Fixes out of array access
Fixes: crash-huf.avi
Regression since: 6b41b44149
This could also be fixed by adding checks in the C code that calls the dsp
Found-by: Zhibin Hu and 连一汉 <lianyihan@360.cn>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Some V4L2 drivers fail to allocate buffers when sizeimage is not set
to a max value. This is indeed the case for s5p-mfc [1]
Most drivers should be able to calculate this value from the frame
dimensions and format - or at least have their own default.
However since this work around should not impact those drivers doing
the "right thing" this commit just provides such a default.
The calculations were extracted from the v4l2 driver used to develop
the ffmpeg v4l2_m2m support [2]. See venc.c and vdec.c
[1] linux.git/drivers/media/platform/s5p-mfc
[2] linux.git/drivers/media/platform/qcom/venus/
The string is allocated with CFStringGetCString but was being
deallocated with free(), which would intermittently result in
a segmentation fault. Use the correct function for freeing the
allocated CFString.
Signed-off-by: Devin Heitmueller <dheitmueller@ltnglobal.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
This FFmpeg-specific "fuzzer fix" was never perfect, but now it
stopped encoding of actual content with a big enough DTS shift.
This returns the function to its original state of results
before negative CTS offsets were added.
I remember dealing with this function before, but somehow had
forgotten about it during VDD. The test cases not tripping this
over also didn't help.
* commit 'd7b2bb5391bf55e8f9421bff7feb4c1fddfac4bf':
h264_sei: Check actual presence of picture timing SEI message
This commit is a noop, see 6a37abc59a
Merged-by: James Almer <jamrial@gmail.com>
* commit '21cca00dfeaec08ca93cf94ed33f4311cf1d8c84':
build: Explicitly disable external libraries when not explicitly enabled
This commit is a noop.
Merged-by: James Almer <jamrial@gmail.com>
* commit 'd8f36a6aa33e9f904fa47caa0329ddaac391cd7d':
nvenc: Fix the preset mapping list
This commit is a noop.
Merged-by: James Almer <jamrial@gmail.com>
* commit 'c483398bb7ef66f61ed2dcb09f3d6160683da0eb':
build: Drop DOC_ prefix from EXAMPLES-related variables
Merged-by: James Almer <jamrial@gmail.com>
* commit '4141a5a240fba44b4b4a1c488c279d7dd8a11ec7':
Use modern avconv syntax for codec selection in documentation and tests
Merged-by: James Almer <jamrial@gmail.com>
The number of bits from bit #m to #n is n - m plus 1.
Signed-off-by: Ingo Brückl <ib@wupperonline.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: -1408475220 + -1408475220 cannot be represented in type 'int'
Fixes: 3336/clusterfuzz-testcase-minimized-5656839179993088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is to fix https://trac.ffmpeg.org/ticket/6677. Actucally it is a
regression of commit 99e07a4453 which
always inserts a dummy frame when decode the first key field picture.
Signed-off-by: Zhong Li <zhong.li@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* commit 'da8093f712d625db7ce4a2526fb52994e01921ec':
fate: Use bitexact optimizations in the svq3-2 test
This commit is a noop, see b591329c3a
Merged-by: James Almer <jamrial@gmail.com>
* commit '4cc0227040adb9efc63be6a5765e3214f5c6f662':
apetag: account for header size if present when returning the start position
apetag: fix flag value to signal footer presence
This commit is a noop, see
e8d6fef31684d874a680
Merged-by: James Almer <jamrial@gmail.com>
Fixes: runtime error: left shift of negative value -255
Fixes: 3373/clusterfuzz-testcase-minimized-5604083912146944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The first frame changes depending on --enable-memory-poisoning being
used to configure ffmpeg or not, even if requesting bitexact decoding.
Disable the test until this is fixed.
Signed-off-by: James Almer <jamrial@gmail.com>
* commit '8e4d4efc67e154fdffd65964a7cfeef740320827':
fate: Add another SVQ3 test to increase coverage
Also included a fix from da8093f712.
The demuxer option "-ignore_editlist 1 " is temporarily added to the
test as well, to workaround a regression in the edit list mov parsing
code.
Merged-by: James Almer <jamrial@gmail.com>