Such frames will crash when pthread functions are called on the NULL pointer
Fixes: member access within null pointer of type 'VVCFrameThread' (aka 'struct VVCFrameThread')
Fixes: 65160/clusterfuzz-testcase-minimized-ffmpeg_BSF_VVC_METADATA_fuzzer-4665241535119360 (partly)
Fixes: 65636/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-5394745824182272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
add_program() will deallocate the whole array on failure so
we must clear nb_prgs
Fixes: null pointer dereference
Fixes: crash-35a3b39ddcc5babeeb005b7399a3a1217c8781bc
Found-by: Catena cyber
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access (av_channel_layout_copy())
Fixes: 67087/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-4920720268263424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is kind of ugly
Fixes: signed integer overflow: 255 * 1157565362826411919 cannot be represented in type 'long'
Fixes: 67313/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6250434245230592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
struct Foo * declares a new type (namely struct Foo)
if there is no declaration of struct Foo already visible
in the current scope; otherwise it is just a pointer to
an element of the already declared type "struct Foo".
There is a gotcha with the first case:
struct Foo is only declared in its scope; a later declaration
of struct Foo in an enclosing scope declares a different type.
This happens in hwcontext_vulkan.h if it is included before
hwcontext.h, because some declarations of struct AVHWDeviceContext
and struct AVHWFramesContext have function prototype scope.
Compilers warn about this (during checkheaders):
‘struct AVHWDeviceContext’ declared inside parameter list will not
be visible outside of this definition or declaration
Fix this by including hwcontext.h.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Also move AV_CHECK_OFFSET to its only user, namely
lavc/arm/mpegvideo_arm.c and rename it to CHECK_OFFSET.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
There are lots of files that don't need it: The number of object
files that actually need it went down from 2011 to 884 here.
Keep it for external users in order to not cause breakages.
Also improve the other headers a bit while just at it.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Also update the checks that guard against inserting
a new enum entry in the middle of a range.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
In this case GCC does not treat a const variable initialized
to the compile-time constant "3" as a compile-time constant
and errors out because the argument is not a literal value.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Fixes ffplay playback of unknown layouts, when SDL directly supports the audio
format, such as:
ffplay -f lavfi anullsrc=cl=2C,aformat=s16
Without the patch, "Channel layout change is not supported" errors are
generated because buffersrc (unknown 2 channel) and buffersink (stereo)
negotiated a stereo layout, but the stereo layout was never stored in the
BufferSourceContext.
This fixes a regression of 7251f909721a570726775acf61b2b9c28a950c76, but this
is more of a regression of the avfilter channel layout conversion
(1f96db959c1235bb7079d354e09914a0a2608f62).
Signed-off-by: Marton Balint <cus@passwd.hu>
These tests need a scale filter to convert to the prescribed
pixel format (the native format is endian-dependent).
Reviewed-by: Sean McGovern <gseanmcg@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
This reverts commit f6b7b473d456a6aa1c063c4261b17277e2c70ac0.
The image in the item boxes and the animation in the trak box are not
necessarely the same, so both should be exported.
Signed-off-by: James Almer <jamrial@gmail.com>
GCC 9-13 do not emit warnings for this at all optimization
levels even when -Wmaybe-uninitialized is not disabled.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
In particular, declare iterators with loop scope.
Also remove av_uninit while at it, because they
are now unnecessary due to the changes of the preceding
commit.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
While this change IMO makes the control flow clearer
for the human reader, it is especially important for
GCC: It erroneously believes that it is possible to
enter the SHORT2(UNUSED|LONG) cases without having
entered the preceding block that initializes pic,
frame_num, structure and j; it would emit -Wmaybe-uninitialized
warnings for these variables if they were not pseudo-
initialized with av_uninit(). This patch allows to remove
the latter.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>