 635067b75fce06928431ce9b9fcaee0c9b6b7280) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	ad0f4a7d10	avformat/mov: Fix potential integer overflow in entry check in mov_read_trun() No testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ff13a92a6f8413402f5b3cacedda7c10d350b487) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
Michael Niedermayer	cb4768e7f2	avcodec/truemotion2: Fix integer overflow in tm2_null_res_block() Fixes: signed integer overflow: 1111638592 - -2122219136 cannot be represented in type 'int' Fixes: 13441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5732769815068672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1223696c725a8ea7e80498e6ccfab37eea179b76) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-31 23:30:09 +02:00
James Almer	6972b353b4	avcodec/cbs_av1: fix range of values for Mastering Display Color Volume Metadata OBUs Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 40490b3a63368bdc2403bf7415b214e6dc0a9a3a)	2019-03-25 19:59:28 -03:00
James Almer	abf36b76de	avcodec/av1_parser: don't abort parsing the first frame if extradata parsing fails The first frame contains the sequence header, which is needed to parse every following frame. This fixes parsing streams with broken extradata but correct packet data. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 699d0c2a30d5b2a10b6a0f459a35d665dc22b2f1)	2019-03-25 19:59:22 -03:00
Michael Niedermayer	a7cb7a2e43	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n4.1.2	2019-03-21 09:02:44 +01:00
Michael Niedermayer	b429df281d	avcodec/dfa: Check the chunk header is not truncated Fixes: Timeout (11sec -> 3sec) Fixes: 13218/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DFA_fuzzer-5661074316066816 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f20760fadbc77483b9ff4b400b53ebb38ee33793) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-21 09:01:42 +01:00
Michael Niedermayer	7ce56329e7	avcodec/clearvideo: Check remaining data in P frames Fixes: Timeout (19sec -> 419msec) Fixes: 13411/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-5733153811988480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 41f93f941155f9f9dbb2d5e7f5d20b2238150836) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-21 09:01:42 +01:00
James Almer	dbef08b60f	avcodec/hevcdec: decode at most one slice reporting being the first in the picture Fixes deadlocks when decoding packets containing more than one of the aforementioned slices when using frame threads. Tested-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 70c8c8a818f39bc262565ec29fae2baffb3e1660)	2019-03-20 20:28:04 -03:00
Michael Niedermayer	77d244e7a9	Update for 4.1.2 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 17:31:54 +01:00
Michael Niedermayer	8cee4190f3	avcodec/dvbsubdec: Check object position Reference: ETSI EN 300 743 V1.2.1 7.2.2 Region composition segment Fixes: Timeout Fixes: 13325/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVBSUB_fuzzer-5143979392237568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a8c5ae451184e879fc8ff1333c6f26f9542c8ebf) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:54:31 +01:00
Michael Niedermayer	04ce4cc072	avcodec/cdgraphics: Use ff_set_dimensions() Fixes: Timeout (17 sec -> 65 milli sec) Fixes: 13264/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CDGRAPHICS_fuzzer-5711167941509120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9a9f0e239c1c6f5c96cc90ba673087f86ca1eabc) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:54:10 +01:00
Michael Niedermayer	5d208aac52	avformat/gdv: Check fps Fixes: Division by 0 Fixes: ffmpeg_zero_division.bin Found-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 38381400fca45d1ae6e7604335b507b7dc70a903) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 16:53:57 +01:00
Guo, Yejun	83bfd4f3b5	configure: use vpx_codec_vp8_dx/cx for libvpx-vp8 checking Signed-off-by: Guo, Yejun <yejun.guo@intel.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit d9b2668766e3e924d4ebb3c6531b449874e13666) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 11:51:09 +01:00
Guo, Yejun	9bf40978c6	configure: add missing pthreads extralibs dependency for libvpx-vp9 Signed-off-by: Guo, Yejun <yejun.guo@intel.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 402bf262375dfecd0e90d7acc67c238abe952fc3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 11:49:55 +01:00
Michael Niedermayer	1e50a327c6	avcodec/mpeg4videodec: Check idx in mpeg4_decode_studio_block() Fixes: Out of array access Fixes: 13500/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5769760178962432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Kieran Kunhya <kierank@obe.tv> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d227ed5d598340e719eff7156b1aa0a4469e9a6a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	ad12d9df1e	avcodec/dxv: Correct integer overflow in get_opcodes() Fixes: 13099/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXV_fuzzer-5665598896340992 Fixes: signed integer overflow: 2147483647 + 7 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6e0b5d3a20e107860a34e90139b860d6b8219a1d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	67d030787e	avcodec/scpr: Fix use of uninitialized variable