1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-03 05:10:03 +02:00
Commit Graph

39178 Commits

Author SHA1 Message Date
Michael Niedermayer
aae44fb4cd indeo4: check ref_mb
Fix NULL deref

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 11:03:53 +01:00
Michael Niedermayer
1664edb998 ffmpeg: check samplerate from decoder.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:59:03 +01:00
Michael Niedermayer
a22e64fd02 rawdec: Check w/h.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:48:18 +01:00
Michael Niedermayer
5934d57ba9 xmv: check channel number
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:31:45 +01:00
Michael Niedermayer
08c37a10e9 mjpegdec: check h/v_count.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:24:22 +01:00
Michael Niedermayer
46c7842994 ituh263dec: Implement enough of Annex O (scalability) to fix a FPE.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:14:30 +01:00
Michael Niedermayer
cc415956a4 error_conceal: fix FPE in guess_dc() with huge sizes.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 05:21:52 +01:00
Michael Niedermayer
ac2cb27916 mov: Fix FPE on 0 time_scale
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:32:16 +01:00
Michael Niedermayer
c0a99eae29 indeo4: check band->scan
Fixes null ptr exception

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:29:41 +01:00
Michael Niedermayer
f927c5b753 vorbisdemux: Check private context in theoras gtopts.
This prevents a null ptr dereference.
It could be checked differently but this way it should
be possible to return some data.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:29:33 +01:00
Paul B Mahol
ae2c33b0c2 cosmetics: remove superfluous curly brackets
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Paul B Mahol
0e465c1a81 huffyuv: remove long time disabled code
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Paul B Mahol
3a085c6a37 huffyuv: do not decode/encode yuv colorspace with odd width
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Michael Niedermayer
ba02069a8e aacdec: prevent channels from exceeding MAX_CHANNELS.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:08:58 +01:00
Michael Niedermayer
01fd1aa0ad matroskadec: fix strcmp(NULL)
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 01:27:49 +01:00
Michael Niedermayer
437f5daf0b mov: fix global unicode convertion array overflow.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 01:09:04 +01:00
Michael Niedermayer
0c97fd336e mmdemux: dont set pkt->size to an invalid value.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 00:50:49 +01:00
Michael Niedermayer
7c0748c2db eatqi: replace break by goto.
This fixes some heap overread.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 00:50:43 +01:00
Michael Niedermayer
5a4af049b1 aacdec: reset max_sfb on invalid data.
Fixes global out of array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:57:45 +01:00
Michael Niedermayer
3583c8706d vqavideodev: Check image dimensions
Fixes out of heap array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:43:37 +01:00
Michael Niedermayer
464cef4c14 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  xwma: Validate channels and bits_per_coded_sample.
  mov: Do not read past the end of the ctts_data table.
  mov: Add missing terminator to mov_ch_layout_map_1ch.
  asf: reset side data elements on packet copy.
  wmavoice: fix stack overread.
  wmalossless: error out if a subframe is not used by any channel.
  vqa: check palette chunk size before reading data.
  wmalossless: reset sample pointer for each subframe.
  wmalossless: error out on invalid values for order.

Conflicts:
	libavcodec/vqavideo.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:16:49 +01:00
Michael Niedermayer
9759d2b886 indeo4: check motion vetors.
Fixes out of heap array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:13:00 +01:00
Michael Niedermayer
afc0cc22e1 pngenc: make max_packet_size 64bit check check it.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:13:00 +01:00
Clément Bœsch
50a3867bab png: make ff_png_pass_mask local to pngdec. 2012-03-22 22:53:51 +01:00
Carl Eugen Hoyos
abdcb4918c Fix libgsm.c compilation after typo in 67b8c8. 2012-03-22 22:01:35 +01:00
Alex Converse
5023b89bba xwma: Validate channels and bits_per_coded_sample.
This prevents a SIGFPE later on.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 13:57:12 -07:00
Alex Converse
86f2ae06b9 mov: Do not read past the end of the ctts_data table.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 13:57:12 -07:00
Alex Converse
3e6e89b3d6 mov: Add missing terminator to mov_ch_layout_map_1ch.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: Libav-stable@libav.org
2012-03-22 13:56:44 -07:00
Michael Niedermayer
6716e6892b Merge remote-tracking branch 'qatar/master'
* qatar/master:
  FATE: Add ZeroCodec test
  oggparseogm: fix order of arguments of avpriv_set_pts_info().
  pngenc: better upper bound for encoded frame size.
  aiffdec: set block_duration to 1 for PCM codecs that are supported in AIFF-C
  aiffdec: factor out handling of integer PCM for AIFF-C and plain AIFF
  aiffdec: use av_get_audio_frame_duration() to set block_duration for AIFF-C
  aiffdec: do not set bit rate if block duration is unknown
  wmall: output packet only if we have decoded some samples

