This avoids an integer overflow
the solution matches oggparsevorbis.c and 45581ed15d2ad5955e24d809820c1675da68f500
Fixes: 700242
Found-by: Thomas Guilbert <tguilbert@google.com>
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 679a315424e6ffaafd21ebf7a86108bd4e743793)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes CID1396835
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4064f3f0dfe71f6d378b9252a390f89c4315bf54)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes CID1397292
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5f2b360fc05bbb4f21e1247d1d9af303113d6c25)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This should make no difference as the value should not be able to be that large
but its more correct this way
Fixes CID1348138
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f48b6b8b91d63148ef50d096688ed7226cd6ddf4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The maximum number of references is 16, so the index value cannot
exceed 15.
Fixes Coverity CID 1348139, 1348140, 1348141
(cherry picked from commit 4e6d1c1f4ec83000a067ff14452b34c1f2d2a43a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes timeout with 847/clusterfuzz-testcase-5291877358108672
Fixes timeout with 850/clusterfuzz-testcase-5721296509861888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 98da63b3f5f5a277c5c3a16860db9a9f6741e54c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 861/clusterfuzz-testcase-5688284384591872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5d996b56499f00f80b02a41bab3d6b7349e36e9d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 822/clusterfuzz-testcase-4873433189974016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cebc5a9ccba0de7bddf7900ae85652ebc66141c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 768/clusterfuzz-testcase-4807444305805312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a66c6e28b543804f50df1c6083a204219b6b1daa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 763/clusterfuzz-testcase-6007567320875008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 44e2105189ac66637f34c764febc349238250b1d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 736/clusterfuzz-testcase-5580263943831552
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e2a4f1a9eb2c1ef3feed4a4f04db7629f2b61084)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 734/clusterfuzz-testcase-4821293192970240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 222c9f031de3315af62be6d7a99c71105e516088)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 733/clusterfuzz-testcase-4682158096515072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 800d02abe041deacab5585bf41c1bc2ae5f4b922)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 729/clusterfuzz-testcase-5154831595470848
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3016e919d4e1d90da98af19ce2a9d4979506eaf3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 723/clusterfuzz-testcase-6471394663596032
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ba150051322c02e24c004bd5309468886e1e5ab6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This checks the sprite delta intermediates for overflow
Fixes: 716/clusterfuzz-testcase-4890287480504320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fab13bbbcdf92da165f1a6be94fbb8f87fac639a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 709/clusterfuzz-testcase-4789836449841152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d757ddbaab8f03b3664788e620314b70ac791319)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 710/clusterfuzz-testcase-5091051431788544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ab998f4c7faf90d0e46b6ead38a1df1f6a31e2eb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 705/clusterfuzz-testcase-5129572590813184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d23727e0420b9f77f0d4cb28b43819b402f702e5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Also clear the state on errors
Fixes integer overflows in 701/clusterfuzz-testcase-6594719951880192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eb41956636fc264fe2077b78ef00591d83bbbace)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 693/clusterfuzz-testcase-6109776066904064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4b72d5cd6f9341dcafdbc1b9030166aa987b8304)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 682/clusterfuzz-testcase-4799120021651456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4bd3f1ce3e68a9348e97ec07a247048ea72ed808)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 674/clusterfuzz-testcase-6713275880308736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25e93aacc2142f3b57f1e63c67ca46d304f154ef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 672/clusterfuzz-testcase-5595018867769344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 87eb3749708c0eb2978f4812c7be2a4af667fdb7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
671/clusterfuzz-testcase-4990381827555328
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aff8cf18cb0b1fa4f2e3d163c3da2f25aa6d1906)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is not necessarily specific to fuzzed files
Fixes: Multiple integer overflows
Fixes: 656/clusterfuzz-testcase-6463814516080640
Fixes: 658/clusterfuzz-testcase-6691260146384896
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 76ba09d18245a2a41dc5f93a60fd00cdf358cb1f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 651/clusterfuzz-testcase-5710668915277824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6871df02d973c9ffc1aa4f6d08fb4b1b63d411be)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 644/clusterfuzz-testcase-4726434209726464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6179dc8aa7e5fc5358b9614306f93f1adadf22a4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 639/clusterfuzz-testcase-5143866241974272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 631f7484918a9e7260377c3cea878be708609e64)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 630/clusterfuzz-testcase-6608718928019456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 956472a3236cc8eaeba5147c55b51bde6005c898)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 614/clusterfuzz-testcase-4931860079575040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 258763ad0e1efff82bbe2beb97527d3c19f40932)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 612/clusterfuzz-testcase-4707817137111040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aa2b75263e17651187b1475551a02aa2f4ff65fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 611/clusterfuzz-testcase-5613455820193792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c91bdd4524815125e1f7d8dee22ee7a73173c39a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 610/clusterfuzz-testcase-4831030085156864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 067485b673f6ac4b1207d6fc975d1fd968edc68e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: fuzz-2-ffmpeg_SUBTITLE_AV_CODEC_ID_SUBRIP_fuzzer
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 04bd1b38ee6b8df410d0ab8d4949546b6c4af26a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: timeout in 758/clusterfuzz-testcase-4720832028868608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6e913f212907048d7009cf2f15551781c69b9985)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 447860.webm
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9bbc73ae9fdedc8789b2b6be65279e9a0ecd7090)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: timeout in 730/clusterfuzz-testcase-5265113739165696 (part 2 of 2)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1afd246960202917e244c844c534e9c1e3c323f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: timeout in 730/clusterfuzz-testcase-5265113739165696 (part 1 of 2)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 55d7371fe0c44c025eb0e75215e0685870f31874)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5098a6f6275a57f122cd8f03e7ffbe5dd090b8e0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes timeout with 700/clusterfuzz-testcase-5660909504561152
Fixes timeout with 702/clusterfuzz-testcase-4553541576294400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2ce4f28431623cdde4aa496fd10430f6c7bdef63)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8094a303ba36344015a44d629bafc6d7094b4ac)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes timeout with 686/clusterfuzz-testcase-5853946876788736
this shortcuts (i.e. speeds up) the error and
return-to-user when decoding a truncated frame
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Previous version reviewed by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7b5ff7d57355dc608f0fd86e3ab32a2fda65e752)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4c0139463c8f0a6f28e7b193c2a85608a7635bbd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 664/clusterfuzz-testcase-4917047475568640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b8b7921c55a93049a86cfeb2fda9423d16f8ebe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