Fixes: Undefined shift Fixes: 12911/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5677102915911680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 53248acfb3b23007c89ae822d7bcae451272d5a7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	c90836cc3d	avcodec/qpeg: Limit copy in qpeg_decode_intra() to the available bytes Fixes: Timeout (27 sec -> 39 milli sec) Fixes: 13151/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QPEG_fuzzer-5717536023248896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b819472995f55e827d6bb70dcdd86d963f65ae31) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	6c0124d392	avcodec/aic: Check remaining bits in aic_decode_coeffs() Fixes: Timeout (78 seconds -> 2 seconds) Fixes: 13186/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-5639516533030912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 951bb7632fe6e3bb1a9c3b47610705871e471f34) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	29619a8ac2	avcodec/gdv: Check for truncated tags in decompress_5() Testcase: 13169/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5666354038833152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5cf42f65b60d226d1223d2100cb1d90402189275) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	09683e1f4e	avcodec/bethsoftvideo: Check block_type Fixes: Timeout (17 seconds -> 1 second) Fixes: 13184/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BETHSOFTVID_fuzzer-5711446296494080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b8ecadec0582a1521b5d0d253376966138e6ca78) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	662b6351c8	avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int() Fixes: runtime error: signed integer overflow: 2147483598 + 128 cannot be represented in type 'int' Fixes: 12926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5705100733972480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4801eea0d465cd54670e7c19322705544e3e7524) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	b8dd1d2d4b	avcodec/error_resilience: Use a symmetric check for skipping MV estimation This speeds up the testcase by a factor of 4 Fixes: Timeout Fixes: 13100/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5767533905313792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e4289cb253e29e4d62dc46759eb1a45d8f6d82df) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	92335fc02b	avcodec/mlpdec: Insuffient typo Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit fc32e08941ea2795a3096e7a4013843e9ebf5fe3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	ff491b1544	avcodec/zmbv: obtain frame later The frame is not needed that early so obtaining it later avoids the costly operation in case other checks fail. Fixes: Timeout (14sec -> 4sec) Fixes: 13140/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZMBV_fuzzer-5738330308739072 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 177b40890c6de8c6896e0a1d4a631ea1ca89c044) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	4e624c89fd	avcodec/jvdec: Check available input space before decode8x8() Fixes: Timeout (78 sec -> 15 millisec) Fixes: 13147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JV_fuzzer-5727107827630080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 61523683c5a9bda9aaa7ae24764a3df0401a9877) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	9495228df0	avcodec/h264_direct: Fix overflow in POC comparission Fixes: runtime error: signed integer overflow: 2147421862 - -33624063 cannot be represented in type 'int' Fixes: 12885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5733516975800320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5ccf296e74725bc8bdfbfe500d0482daa200b6f3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	339f40f618	avformat/webmdashenc: Check id in adaption_sets Fixes: out of array access Found-by: Wenxiang Qian Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b687b549aa0fb115861b1343208de8c2630803bf) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Wenxiang Qian	ec22b46a4d	avformat/http: Fix Out-of-Bounds access in process_line() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 85f91ed760a517c0d5fcf692d40a5a9d7efa9476) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Wenxiang Qian	11375cd101	avformat/ftp: Fix Out-of-Bounds Access and Information Leak in ftp.c:393 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a142ffdcaec06fcbf7d4b00dbb0e5ddfb9e3344d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Kevin Backhouse via RT	f7f3937494	avcodec/htmlsubtitles: Fixes denial of service due to use of sscanf in inner loop for handling braces Fixes: [Semmle Security Reports #19439] Fixes: dos_sscanf2.mkv Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 894995c41e0795c7a44f81adc4838dedc3932e65) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Kevin Backhouse via RT	cc5361ed18	avcodec/htmlsubtitles: Fixes denial of service due to use of sscanf in inner loop for tag scaning Fixes: [Semmle Security Reports #19438] Fixes: dos_sscanf1.mkv Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1f00c97bc3475c477f3c468cf2d924d5761d0982) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	4d1fcd734e	avformat/matroskadec: Do not leak queued packets on sync