Fixes: Assertion failure
Fixes: 19753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5688461843759104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In such a duplication the previous gets overwritten and leaks
Fixes: memleak
Fixes: 12510/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5694439226343424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The code relies on their validity and otherwise can try to access a NULL
object->rle pointer, causing segmentation faults.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Rects with positive w/h/linesize but no data are invalid.
Reviewed-by: Petri Hintukainen <phintuka@gmail.com>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Widen the values from limited to full range and use BT.709 where it
should be used according to the video resolution:
SD is BT.601, HD is BT.709
Default to BT.709 due to most observed HDMV content being HD.
Functionality used before didn't widen the values from limited to
full range. Additionally, now the decoder uses BT.709 where it
should be used according to the video resolution.
Default for not yet set colorimetry is BT.709 due to most observed
HDMV content being HD.
BT.709 coefficients were gathered from the first two parts of BT.709
to BT.2020 conversion guide in ARIB STD-B62 (Pt. 1, Chapter 6.2.2).
They were additionally confirmed by manually calculating values.
Fixes#4637
Copy pointers to AVPicture after memory has been allocated.
Fixes NULL pointers in AVPicture after a17a766190.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Use the new fields directly instead of the ones from AVPicture.
This removes a layer of indirection which serves no pratical purpose
whatsoever, and will help in removing AVPicture structure completely
later.
Every subtitle encoder/decoder seamlessly points to the new arrays,
so it is possible to deprecate AVSubtitleRect.pict.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Make sure the buffer size does not exceed the expected
RLE size.
Prevent an out of array bound write.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Bug-Id: CVE-2013-0852
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
* commit '253d0be6a1ecc343d29ff8e1df0ddf961ab9c772':
pgssubdec: handle more complex PGS scenarios
Conflicts:
libavcodec/pgssubdec.c
Some of this has been split out and commited in cleanly split patches immedeately
before this merge
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Add ability to handle multiple palettes and objects simultaneously.
Each simultaneous object is given its own AVSubtitleRect.
Note that there can be up to 64 currently valid objects, but only
2 at any one time can be "presented".
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Fixes: use of uninitialized memeory
Fixes: msan_uninit-mem_7fa421d0e222_1765_Girl_With_The_Dragon_Tattoo_2_23_56.mkv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit '1c5805521c3e406886341d752ebf38f8d41e1d13':
PGS subtitles: Set AVSubtitle pts value
configure: Refactor CPPFLAGS settings for glibc/uclibc
configure: add basic support for ARM AArch64
build: set -U__STRICT_ANSI__ for newlib
Conflicts:
configure
libavcodec/pgssubdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '9a07c1332cfe092b57b5758f22b686ca58806c60':
parser: Move Doxygen documentation to the header files
PGS subtitles: Expose forced flag
x86: PMINUB: port to cpuflags
Conflicts:
libavcodec/avcodec.h
libavcodec/pgssubdec.c
libavcodec/version.h
libavcodec/x86/ac3dsp.asm
Merged-by: Michael Niedermayer <michaelni@gmx.at>