Conflicts:
	libavcodec/pngenc.c
	tests/fate/lossless-video.mak

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 20:59:58 +01:00
Paul B Mahol
b1a0d694ea dcaenc: switch to encode2()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 20:44:24 +01:00
Reimar Döffinger
ffa28da180 Support dropping audio dts/pts via -async -1.
Allows working around issue #605.
Note: as a side effect this fixes that -vsync drop
as far as I could tell would not drop pts/dts values
when duplicating frames or when flushing encoder delay.

Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
2012-03-22 20:36:16 +01:00
Ronald S. Bultje
e73c6aaabf asf: reset side data elements on packet copy.
Prevents crash (double free) when free()ing the original packet.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Ronald S. Bultje
262196445c wmavoice: fix stack overread.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Ronald S. Bultje
3c9267673e wmalossless: error out if a subframe is not used by any channel.
Prevents infinite loop because min_channel_len never increments.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Ronald S. Bultje
75d7975268 vqa: check palette chunk size before reading data.
Prevents overreads beyond buffer boundaries.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Ronald S. Bultje
d462949974 wmalossless: reset sample pointer for each subframe.
Prevents overwrites when some subframes only encode some channels.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Ronald S. Bultje
326f7a68bb wmalossless: error out on invalid values for order.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 12:17:14 -07:00
Derek Buitenhuis
e9c0b12c2e FATE: Add ZeroCodec test
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2012-03-22 19:52:56 +01:00
Michael Niedermayer
f0b4a505d8 oggparseogm: fix order of arguments of avpriv_set_pts_info().
Signed-off-by: Anton Khirnov <anton@khirnov.net>
2012-03-22 19:51:43 +01:00
Anton Khirnov
677df4d2ef pngenc: better upper bound for encoded frame size.
Fixes encoding very large pictures.

Thanks to Костя for providing the formula.
2012-03-22 19:50:35 +01:00
Michael Niedermayer
179a592094 libutvideoenc: switch to ff_alloc_packet2().
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:40:58 +01:00
Michael Niedermayer
532f1c7aa7 lavc: limit realloc() on encoding to the libav compatibility API.
Neither the old nor new need it.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:40:58 +01:00
Reimar Döffinger
0f95270afe VC1: Fix skiploopfilter=all.
It is currently only handled in the parser code for WMV/ASF style
header, but not the one used in the bytestream format used when
muxed into MPEG-TS as on e.g. BluRay.

Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
2012-03-22 19:41:09 +01:00
ami_stuff
f6b7863808 Replace SSE2 instruction in scalarproduct_float_sse() by SSE equivalent.
Fixes an AAC decoding issue with the sample from ticket #213 on machines
with SSE but without SSE2.
Based on 89411a by Reimar.
2012-03-22 19:28:52 +01:00
Michael Niedermayer
740b9ff44e lavc: Redesign the internal encoding API.
The new API allows (optionally and on by default) using a internal buffer to encode, avoiding
the need to allocate large buffers or risking failure on too small buffers.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:48 +01:00
Michael Niedermayer
dca0e4cd61 avcodec_encode_audio2: use ff_alloc_packet2()
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:23 +01:00
Michael Niedermayer
2bd303f95c zmbvenc: switch to ff_alloc_packet2().
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:23 +01:00
Michael Niedermayer
ae7f0d0a4f yuv4enc: switch to ff_alloc_packet2().
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:23 +01:00
Michael Niedermayer
7959eb0d12 y41penc: switch to ff_alloc_packet2().
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:22 +01:00
Michael Niedermayer
a3f36b09e7 xwdenc: switch to ff_alloc_packet2().
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 19:03:22 +01:00