virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-03-28 12:32:17 +02:00
Code Issues Releases Activity
85,266 Commits 37 Branches 403 Tags
Commit Graph

85266 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
d2108de6b8 avcodec/fmvc: Check nb_blocks 
Fixes: out of array read
Fixes: 1508/clusterfuzz-testcase-minimized-5011336327069696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0158b405a71f386c7844a3d975315afd47f16b5d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:21 +02:00
Michael Niedermayer
d9b25b3923 avcodec/rscc: Check pixel_size for overflow 
Fixes: 1509/clusterfuzz-testcase-minimized-5129419876204544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 934572c5c3592732a30336afdf2df9926a8b4df2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:21 +02:00
Michael Niedermayer
0f928e5918 avcodec/dds: Fix runtime error: left shift of 210 by 24 places cannot be represented in type 'int' 
Fixes: 1510/clusterfuzz-testcase-minimized-5826231746428928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit afb4632cc30e83287338690c785ebac180436a59)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Michael Niedermayer
611ef6381b avcodec/pixlet: Fixes: runtime error: signed integer overflow: 9203954323419769657 + 29897660706736950 cannot be represented in type 'long' 
Fixes: 1569/clusterfuzz-testcase-minimized-6328690508038144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a453f5549a8c3f8307200b32d3b342f0b4af3153)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Michael Niedermayer
340690e8e6 avcodec/mpeg4videodec: Clear sprite wraping on unsupported cases in VOP decode 
Fixes: Integer overflow
Fixes: 1572/clusterfuzz-testcase-minimized-4578773729017856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 467677769a2222ff8beab3c4d7826df9b7cbc81b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Michael Niedermayer
0991208151 avcodec/ac3dec: Fix: runtime error: index -1 out of bounds for type 'INTFLOAT [2]' 
It seems dual mono with a LFE channel is not forbidden

Fixes: 1570/clusterfuzz-testcase-minimized-6455337349545984

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c55e637072b694a1db40e21948d218bfa2e744bb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Michael Niedermayer
b38c8fd291 avcodec/hqxdsp: Fix runtime error: signed integer overflow: -196264 * 11585 cannot be represented in type 'int' 
Fixes: 1568/clusterfuzz-testcase-minimized-5944868608147456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b923213276777f33d6366b1cb9d1845a8658f365)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Michael Niedermayer
bc6c12b7e7 avcodec/g723_1dec: Fix LCG type 
Fixes: 1567/clusterfuzz-testcase-minimized-5693653555085312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f2c539d3501111f10a2b4e9480ea54c0a3190680)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 17:56:20 +02:00
Matthieu Bouron
1d37fe95e8 lavc/mediacodec_wrapper: fix local reference leaks 
Reviewed-by: Clément Bœsch <u@pkh.me>
 2017-05-14 10:49:23 +02:00
Matthieu Bouron
79122e2671 lavc/ffjni: fix local reference leak 
Reviewed-by: Clément Bœsch <u@pkh.me>
 2017-05-14 10:49:11 +02:00
Matthieu Bouron
d8afd8d371 lavc/aarch64/simple_idct: fix iOS build without gas-preprocessor 
Separates macro arguments with commas and passes .4H/.8H as macro
arguments instead of 4H/8H (the later form being interpreted as an
hexadecimal value).

Fixes ticket #6324.

Suggested-by: Martin Storsjö <martin@martin.st>
 2017-05-14 10:49:06 +02:00
James Almer
7f79879a01 avcodec/aac_adtstoasc: fix ASC passthrough on small frames 
ASC frames smaller than AAC_ADTS_HEADER_SIZE were being discarded.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 0f05f2c7e67949ce77de3cf7013f7d4da1c3e046)
 2017-05-13 23:15:07 -03:00
James Almer
6a9017d3a5 avcodec/aacenc_ltp: fix use of uninitialized values 
Fixes some valgrind warnings.

Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 8cd8c8331730fbaac5066bfd66e15b39a85ce537)
 2017-05-13 23:15:05 -03:00
James Almer
d7b86cd308 avcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message 
The code was skipping the entire reported SEI message size regardless of
the amount of bits read.
While in theory safe for NALU where the picture timing SEI message is alone
or at the end as we're using the checked bitstream reader, it isn't in any
other situation, where every SEI message in the NALU after the picture
timing one would potentially fail to parse.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit f738140807f504c9af7850042067777832f05e88)

Conflicts:
	libavcodec/hevc_sei.c
 2017-05-13 23:09:05 -03:00
James Almer
8c33e2e11b avcodec/avpacket: allow only one element per type in packet side data 
It was never meant to do otherwise, as av_packet_get_side_data() returns the first
entry it finds of a given type.