errors Fixes: memleak Fixes: clusterfuzz-testcase-minimized-audio_decoder_fuzzer-5649187601121280 Reported-by: Chris Cunningham <chcunningham@google.com> Tested-by: Chris Cunningham <chcunningham@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d1afa7284c3feba4debfebf1b9cf8ad67640e34a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	8066cb3556	avcodec/mpeg4videodec: Clear interlaced_dct for studio profile Fixes: Out of array access Fixes: 13090/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5408668986638336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Kieran Kunhya <kierank@obe.tv> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1f686d023b95219db933394a7704ad9aa5f01cbb) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	d25f388584	avformat/mov: Do not use reference stream in mov_read_sidx() if there is no reference stream Fixes: NULL pointer dereference Fixes: clusterfuzz-testcase-minimized-audio_decoder_fuzzer-5634316373721088 Reported-by: Chris Cunningham <chcunningham@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b0d8b7cb8e86367178ef0c35dcae359d820c3b27) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Michael Niedermayer	1a82246cae	avcodec/sbrdsp_fixed.c: remove input value limit for sbr_sum_square_c() Fixes: 1377/clusterfuzz-testcase-minimized-5487049807233024 Fixes: assertion failure in sbr_sum_square_c() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4cde7e62dbaa63eda173e8d24a97d273890f282c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Alex Mogurenko	7e204f7260	avcodec/prores_ks: Fix luma quantization if q >= MAX_STORED_Q The problem occurs in slice quant estimation and slice encoding: If the slice quant is larger than MAX_STORED_Q we don't use pre-calculated quant matrices, but generate a new one, but both qmat and qmat_chroma both point to the same table, so the luma table ends up having chroma table values. Add custom_chroma_q the same way as custom_q. Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> (cherry picked from commit e4788ae31b2e9af45d11f4bf4498c075dcc25a6c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-03-14 00:24:44 +01:00
Charles Liu	53f3f5233f	avformat/mov: fix hang while seek on a kind of fragmented mp4 Binary searching would hang if the fragment items do NOT have timestamp for the specified stream. For example, a fmp4 consists of separated 'moof' boxes for each track, and separated 'sidx' for each segment, but no 'mfra' box. Then every fragment item only have the timestamp for one of its tracks. Example: ffmpeg -f lavfi -i testsrc -f lavfi -i sine -movflags dash+frag_keyframe+skip_trailer+separate_moof -t 1 out.mp4 ffmpeg -ss 0.5 -i out.mp4 -f null none Also fixes the hang in ticket #7572, but not the reason for having AV_NOPTS_VALUE timestamps there. Signed-off-by: Charles Liu <liuchh83@gmail.com> Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit aa25198f1b925a464bdfa83a98476f08d26c9209)	2019-02-11 22:07:54 +01:00
Marton Balint	110eff79ca	avformat/async: fix assertion condition when draining buffer Fixes some random assertion failures with ffprobe -show_packets async:samples/ffmpeg-bugs/trac/ticket6132/Samsung_HDR_-_Chasing_the_Light.ts > /dev/null Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit 4b46d1ee463f6bb2d2be967d418d275a44fe2a9c)	2019-02-11 22:07:06 +01:00
James Almer	33c8009773	avcodec/cbs_av1: don't call cbs_av1_read_trailing_bits() when no bits remain in the OBU Reviewed-by: jkqxz Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 3e8b8b6b509c8c37defd3a8c32883fa54bc00de8)	2019-02-10 21:02:06 -03:00
Michael Niedermayer	74700e50bf	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n4.1.1	2019-02-09 18:33:21 +01:00
chcunningham	00cdf4e4e5	avformat/mov: validate chunk_count vs stsc_data Bad content may contain stsc boxes with a first_chunk index that exceeds stco.entries (chunk_count). This ammends the existing check to include cases where chunk_count == 0. It also patches up the case when stsc refers to unknown chunks, but stts has no samples (so we can simply ignore stsc). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1c15449ca9a5bfa387868ac55628397273da761f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-02-08 12:22:37 +01:00
chcunningham	bcc71f30ad	avformat/mov.c: require tfhd to begin parsing trun Detecting missing tfhd avoids re-using tfhd track info from the previous moof. For files with multiple tracks, this may make a mess of the avindex and fragindex, which can later trigger av_assert0 in mov_read_trun(). Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3ea87e5d9ea075d5b3c0f4f8c6c48e514b454cbe) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-02-08 12:22:13 +01:00
Michael Niedermayer	31a1d2aa83	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-02-04 00:51:42 +01:00
Michael Niedermayer	7816497ba0	avcodec/pgssubdec: Check for duplicate display segments In such a duplication the previous gets overwritten and leaks Fixes: memleak Fixes: 12510/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5694439226343424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e35c3d887b3e374c6a091342206a42da48785d70) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-02-04 00:32:09 +01:00

... 4 5 6 7 8 ...

92720 Commits