Based on code from libavformat's av_stream_add_side_data().

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 28f60eeabbdc3d0550f45da813ba91a0354524c4)
 2017-05-13 22:15:40 -03:00
Michael Niedermayer
8fbd347508 Update for 3.3.1 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 02:38:30 +02:00
Michael Niedermayer
bbda126477 libswscale/tests/swscale: Fix uninitialized variables 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7796f290653349a4126f2d448d11bb4440b9f257)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 01:44:58 +02:00
Michael Niedermayer
236912f789 avcodec/ffv1dec: Fix runtime error: signed integer overflow: 1550964438 + 1550964438 cannot be represented in type 'int' 
Fixes: 1559/clusterfuzz-testcase-minimized-5048096079740928
Fixes: 1560/clusterfuzz-testcase-minimized-6011037813833728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8630b2cd36c57918acfe18302fe77d1ceefbd676)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
9fb677dd82 avcodec/webp: Fix signedness in prefix_code check 
Fixes: out of array read
Fixes: 1557/clusterfuzz-testcase-minimized-6535013757616128

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8c5cd1c9d33b4b287f85d42efb1aecfaee31de6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
3ed0d94b82 avcodec/svq3: Fix runtime error: signed integer overflow: 169 * 12717677 cannot be represented in type 'int' 
Fixes: 1556/clusterfuzz-testcase-minimized-5027865978470400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 86b1b0d33dd7459f0d9c352c51ee2e374fd6f7fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
6f8dab7a7b avcodec/mlpdec: Check that there is enough data for headers 
Fixes: out of array access
Fixes: 1541/clusterfuzz-testcase-minimized-6403410590957568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e3e51f8c14d22ae11684dcfe58df355f0f9e6401)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
47da68fc8e avcodec/ac3dec: Keep track of band structure 
It is needed in some corner cases that seem not to be forbidden
Fixes: out of array index
Fixes: 1538/clusterfuzz-testcase-minimized-4696904925446144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9351a156de724edb69ba6e1f05884fe806a13a21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
479bb1cacd avcodec/webp: Add missing input padding 
Fixes: 1536/clusterfuzz-testcase-minimized-5973925404082176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a3508cc3fe643a8adad6a82a60bece3ea3c5dc63)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
b0f3f56bbc avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1 
Fixes: 1535/clusterfuzz-testcase-minimized-5826695535788032

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 26227d91865ddfbfe35c9ff84853cc469e1c7daf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
128b42f4d1 avcodec/aacsbr_template: Do not change bs_num_env before its checked 
Fixes: 1489/clusterfuzz-testcase-minimized-5075102901207040
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 87b08ee6d2a3b0880f0a267c5d51dc7f415e81d7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
d1dd90ae54 avcodec/scpr: Fix multiple runtime error: index 256 out of bounds for type 'unsigned int [256]' 
Fixes: 1519/clusterfuzz-testcase-minimized-5286680976162816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2171dfae8c065878a2e130390eb78cf2947a5b69)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
00a9eaff97 avcodec/mlp: Fix multiple runtime error: left shift of negative value -1 
Fixes: 1512/clusterfuzz-testcase-minimized-4713846423945216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 74dc728a2c2cc353da20cdc09b8cdfbbe14b7be8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
906f1f66a8 avcodec/xpmdec: Fix multiple pointer/memory issues 
Most of these were found through code review in response to
fixing 1466/clusterfuzz-testcase-minimized-5961584419536896
There is thus no testcase for most of this.
The initial issue was Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cb243972b121b1ae6b60a78ff55a0506c69f3879)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
f0ee408624 avcodec/vp8dsp: vp7_luma_dc_wht_c: Fix multiple runtime error: signed integer overflow: -1366381240 + -1262413604 cannot be represented in type 'int' 
Fixes: 1440/clusterfuzz-testcase-minimized-5785716111966208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ccce2248bf56692fc7bd436ca2c9acca772d486a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
5121f31cac avcodec/avcodec: Limit the number of side data elements per packet 
Fixes: 1293/clusterfuzz-testcase-minimized-6054752074858496

See: [FFmpeg-devel] [PATCH] avcodec/avcodec: Limit the number of side data elements per packet

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d5711cb89121268e8d78ebe8563a68e67a236cbb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
3526d25017 avcodec/texturedsp: Fix runtime error: left shift of 255 by 24 places cannot be represented in type 'int' 
Fixes: 1505/clusterfuzz-testcase-minimized-4561688818876416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f225003d17364cd38fd28f268ae2b29abd8e5024)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
34ae610115 avcodec/g723_1dec: Fix runtime error: left shift of negative value -1 
Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4c0245686bc2fcc545644101c7b328fed71f268)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
ee92ea8903 avcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -17047030 cannot be represented in type 'int' 
Fixes: 1503/clusterfuzz-testcase-minimized-5369271855087616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit df640dbbc949d0f4deefaf43e86b8bd50ae997cc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
256b9442df avcodec/diracdec: Fix Assertion frame->buf[0] failed at libavcodec/decode.c:610 
Fixes: 1487/clusterfuzz-testcase-minimized-6288036495097856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6899e6e56065d9365963e02690dc9e2ce7866050)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
971fe06074 avcodec/msmpeg4dec: Check for cbpy VLC errors 
Fixes: runtime error: left shift of negative value -1
Fixes: 1480/clusterfuzz-testcase-minimized-5188321007370240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 15e892aad12b23e9b5686cf66ca6fa739c734ead)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:50 +02:00
Michael Niedermayer
5d0e4c877f avcodec/cllc: Check num_bits 
Fixes: runtime error: shift exponent -2 is negative
Fixes: 1479/clusterfuzz-testcase-minimized-6638493360979968

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2bfd0a97587d26c0c39413a6291ccc66e4a928d0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
383fdec3b2 avcodec/cllc: Factor VLC_BITS/DEPTH out, do not use repeated literal numbers 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e717fa1f0a66825fb10fec7debad768f311ee240)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
79f6a1b96e avcodec/scpr: Check y in first line loop in decompress_i() 
Fixes: out of array access
Fixes: 1478/clusterfuzz-testcase-minimized-5285486908145664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7ac5067146613997bb38442cb022d7f41321a706)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
9b754ccc53 avcodec/dvbsubdec: Check entry_id 
Fixes: randomly writing over the array end
Fixes: 1473/clusterfuzz-testcase-minimized-5768907824562176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a69f2602fea04b7ebae2db16f2581e8ff5ee0cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
363b46cdbf avcodec/aacdec_fixed: Fix multiple shift exponent 33 is too large for 32-bit type 'int' 
Fixes: 1471/clusterfuzz-testcase-minimized-6376460543590400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3a0ff78168f80f5b2c5c5544325aca4023bc67a4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
35f293fe89 avcodec/mpeg12dec: Fixes runtime error: division by zero 
Fixes: 1464/clusterfuzz-testcase-minimized-4925445571084288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c0ece1f4addf8ac31df95775a2d36be2a55fc759)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
4a974cb595 avcodec/pixlet: Fix runtime error: signed integer overflow: 436207616 * -5160230545260541 cannot be represented in type 'long' 
Fixes: 1462/clusterfuzz-testcase-minimized-6558894463647744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 60765cc42e3eb4a1193ef352a89946113a6e5802)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
924a2dd57a avcodec/webp: Always set pix_fmt 
Fixes: out of array access
Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632
Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6b5d3fb26fb4be48e4966e4b1d97c2165538d4ef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
e9c3c8df45 avfilter/vf_uspp: Fix currently unused input frame dimensions 
Found-by: Nicolas
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 942036e97c8b149ce2f3ec6e7cbc990df8713d0c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
e6997adee9 avcodec/truemotion1: Fix multiple runtime error: left shift of negative value -1 
Fixes: 1446/clusterfuzz-testcase-minimized-5577409124368384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit db5fae32294763677caa4c1417dcba704c7e764e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
3af036360d avcodec/eatqi: Fix runtime error: signed integer overflow: 4466147 * 1075 cannot be represented in type 'int' 
Fixes: 1443/clusterfuzz-testcase-minimized-4826998612426752

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a8de60ba2740185c53cabbee6c00ed67a0d530e2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
3459fd598e avcodec/dss_sp: Fix runtime error: signed integer overflow: 2147481189 + 4096 cannot be represented in type 'int' 
Fixes: 1441/clusterfuzz-testcase-minimized-6223152357048320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ea428789371fa0601e9ebb5b7f2216d4e73e831)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
李赞
f58b45f0ac avformat/wavdec: Check chunk_size 
Fixes integer overflow and out of array access

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d232196372f309a75ed074c4cef30578eec1782)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
5d2ddaa139 avcodec/cavs: Check updated MV 
Fixes: runtime error: signed integer overflow: 251 + 2147483647 cannot be represented in type 'int'
Fixes: 1438/clusterfuzz-testcase-minimized-4917542646710272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5871adc90f8c1037535563e33ebeaf032bb4d5d6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00
Michael Niedermayer
f66eaded01 avcodec/y41pdec: Fix width in input buffer size check 
Fixes: out of array read
Fixes: 1437/clusterfuzz-testcase-minimized-4569970002362368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d8d3729475c7dce52d8fb9ffb280fd2ea62e1a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-05-14 00:21:49 +02:00